Module: Asciidoctor::SafeMode

Defined in:

lib/asciidoctor.rb

Constant Summary

UNSAFE =

A safe mode level that disables any of the security features enforced by Asciidoctor (Ruby is still subject to its own restrictions).

0

SAFE =

A safe mode level that closely parallels safe mode in AsciiDoc. This value prevents access to files which reside outside of the parent directory of the source file and disables any macro other than the include::[] directive.

1

SERVER =

A safe mode level that disallows the document from setting attributes that would affect the conversion of the document, in addition to all the security features of SafeMode::SAFE. For instance, this level forbids changing the backend or source-highlighter using an attribute defined in the source document header. This is the most fundamental level of security for server deployments (hence the name).

10

SECURE =

A safe mode level that disallows the document from attempting to read files from the file system and including the contents of them into the document, in additional to all the security features of SafeMode::SERVER. For instance, this level disallows use of the include::[] directive and the embedding of binary content (data uri), stylesheets and JavaScripts referenced by the document. (Asciidoctor and trusted extensions may still be allowed to embed trusted content into the document).

Since Asciidoctor is aiming for wide adoption, this level is the default and is recommended for server deployments.

20

Class Method Summary

• .name_for_value(value) ⇒ Object
• .names ⇒ Object
• .value_for_name(name) ⇒ Object

Class Method Details

.name_for_value(value) ⇒ Object

# File 'lib/asciidoctor.rb', line 97

def self.name_for_value value
  @names_by_value[value]
end

.names ⇒ Object

# File 'lib/asciidoctor.rb', line 101

def self.names
  @names_by_value.values
end

.value_for_name(name) ⇒ Object

# File 'lib/asciidoctor.rb', line 93

def self.value_for_name name
  const_get name.upcase, false rescue nil
end