Class: Html2rss::AttributePostProcessors::SanitizeHtml
- Inherits:
-
Object
- Object
- Html2rss::AttributePostProcessors::SanitizeHtml
- Defined in:
- lib/html2rss/attribute_post_processors/sanitize_html.rb
Overview
Returns sanitized HTML code as String.
It adds:
-
‘rel=“nofollow noopener noreferrer”` to <a> tags
-
‘referrer-policy=’no-referrer’‘ to <img> tags
It also:
-
wraps all <img> tags, whose direct parent is not an <a>, into an <a> linking to the <img>‘s `src`.
Imagine this HTML structure:
<section>
Lorem <b>ipsum</b> dolor...
<iframe src="https://evil.corp/miner"></iframe>
<script>alert();</script>
</section>
YAML usage example:
selectors:
description:
selector: '.section'
extractor: html
post_process:
name: sanitize_html
Would return:
'<p>Lorem <b>ipsum</b> dolor ...</p>'
Instance Method Summary collapse
-
#get ⇒ String
-
uses the sanitize gem - uses the config Sanitize::Config::RELAXED - adds rel=“nofollow noopener noreferrer” to a elements - adds target=“_blank” to a elements.
-
-
#initialize(value, env) ⇒ SanitizeHtml
constructor
A new instance of SanitizeHtml.
Constructor Details
#initialize(value, env) ⇒ SanitizeHtml
Returns a new instance of SanitizeHtml.
41 42 43 44 |
# File 'lib/html2rss/attribute_post_processors/sanitize_html.rb', line 41 def initialize(value, env) @value = value @channel_url = env[:config].url end |
Instance Method Details
#get ⇒ String
-
uses the sanitize gem
-
uses the config Sanitize::Config::RELAXED
-
adds rel=“nofollow noopener noreferrer” to a elements
-
adds target=“_blank” to a elements
52 53 54 |
# File 'lib/html2rss/attribute_post_processors/sanitize_html.rb', line 52 def get Sanitize.fragment(@value, sanitize_config).to_s.split.join(' ') end |