Class: Html2rss::AttributePostProcessors::SanitizeHtml

Inherits:
Object
  • Object
show all
Defined in:
lib/html2rss/attribute_post_processors/sanitize_html.rb

Overview

Returns sanitized HTML code as String.

It adds:

  • ‘rel=“nofollow noopener noreferrer”` to <a> tags

  • ‘referrer-policy=’no-referrer’‘ to <img> tags

It also:

  • wraps all <img> tags, whose direct parent is not an <a>, into an <a> linking to the <img>‘s `src`.

Imagine this HTML structure:

<section>
  Lorem <b>ipsum</b> dolor...
  <iframe src="https://evil.corp/miner"></iframe>
  <script>alert();</script>
</section>

YAML usage example:

selectors:
  description:
    selector: '.section'
    extractor: html
    post_process:
      name: sanitize_html

Would return:

'<p>Lorem <b>ipsum</b> dolor ...</p>'

Instance Method Summary collapse

Constructor Details

#initialize(value, env) ⇒ SanitizeHtml

Returns a new instance of SanitizeHtml.



41
42
43
44
# File 'lib/html2rss/attribute_post_processors/sanitize_html.rb', line 41

def initialize(value, env)
  @value = value
  @channel_url = env[:config].url
end

Instance Method Details

#getString

Returns:

  • (String)


52
53
54
# File 'lib/html2rss/attribute_post_processors/sanitize_html.rb', line 52

def get
  Sanitize.fragment(@value, sanitize_config).to_s.split.join(' ')
end