HTML::StripScripts::Parser.3pm

Langue: en

Autres versions - même langue

Version: 2007-12-01 (ubuntu - 07/07/09)

Section: 3 (Bibliothèques de fonctions)

Sommaire

NAME

HTML::StripScripts::Parser - XSS filter using HTML::Parser

SYNOPSIS

   use HTML::StripScripts::Parser();
 
   my $hss = HTML::StripScripts::Parser->new(
 
        {
            Context => 'Document',       ## HTML::StripScripts configuration
            Rules   => { ... },
        },
 
        strict_comment => 1,             ## HTML::Parser options
        strict_names   => 1,
 
   );
 
   $hss->parse_file("foo.html");
 
   print $hss->filtered_document;
 
   OR
 
   print $hss->filter_html($html);

DESCRIPTION

This class provides an easy interface to "HTML::StripScripts", using "HTML::Parser" to parse the HTML.

See HTML::Parser for details of how to customise how the raw HTML is parsed into tags, and HTML::StripScripts for details of how to customise the way those tags are filtered.

CONSTRUCTORS

new ( {CONFIG}, [PARSER_OPTIONS] )
Creates a new "HTML::StripScripts::Parser" object.

The CONFIG parameter has the same semantics as the CONFIG parameter to the "HTML::StripScripts" constructor.

Any PARSER_OPTIONS supplied will be passed on to the HTML::Parser init method, allowing you to influence the way the input is parsed.

You cannot use PARSER_OPTIONS to set the "HTML::Parser" event handlers (see ``Events'' in HTML::Parser) since "HTML::StripScripts::Parser" uses all of the event hooks itself. However, you can use "Rules" (see ``Rules'' in HTML::StripScripts) to customise the handling of all tags and attributes.

METHODS

See HTML::Parser for input methods, HTML::StripScripts for output methods.

filter_html()

"filter_html()" is a convenience method for filtering HTML already loaded into a scalar variable. It combines calls to "HTML::Parser::parse()", "HTML::Parser::eof()" and "HTML::StripScripts::filtered_document()". 
     $filtered_html = $hss->filter_html($html);

SUBCLASSING

The "HTML::StripScripts::Parser" class is subclassable. Filter objects are plain hashes. The hss_init() method takes the same arguments as new(), and calls the initialization methods of both "HTML::StripScripts" and "HTML::Parser".

See ``SUBCLASSING'' in HTML::StripScripts and ``SUBCLASSING'' in HTML::Parser.

SEE ALSO

HTML::StripScripts, HTML::Parser, HTML::StripScripts::LibXML

BUGS

None reported.

Please report any bugs or feature requests to bug-html-stripscripts-parser@rt.cpan.org, or through the web interface at <http://rt.cpan.org>.

AUTHOR

Original author Nick Cleaton <nick@cleaton.net>

New code added and module maintained by Clinton Gormley <clint@traveljury.com>

Copyright (C) 2003 Nick Cleaton. All Rights Reserved.

Copyright (C) 2007 Clinton Gormley. All Rights Reserved.

LICENSE

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.