type

UrlSanitizer

src @Js
const mixin UrlSanitizer

Sanitizes uris for img and a elements by whitelisting protocols. This is intended to prevent XSS payloads like

[Click this totally safe url](javascript:document.xss=true;)

Implementation based on https://github.com/OWASP/java-html-sanitizer/blob/f07e44b034a45d94d6fd010279073c38b6933072/src/main/java/org/owasp/html/FilterUrlByProtocolAttributePolicy.java

methods

sanitizeImage

Sanitize a url for use in the src attribute of a Image
sanitizeLink

Sanitize a url for use in the href attribute of a Link

Slot Details

sanitizeImage

src virtual Str sanitizeImage(Str url)

Sanitize a url for use in the src attribute of a Image

src abstract Str sanitizeLink(Str url)

Sanitize a url for use in the href attribute of a Link

Haxall 3.1.11 ∙ 10-Dec-2024 14:28 EST