Class: Html2rss::AttributePostProcessors::SanitizeHtml

Inherits:

Object

• Object
• Html2rss::AttributePostProcessors::SanitizeHtml

Defined in:

lib/html2rss/attribute_post_processors/sanitize_html.rb

Overview

Returns sanitized HTML code as String.

Imagine this HTML structure:

<section>
  Lorem <b>ipsum</b> dolor...
  <iframe src="https://evil.corp/miner"></iframe>
  <script>alert();</script>
</section>

YAML usage example:

selectors:
  description:
    selector: section
    extractor: html
    post_process:
      name: sanitize_html

Would return:

'<p>Lorem <b>ipsum</b> dolor ...</p>'

Instance Method Summary

• #get ⇒ String

  • uses the sanitize gem - uses the config Sanitize::Config::RELAXED - adds rel=“nofollow noopener noreferrer” to a elements - adds target=“_blank” to a elements.

• #initialize(value, _options, _item) ⇒ SanitizeHtml constructor

  A new instance of SanitizeHtml.

Constructor Details

#initialize(value, _options, _item) ⇒ SanitizeHtml

Returns a new instance of SanitizeHtml

# File 'lib/html2rss/attribute_post_processors/sanitize_html.rb', line 28

def initialize(value, _options, _item)
  @value = value
end

Instance Method Details

#get ⇒ String

• uses the sanitize gem

• uses the config Sanitize::Config::RELAXED

• adds rel=“nofollow noopener noreferrer” to a elements

• adds target=“_blank” to a elements

Returns:

• (String)

# File 'lib/html2rss/attribute_post_processors/sanitize_html.rb', line 38

def get
  Sanitize.fragment(@value, Sanitize::Config.merge(
                              Sanitize::Config::RELAXED,
                              add_attributes: {
                                'a' => {
                                  'rel' => 'nofollow noopener noreferrer',
                                  'target' => '_blank'
                                }
                              }
                            )).to_s.split.join(' ')
end