24 Mar 2004 17:29:15 UTC
- Distribution: CGI-Untaint-html
- Module version: 1.0
- Source (raw)
- Browse (raw)
- How to Contribute
- Testers (0 / 0 / 0)
- KwaliteeBus factor: 0
- % Coverage
- License: unknown
- Activity24 month
- Download (2.52KB)
- MetaCPAN Explorer
- Subscribe to distribution
- This version
- Latest versionSIMON Simon Cozens
CGI::Untaint::html - validate sanitized HTML
use CGI::Untaint; my $handler = CGI::Untaint->new($q->Vars); my $time = $handler->extract(-as_html => 'description');
Web forms which take HTML from the user for later display on site open themselves up to the potential of cross-site scripting attacks, messy sites due to unclosed tags, or merely big images of Barney the Purple Dinosaur.
HTML::Sanitizer helps eliminate this by tidying up the HTML, and this module is a wrapper around
CGI::Untaint. When you extract
as_html, you can be sure that the HTML isn't going to play havoc with your site.
It does this by using a fairly standard set of configuration parameters to
HTML::Sanitizer- the "stricter" set of rules given in the examples documentation to that module.
If you want to create your own ruleset, replace
HTML::Sanitizerobject that meets your needs.
This module may be distributed under the same terms as Perl itself.
Module Install Instructions
To install CGI::Untaint::html, copy and paste the appropriate command in to your terminal.
perl -MCPAN -e shell install CGI::Untaint::html
For more information on module installation, please visit the detailed CPAN module installation guide.