README at 84fc6dcb078aa94b4942c2f2e570bcdf87176d65 from hassox's whistler

hassox / whistler

Description:	A Markup White Lister edit
Homepage:	edit
Public Clone URL:	git://github.com/hassox/whistler.git Give this clone URL to anyone. `git clone git://github.com/hassox/whistler.git`
Your Clone URL:	git@github.com:hassox/whistler.git Use this clone URL yourself. `git clone git@github.com:hassox/whistler.git`

Changes dependencies to remove merb.  This should work with any markup 
from anywhere.

hassox (author)

Fri Mar 21 23:34:05 -0700 2008

commit 84fc6dcb078aa94b4942c2f2e570bcdf87176d65
tree 704d72abdb7085a7ac256b2541f9638437d3f204
parent 23b575740ef007cc48883b5c4e9f427156a46f9a

whistler / README

100644 27 lines (16 sloc) 0.921 kb

raw blame history

Whistler 
==============
 
Whistler is a white listing markup filter based on the specifications of the rails plugin by Rick Olson, aka technoweenie.
http://techno-weenie.net/
Whistler relies on the Hpricot library http://code.whytheluckystiff.net/hpricot
 
This is very alpha at the moment.  Please help make it great.
 
Whistler strips, and or sanitizes arbitrary XML/HTML style markup of any tags not explicitly
included in the white list.  It doesn't try to play catch-up with possible exploites such as black-listing systems do.
 
Usage is very simple.
 
=== Example
# Applies the normal white list defaults
 
Whistler.white_list( dodgy_markup ) 
 
 
# Adds custom tags to allow
Whistler.white_list(dodgy_markup, :add_tags => %w(news_tag my_tag other_tag))
 
If Whistler is unable to read tags as "tags" it will instead sanitize potential XSS attempts in the text.
Normal, non-malicious text should still appear correctly.