hassox / whistler

A Markup White Lister

This URL has Read+Write access

Changes dependencies to remove merb.  This should work with any markup 
from anywhere.
hassox (author)
Fri Mar 21 23:34:05 -0700 2008
commit  84fc6dcb078aa94b4942c2f2e570bcdf87176d65
tree    704d72abdb7085a7ac256b2541f9638437d3f204
parent  23b575740ef007cc48883b5c4e9f427156a46f9a
name age
history
message
file LICENSE Wed Mar 19 03:47:52 -0700 2008 Initial commit [hassox]
file README Wed Mar 19 06:12:24 -0700 2008 Updates the README [hassox]
file Rakefile Fri Mar 21 23:34:05 -0700 2008 Changes dependencies to remove merb. This shou... [hassox]
file TODO Wed Mar 19 03:47:52 -0700 2008 Initial commit [hassox]
directory lib/ Wed Mar 19 06:07:56 -0700 2008 Inital push to github. Works for basic specs. ... [hassox]
directory spec/ Wed Mar 19 06:07:56 -0700 2008 Inital push to github. Works for basic specs. ... [hassox]
README
Whistler 
==============

Whistler is a white listing markup filter based on the specifications of the rails plugin by Rick Olson, aka 
technoweenie.
http://techno-weenie.net/
Whistler relies on the Hpricot library http://code.whytheluckystiff.net/hpricot

This is very alpha at the moment.  Please help make it great.
 
Whistler strips, and or sanitizes arbitrary XML/HTML style markup of any tags not explicitly
included in the white list.  It doesn't try to play catch-up with possible exploites such as black-listing systems do.

Usage is very simple.

=== Example
# Applies the normal white list defaults

Whistler.white_list( dodgy_markup ) 


# Adds custom tags to allow
Whistler.white_list(dodgy_markup, :add_tags => %w(news_tag my_tag other_tag))

If Whistler is unable to read tags as "tags" it will instead sanitize potential XSS attempts in the text.
Normal, non-malicious text should still appear correctly.