-
Notifications
You must be signed in to change notification settings - Fork 435
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhancement: Add PCRE pre-processor of inbound HTML code. #11
Comments
This is a pretty good solution that, I think, would work by hooking a regex search (like you're talking about) in Will look into it. |
Just a really rough cut off the top of my head to kill off Javascript... Here's two RE's that may help. Granted I didn't test them first. Catching Events: Catching Scripts: |
fixed/superseded by the script-blocking patch in b634ef8 |
Apparently on iPad where a hardware keyboard is used, these values will both be the same so this is a way to detect if there is a software keyboard up or not. http://stackoverflow.com/a/16765270 Needs a test with a bluetooth keyboard, which I do not have. Ref #11
Noticed in your comments that Javascript couldn't be disabled and that location tagging couldn't be disabled either. Perhaps a viable option would be to include PCRE into the mix (currently used in Safari, and may even be able to be used in the API) If you could run the inbound buffer through a series of Perl Regular Expressions to filter out things like script tags and such forth.
The text was updated successfully, but these errors were encountered: