class Bergamasco::WhitelistScrubber

Public Class Methods

new(options={}) click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 5
def initialize(options={})
  @direction = :bottom_up
  @tags = options[:tags]
  @attributes = options[:attributes]
end

Public Instance Methods

scrub(node) click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 11
def scrub(node)
  scrub_node_attributes(node) and return CONTINUE if node_allowed?(node)
  node.before node.children
  node.remove
end

Private Instance Methods

allowed_not_element_node_types() click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 26
def allowed_not_element_node_types
  [ Nokogiri::XML::Node::TEXT_NODE, Nokogiri::XML::Node::CDATA_SECTION_NODE ]
end
fallback_allowed_element_detection(node) click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 34
def fallback_allowed_element_detection(node)
  Loofah::HTML5::Scrub.allowed_element?(node.name)
end
fallback_scrub_node_attributes(node) click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 30
def fallback_scrub_node_attributes(node)
  Loofah::HTML5::Scrub.scrub_attributes(node)
end
node_allowed?(node) click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 38
def node_allowed?(node)
  return fallback_allowed_element_detection(node) unless @tags.present? && @tags.respond_to?(:include?)
  return true if allowed_not_element_node_types.include?(node.type)
  return false unless node.type == Nokogiri::XML::Node::ELEMENT_NODE
  @tags.include? node.name
end
scrub_node_attributes(node) click to toggle source
# File lib/bergamasco/whitelist_scrubber.rb, line 19
def scrub_node_attributes(node)
  fallback_scrub_node_attributes(node) and return true unless @attributes.present? && @attributes.respond_to?(:include?)
  node.attribute_nodes.each do |attr_node|
    attr_node.remove unless @attributes.include?(attr_node.name)
  end
end