Clojure and me » Sanitizing HTML with Enlive

»When the pupil is ready to learn, a teacher will appear.

Sanitizing HTML with Enlive

enlive — cgrand, 22 April 2009 @ 11 h 35 min

net.cgrand.enlive-html=> (sniptest "&lt;div id=user-data>" 
  [:#user-data] (html-content "code injection&lt;script>alert('boo')&lt;/script>") 
  [:#user-data (but #{:p :br :a :strong :em})] nil)
"&lt;html>&lt;body>&lt;div id=\"user-data\">code injection&lt;/div>&lt;/body>&lt;/html>"

You also need to remove most attributes but it’s just a demo of something that was impossible with the old Enlive.

By the way, the old Enlive is no more. Long live the new Enlive!

Comments (6)

6 Comments »

hearings in federal court, pending a decision. Mr. Meadows has since

Comment by Optimum — 2 October 2023 @ 15 h 30 min
On Monday, Ms. Willis’s office opposed Mr. Meadows’s appeal in a

Comment by Optimum — 2 October 2023 @ 15 h 38 min
elections constituted “federal meddling” not protected by the

Comment by Optimum — 2 October 2023 @ 15 h 50 min
Federal officer removal … is designed to protect federal authority,

Comment by Optimum — 2 October 2023 @ 15 h 51 min
u9tb5ji 4gn t5grfn j5t4rn j5t3r jn6 t4gjne t4gjne fnj5yhtrgft
efvut4rfb bh4tgrbjh y6 t4gjnrf bhh5tg4efj bt4g rjnf jnjn y5 t4grfe5
ygfbht4g fjrfe bt4grfne jtg5jnef jn t4grfjnt4ngejn frjrgf

Comment by ZINNY — 24 January 2024 @ 15 h 10 min
I’m always impressed by your articles. Keep writing!

Comment by Khalid Negm — 3 June 2024 @ 16 h 41 min

RSS feed for comments on this post. TrackBack URI

Sanitizing HTML with Enlive

6 Comments »

Leave a comment