Sanitizing HTML with Enlive

enlive — cgrand, 22 April 2009 @ 11 h 35 min
net.cgrand.enlive-html=> (sniptest "<div id=user-data>" 
  [:#user-data] (html-content "code injection<script>alert('boo')</script>") 
  [:#user-data (but #{:p :br :a :strong :em})] nil)
"<html><body><div id=\"user-data\">code injection</div></body></html>"

You also need to remove most attributes but it’s just a demo of something that was impossible with the old Enlive.

By the way, the old Enlive is no more. Long live the new Enlive!

5 Comments »

  1. hearings in federal court, pending a decision. Mr. Meadows has since

    Comment by Optimum — 2 October 2023 @ 15 h 30 min
  2. On Monday, Ms. Willis’s office opposed Mr. Meadows’s appeal in a

    Comment by Optimum — 2 October 2023 @ 15 h 38 min
  3. elections constituted “federal meddling” not protected by the

    Comment by Optimum — 2 October 2023 @ 15 h 50 min
  4. Federal officer removal … is designed to protect federal authority,

    Comment by Optimum — 2 October 2023 @ 15 h 51 min
  5. u9tb5ji 4gn t5grfn j5t4rn j5t3r jn6 t4gjne t4gjne fnj5yhtrgft
    efvut4rfb bh4tgrbjh y6 t4gjnrf bhh5tg4efj bt4g rjnf jnjn y5 t4grfe5
    ygfbht4g fjrfe bt4grfne jtg5jnef jn t4grfjnt4ngejn frjrgf

    Comment by ZINNY — 24 January 2024 @ 15 h 10 min

RSS feed for comments on this post. TrackBack URI

Leave a comment

(c) 2024 Clojure and me | powered by WordPress with Barecity