This class contains methods to sanitize url and string, filtering html tags and attributes present in the string.
See theHTMLSanitizer for the one and only one instance of this class
This method clone a DOM node, removing all invalid childs and attributes
Name | Type | Description |
---|---|---|
htmlElement | HTMLElement | The node to clone |
This method verify that a string describe a css color. A valid css color must start with a hash followed by 6 hex numbers
Name | Type | Description |
---|---|---|
colorString | String | The string to test |
This method transform a string containing html and svg tags into html and svg elements and copy these elements as child nodes of the targetNode. Only tags and attributes present in the HTMLSanitizerData.#validityMap variable are copied in the targetNode. Url in the href and src attributes must be valid url (see sanitizeToUrl method)
Name | Type | Description |
---|---|---|
htmlString | String | The string to transform |
targetNode | HTMLElement | The node in witch the created elements are placed |
This method transform a string containing html and svg tags. Tags and attributes not present in the HTMLSanitizerData.#validityMap variable are removed. Invalid Url in the href and src attributes are also removed (see sanitizeToUrl method)
Name | Type | Description |
---|---|---|
htmlString | String | The string to transform |
Remove all html tags from a string and replace htmlEntities and < > ' " and nbsp chars with others similar unicode chars
Name | Type | Description |
---|---|---|
stringToSanitize | String | The string to transform |
This method verify that a string contains a valid url.
A valid url must not contains html tags or html entities or invalid characters and must start with a valid protocol.
Valid protocols are http: and https:. For href attributes mailto:, sms: and tel: are also valid and for src attributes, data: is also valid.
sms: and tel: url's must start with a + and contains only digits, *, # or space
Name | Type | Description |
---|---|---|
urlString | String | The url to validate |
attributeName | String | The attribute name in witch the url will be placed. must be 'src' or null (in this case 'href' is used as default) |
An instance of the HTMLSanitizerData
The results of the #stringify method
The errors detected by the #stringify method
Replace < >' " and nbsp chars with htmlEntities
Name | Type | Description |
---|---|---|
htmlString | String | The string to transform |
Helper method for the #stringify method. Add the removed attributes to the error string
Name | Type | Description |
---|---|---|
currentNode | HTMLElement | The HTML node for witch the attributes are stringified. |
Helper function for the #cloneNode method. Clone a HTML node
Name | Type | Description |
---|---|---|
currentNode | HTMLElement | The html node to clone |
nodeName | String | The name of the currentNode |
Deep clone the contains of an HTML node into another node. Only valid tags, valid attributes, valid url's and valid texts are cloned
Name | Type | Description |
---|---|---|
clonedNode | HTMLElement | The node to clone |
newNode | HTMLElement | The destination node |
Helper function for the #cloneNode method. Clone a svg node
Name | Type | Description |
---|---|---|
currentNode | SVGElement | The svg node to clone |
nodeName | String | The name of the currentNode |
Transform a node and it's descendants into a string, removing all the invalid tags, invalid atrributes, invalid texts and invalid url's
Name | Type | Description |
---|---|---|
sourceNode | HTMLElement | The node to stringify |
Helper method for the #stringify method. Validate and stringify the attributes of a HTML node
Name | Type | Description |
---|---|---|
currentNode | HTMLElement | The HTML node for witch the attributes are stringified. |
nodeName | String | The name of the currentNode |
Helper method for the #stringify method. Validate and stringify the attributes of a svg node
Name | Type | Description |
---|---|---|
currentNode | SVGElement | The svg node for witch the attributes are stringified. |
nodeName | String | The name of the currentNode |