#html #tags #sanitizer #name #attributes #ignore #tag-parser

bin+lib html_sanitizer

A customizable HTML sanitizer

2 releases

Uses old Rust 2015

0.1.1 Aug 27, 2018
0.1.0 Aug 27, 2018

#11 in #sanitizer

35 downloads per month

MIT license

12KB
170 lines

This crate is a simple HTML sanitizer, build on top of html5ever

With this crate, you can determine for every HTML tag what you want to sanitize. This is done by the Tag struct that gets passed for every HTML tag.

use std::fs::File;
use html_sanitizer::TagParser;

fn main() {
    let mut file = File::open("your_html_document.html").unwrap();
    let mut tag_parser = TagParser::new(&mut file);
    let result = tag_parser.walk(|tag| {
        if tag.name == "html" || tag.name == "body" {
            // ignore <html> and <body> tags, but still parse their children
            tag.ignore_self();
        } else if tag.name == "head" || tag.name == "script" || tag.name == "style" {
            // Ignore <head>, <script> and <style> tags, and all their children
            tag.ignore_self_and_contents();
        } else if tag.name == "a" {
            // Allow specific attributes
            tag.allow_attribute(String::from("href"));
        } else if tag.name == "img" {
            // Completely rewrite tags and their children
            tag.rewrite_as(String::from("<b>Images not allowed</b>"));
        } else {
            // Allow specific attributes
            tag.allow_attribute(String::from("style"));
        }
    });
    // result contains a string of your sanitized HTML
}

Dependencies

~1.1–2MB
~43K SLoC