I'd like to apply for a PAUSE account.
Name: Joey Hess
Email: [EMAIL PROTECTED]
ID: JOEY (second choice: JOEYH)
The first module I would like to contribute is HTML::Sanitizer.
HTML::Sanitizer allows detailed control of what tags and tag attributes
are allowed in html, and can also fully remove javascript from html,
even if it is hidden in URLs or html entities.
For example, you may allow users to post html comments on your website.
Before putting the html up on the website for others to see, it should
first be sanitized, to remove unwanted tags and possibly malicous
javascript.
use HTML::Sanitizer;
$sanitizer=Html::Sanitizer->new(p => [], a => [qw{href name}]);
$safehtml=$sanitizer->sanitize($html);
HTML::Sanitizer bdpO sanitize untrusted html
Where this has been discussed:
I discussed this briefly on irc.openprojects.net irc channel #perl, and
several people expressed interest.
There's prior are in the backends of lots of websites, most of which get
it subtly wrong in one way or another (stripping javascript properly is
a beast).
--
see shy jo
