mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-23 04:23:08 +00:00
- add HTML-StripScripts 1.04
This module strips scripting constructs out of HTML, leaving as much non-scripting markup in place as possible. This allows web applications to display HTML originating from an untrusted source without introducing XSS (cross site scripting) vulnerabilities. You will probably use HTML::StripScripts::Parser rather than using this module directly. WWW: http://search.cpan.org/dist/HTML-StripScripts/ Submitted by: kftseng@iyard.org
This commit is contained in:
parent
430838889b
commit
5b6b69da49
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=212869
@ -781,6 +781,7 @@
|
||||
SUBDIR += p5-HTML-StickyQuery
|
||||
SUBDIR += p5-HTML-Stream
|
||||
SUBDIR += p5-HTML-Strip
|
||||
SUBDIR += p5-HTML-StripScripts
|
||||
SUBDIR += p5-HTML-Summary
|
||||
SUBDIR += p5-HTML-Table
|
||||
SUBDIR += p5-HTML-TableExtract
|
||||
|
21
www/p5-HTML-StripScripts/Makefile
Normal file
21
www/p5-HTML-StripScripts/Makefile
Normal file
@ -0,0 +1,21 @@
|
||||
# New ports collection makefile for: p5-HTML-StripScripts
|
||||
# Date Created: May 08, 2008
|
||||
# Whom: kftseng@iyard.org
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PORTNAME= HTML-StripScripts
|
||||
PORTVERSION= 1.04
|
||||
CATEGORIES= www perl5
|
||||
MASTER_SITES= CPAN
|
||||
PKGNAMEPREFIX= p5-
|
||||
|
||||
MAINTAINER= kftseng@iyard.org
|
||||
COMMENT= Strip scripting constructs out of HTML
|
||||
|
||||
PERL_CONFIGURE= yes
|
||||
|
||||
MAN3= HTML::StripScripts.3
|
||||
|
||||
.include <bsd.port.mk>
|
3
www/p5-HTML-StripScripts/distinfo
Normal file
3
www/p5-HTML-StripScripts/distinfo
Normal file
@ -0,0 +1,3 @@
|
||||
MD5 (HTML-StripScripts-1.04.tar.gz) = aecd01e273bddbf60dca2a923163826d
|
||||
SHA256 (HTML-StripScripts-1.04.tar.gz) = 6d6cd9c2eaefb14ed80f5ef60a746979887783bed05ee92d3be9ec0a5cf8c33d
|
||||
SIZE (HTML-StripScripts-1.04.tar.gz) = 43708
|
23
www/p5-HTML-StripScripts/pkg-descr
Normal file
23
www/p5-HTML-StripScripts/pkg-descr
Normal file
@ -0,0 +1,23 @@
|
||||
This module strips scripting constructs out of HTML, leaving as
|
||||
much non-scripting markup in place as possible. This allows web
|
||||
applications to display HTML originating from an untrusted source
|
||||
without introducing XSS (cross site scripting) vulnerabilities.
|
||||
You will probably use HTML::StripScripts::Parser rather than using
|
||||
this module directly.
|
||||
|
||||
The process is based on whitelists of tags, attributes and attribute
|
||||
values. This approach is the most secure against disguised scripting
|
||||
constructs hidden in malicious HTML documents. As well as removing
|
||||
scripting constructs, this module ensures that there is a matching
|
||||
end for each start tag, and that the tags are properly nested.
|
||||
|
||||
Previously, in order to customise the output, you needed to subclass
|
||||
HTML::StripScripts and override methods. Now, most customisation
|
||||
can be done through the Rules option provided to new(). (See
|
||||
examples/declaration/ and examples/tags/ for cases where subclassing
|
||||
is necessary.) The HTML document must be parsed into start tags,
|
||||
end tags and text before it can be filtered by this module. Use
|
||||
either HTML::StripScripts::Parser or HTML::StripScripts::Regex
|
||||
instead if you want to input an unparsed HTML document.
|
||||
|
||||
WWW: http://search.cpan.org/dist/HTML-StripScripts/
|
5
www/p5-HTML-StripScripts/pkg-plist
Normal file
5
www/p5-HTML-StripScripts/pkg-plist
Normal file
@ -0,0 +1,5 @@
|
||||
%%SITE_PERL%%/HTML/StripScripts.pm
|
||||
%%SITE_PERL%%/%%PERL_ARCH%%/auto/HTML/StripScripts/.packlist
|
||||
@dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto/HTML/StripScripts
|
||||
@dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto/HTML
|
||||
@dirrmtry %%SITE_PERL%%/HTML
|
Loading…
Reference in New Issue
Block a user