[web-devel] Announce: xss-sanitize 0.3: css styles allowed

Greg Weber greg at gregweber.info
Tue Aug 9 18:54:36 CEST 2011


xss-sanitize is a library that allows you to accept html from untrusted
sources by first filtering it through a white list. For example, this allows
a web application to safely use a rich text editor or allow html in
comments.

version 0.3 allows elements to have a style attribute. The css will be
parsed and ran through a special css white list. This new version adds a
dependency on attoparsec-text

This library is used automatically and transparently in Yesod where
appropriate, and the new version will be used in the upcoming 0.9 release.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/web-devel/attachments/20110809/0f937a94/attachment.htm>


More information about the web-devel mailing list