{"id":15590099,"url":"https://github.com/bkeepers/sanitize-whitelist","last_synced_at":"2025-10-04T01:32:00.122Z","repository":{"id":56894263,"uuid":"23705471","full_name":"bkeepers/sanitize-whitelist","owner":"bkeepers","description":null,"archived":false,"fork":false,"pushed_at":"2014-10-01T15:50:34.000Z","size":156,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-04-24T16:24:36.973Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bkeepers.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-09-05T14:17:07.000Z","updated_at":"2023-02-02T14:04:38.000Z","dependencies_parsed_at":"2022-08-21T01:20:16.751Z","dependency_job_id":null,"html_url":"https://github.com/bkeepers/sanitize-whitelist","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bkeepers%2Fsanitize-whitelist","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bkeepers%2Fsanitize-whitelist/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bkeepers%2Fsanitize-whitelist/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bkeepers%2Fsanitize-whitelist/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bkeepers","download_url":"https://codeload.github.com/bkeepers/sanitize-whitelist/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235208997,"owners_count":18953003,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-02T23:19:52.773Z","updated_at":"2025-10-04T01:31:54.865Z","avatar_url":"https://github.com/bkeepers.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Sanitize::Whitelist\n\nObjects to represent a whitelist that can be used by the sanitize gem.\n\nProblem: the `sanitize` gem uses a deeply nested hash to configure sanitization. It is cumbersome to inherit and modify sanitization configuration without modifying the original hash.\n\nThis wraps it with real objects, which means:\n\n- The entire whitelist is frozen after the yielded block.\n- #dup behaves as expected and returns a deep clone\n- #to_hash creates a hash that can be passed to the sanitize gem\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n    gem 'sanitize-whitelist'\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install sanitize-whitelist\n\n## Usage\n\n```ruby\nWhitelist.new do\n  # Explicitly declare elements that are allowed.\n  allow %w(\n    h1 h2 h3 h4 h5 h6 h7 h8 br b i strong em a pre code img tt\n    div ins del sup sub p ol ul table thead tbody tfoot blockquote\n    dl dt dd kbd q samp var hr ruby rt rp li tr td th s strike\n  )\n\n  # Elements to completely remove instead of escape.\n  remove \"script\"\n\n  # Allow href and src attributes, and specify the protocols that they can use.\n  element(\"a\").allow(\"href\").protocols('http', 'https', 'mailto', :relative, 'github-windows', 'github-mac')\n  element(\"img\").allow(\"src\").protocols('http', 'https', :relative)\n\n  # Allow other elements on divs\n  element(\"div\").allow %w(itemscope itemtype)\n\n  # All elements can have these attributes\n  element(:all).allow %w(\n    abbr accept accept-charset accesskey action align alt axis border\n    cellpadding cellspacing char charoff charset checked cite clear cols\n    colspan color compact coords datetime dir disabled enctype for frame\n    headers height hreflang hspace ismap label lang longdesc maxlength media\n    method multiple name nohref noshade nowrap prompt readonly rel rev rows\n    rowspan rules scope selected shape size span start summary tabindex target\n    title type usemap valign value vspace width itempro\n  )\n\n  # Top-level \u003cli\u003e elements are removed because they can break out of\n  # containing markup.\n  transform do |env|\n    name, node = env[:node_name], env[:node]\n    if name == \"li\" \u0026\u0026 !node.ancestors.any?{ |n| %w(ul ol).include?(n.name) }\n      node.replace(node.children)\n    end\n  end\n\n  # Table child elements that are not contained by a \u003ctable\u003e are removed.\n  # Otherwise they can be used to break out of containing markup.\n  transform do |env|\n    name, node = env[:node_name], env[:node]\n    if (%w(thead tbody tfoot).include?(name) || %w(tr td th).include?(name)) \u0026\u0026 !node.ancestors.any? { |n| n.name == \"table\" }\n      node.replace(node.children)\n    end\n  end\nend\n```\n\n## Contributing\n\n1. Fork it ( https://github.com/bkeepers/sanitize-whitelist/fork )\n2. Create your feature branch (`git checkout -b my-new-feature`)\n3. Commit your changes (`git commit -am 'Add some feature'`)\n4. Push to the branch (`git push origin my-new-feature`)\n5. Create a new Pull Request\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbkeepers%2Fsanitize-whitelist","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbkeepers%2Fsanitize-whitelist","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbkeepers%2Fsanitize-whitelist/lists"}