1HTMLDocument.ConversionSafety(K3akyaayam)odule reHfTeMrLeDnocceument.ConversionSafety(3kaya)
2
3
4

NAME

6       HTMLDocument::ConversionSafety   -  The  conversion  safety  level  for
7       String->HTML conversion
8

SYNOPSIS

10       HTMLDocument::ConversionSafety< >
11
12
13     = Safe()
14
15
16     | Unsafe()
17
18
19     | VeryUnsafe()
20

DESCRIPTION

22       If you are using the InlineOnly or  AllElements  option  for  HTMLDocu‐
23       ment.WhiteList  (3kaya)  you  can  choose  various sets of elements and
24       attributes to allow.
25
26
27     - Safe - a very restricted set of elements  and  attributes  is  allowed.
28     Hyperlinks,  images,  forms,  scripting,  inline styles and so on are not
29     allowed.
30
31
32     - Unsafe - As Safe , but hyperlinks, images and client-side scripting are
33     allowed. Some cross-site scripting is possible as a result.
34
35
36     -  VeryUnsafe  -  As  Unsafe  ,  but form controls are also allowed. This
37     allows some potentially very nasty cross-site  scripting  attacks  to  be
38     carried  out  with  ease  if  an attacker is able to influence the String
39     being converted, so use this with extreme caution.
40
41       None of these allow the direct addition of <script> elements or the onX
42       event handlers.
43

AUTHORS

45       Kaya   standard  library  by  Edwin  Brady,  Chris  Morris  and  others
46       (kaya@kayalang.org). For further information see http://kayalang.org/
47

LICENSE

49       The Kaya standard library is free software;  you  can  redistribute  it
50       and/or  modify  it  under  the  terms  of the GNU Lesser General Public
51       License (version 2.1 or any later version) as  published  by  the  Free
52       Software Foundation.
53
55       HTMLDocument.WhiteList (3kaya)
56       HTMLDocument.readFromString (3kaya)
57
58
59
60Kaya                             December 2H0T1M0LDocument.ConversionSafety(3kaya)
Impressum