NAME HTML::EscapeEvil - Escape tag VERSION 0.05 SYNPSIS use HTML::EscapeEvil; my $escapeevil = HTML::EscapeEvil->new; my $evil_html = < HTML $escapeevil->parse($html); #from string $escapeevil->parse_file($html_file); #from file or file handle my $clean_html = $escapeevil->filtered_html; $escapeevil->clear; DESCRIPTION The tag that doesn't want to permit escapes all. METHOD new create instance Example : my $escapeevil = HTML::EscapeEvil->new( allow_comment => 1, allow_declaration => 0, allow_process => 0, allow_tags => [qw(a l l o w t a g s)], #allow_tags => "one",# OK ); Option : allow_comment : allow comment. default 0. allow_declaration : allow_declaration. default 0. allow_process : allow_process. default 0. allow_tags : set allow tags allow_script : allow script tag. default 0(is_allow_tags("script") OK) allow_style : allow style tag. default 0(is_allow_tags("style") OK) allow_entity_reference : allow entity reference. default 1 collection_process : collection process. default 0 When tag is not specified for allow_tags, default makes all tag invalid. set_allow_tags The setting is returned to default. Example : $escapeevil->set_allow_tags(qw(t a g s)); add_allow_tags The tag that wants to permit is added. Example : $escapeevil->add_allow_tags(qw(t a g s)); deny_tags The specified tag is not permitted. Example : $escapeevil->deny_tags(qw(t a g s)); get_allow_tags The list of the tag that has been permitted is returned. Example : my @list = $escapeevil->get_allow_tags; is_allow_tags Whether it is tag that has been permitted is checked. Example : print 'script is ', ($escapeevil->is_allow_tags('script')) ? 'allowed' : 'not allowed'; deny_all No permission of all Example : $escapeevil->deny_all; allow_comment Whether the comment has been permitted is checked. Or, the setting change of the comment permission. Example : print 'comment is ', ($escapeevil->allow_comment) ? 'allowed' : 'not allowed'; $escapeevil->allow_comment(1); ## allow comment! allow_declaration Whether the DOCTYPE declaration has been permitted is checked. Or, the setting change of the DOCTYPE declaration permission. Example : print 'declaration is ', ($escapeevil->allow_declaration) ? 'allowed' : 'not allowed'; $escapeevil->allow_declaration(1); ## allow declaration! allow_process Whether the processing instruction has been permitted is checked. Or, the setting change of the processing instruction. Example : print 'process is ', ($escapeevil->allow_process) ? 'allowed' : 'not allowed'; $escapeevil->allow_process(1); ## allow process! allow_entity_reference Whether the substance reference has been permitted is checked. Or, the setting change of the substance reference. Example : print 'entity_reference is ', ($escapeevil->allow_entity_reference) ? 'allowed' : 'not allowed'; $escapeevil->allow_entity_reference(1); ## allow entity_reference! allow_script Whether it permits is checked script tag. Or, the setting change of script tag. Example : print 'script is ', ($escapeevil->allow_script) ? 'allowed' : 'not allowed'; $escapeevil->allow_script(1); ## allow script! allow_style Whether it permits is checked style tag. Or, the setting change of style tag. Example : print 'style is ', ($escapeevil->allow_style) ? 'allowed' : 'not allowed'; $escapeevil->allow_style(1); ## allow style! collection_process The setting change whether to collect process is done. Or, a present setting is acquired. Example : print 'collection_process is ', ($escapeevil->collection_process) ? 'collection' : 'no collection'; $escapeevil->collection_process(1); ##colloction process! processes The reference of the array of the processing instruction list is acquired. (reading exclusive use) Example : foreach(@{$escapeevil->processes}){ my $process = $_; #example: eval $process ,system $process etc.. } filtered_html HTML that escapes in the tag not permitted is returned. Example : print $escapeevil->filetered_html; filtered_file HTML that escapes in the tag not permitted is written file. Example : (e.g.1) $escapeevil->filtered_file("./filtered_file.html"); (e.g.2) $escapeevil->filtered_file(*FILEHANDLE); filtered version 0.02 new method. parse(parse_file) and filtered_html(filtered_file) and eof,clear_process do. Example : my $html = ""; (e.g.1) my $cleanhtml = $escapeevil->filtered($html); (e.g.2) $escapeevil->filtered($html,"writefile.html"); (e.g.3) open FILEHANDLE,"< evil.html" or die $!; $escapeevil->filtered(*FILEHANDLE,"writefile.html"); clear_process Collected process is annulled. Example : $escapeevil->clear_process; clear Initialization of variable that liberates of HTML::Parser object and is internal. Please execute it when processing is completed. Example : $escapeevil->clear; NEW OPTION VERSION 0.03.Javascript of event handler becomes invalid at allow_script(0) though event handler of javascript is defined in the tag that has been permitted, too. Example : hello => hello => The definition of event handler is described in %HTML::Escape::JS_EVENT. CAUTION Please filtered_file must specify passing the file and specify the correct one. Die is executed when there are neither passing nor a writing authority that cannot be. Processes is a method only for reading. When the value is set, die is done. Carp http://search.cpan.org/~nwclark/perl-5.8.8/lib/Carp.pm Class::Accessor http://search.cpan.org/~kasei/Class-Accessor-0.22/lib/Class/Accessor.pm HTML::Element http://search.cpan.org/~petdance/HTML-Tree-3.1901/lib/HTML/Element.pm HTML::Filter http://search.cpan.org/~gaas/HTML-Parser-3.46/lib/HTML/Filter.pm HTML::Parser http://search.cpan.org/~gaas/HTML-Parser-3.46/Parser.pm SEE ALSO Carp Class::Accessor HTML::Element HTML::Filter HTML::Parser AUTHOR Akira Horimoto COPYRIGHT Copyright (C) 2006 Akira Horimoto This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.