-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | run untrusted HTML through Text.HTML.SanitizeXSS.sanitizeXSS to
--   prevent XSS attacks. see README.md
--   <a>http://github.com/yesodweb/haskell-xss-sanitize</a> for more
--   details
@package xss-sanitize
@version 0.3.7.2


-- | Sanatize HTML to prevent XSS attacks.
--   
--   See README.md <a>http://github.com/gregwebs/haskell-xss-sanitize</a>
--   for more details.
module Text.HTML.SanitizeXSS

-- | Sanitize HTML to prevent XSS attacks. This is equivalent to
--   <tt>filterTags safeTags</tt>.
sanitize :: Text -> Text

-- | Sanitize HTML to prevent XSS attacks and also make sure the tags are
--   balanced. This is equivalent to <tt>filterTags (balanceTags .
--   safeTags)</tt>.
sanitizeBalance :: Text -> Text

-- | alias of sanitize function
sanitizeXSS :: Text -> Text

-- | Parse the given text to a list of tags, apply the given filtering
--   function, and render back to HTML. You can insert your own custom
--   filtering, but make sure you compose your filtering function with
--   <a>safeTags</a> and <a>clearTags</a> or <a>safeTagsCustom</a> and
--   <a>clearTagsCustom</a>.
filterTags :: ([Tag Text] -> [Tag Text]) -> Text -> Text

-- | Filters out unsafe tags and sanitizes attributes. Use with filterTags
--   to create a custom filter.
safeTags :: [Tag Text] -> [Tag Text]

-- | Filters out unsafe tags and sanitizes attributes, like
--   <a>safeTags</a>, but uses custom functions for determining which tags
--   are safe and for sanitizing attributes. This allows you to add or
--   remove specific tags or attributes on the white list, or to use your
--   own white list.
--   
--   <tt>safeTagsCustom safeTagName sanitizeAttribute</tt> is equivalent to
--   <a>safeTags</a>.
safeTagsCustom :: (Text -> Bool) -> ((Text, Text) -> Maybe (Text, Text)) -> [Tag Text] -> [Tag Text]

-- | Directly removes tags even if they are not closed properly. This is
--   importent to clear out both the script and iframe tag in sequences
--   like "<a>script</a><a>iframe</a><a>/iframe</a>".
clearTags :: [Tag Text] -> [Tag Text]

-- | Directly removes tags, like clearTags, but uses a custom function for
--   determining which tags are safe.
--   
--   <tt>clearTagsCustom clearableTagName</tt> is equivalent to
--   <a>clearTags</a>.
clearTagsCustom :: (Text -> Bool) -> [Tag Text] -> [Tag Text]

-- | Filter which makes sure the tags are balanced. Use with
--   <a>filterTags</a> and <a>safeTags</a> to create a custom filter.
balanceTags :: [Tag Text] -> [Tag Text]
safeTagName :: Text -> Bool

-- | low-level API if you have your own HTML parser. Used by safeTags.
sanitizeAttribute :: (Text, Text) -> Maybe (Text, Text)

-- | Returns <tt>True</tt> if the specified URI is not a potential security
--   risk.
sanitaryURI :: Text -> Bool
