all repos — grayfriday @ fb923cdb7885cc75de960e11e527c6c0b1405923

blackfriday fork with a few changes 

Add an option to strip <script> elements

Partially addresses issue #11.
Vytautas Ĺ altenis Vytautas.Shaltenis@gmail.com
Sat, 13 Apr 2013 22:57:16 +0300
commit

fb923cdb7885cc75de960e11e527c6c0b1405923

parent

b79e720a36b6805be26938b176bb44cdabaace5d

2 files changed, 17 insertions(+), 1 deletions(-)

jump to
M html.gohtml.go 
@@ -28,6 +28,7 @@ HTML_SKIP_HTML                = 1 << iota // skip preformatted HTML blocks
 	HTML_SKIP_STYLE                           // skip embedded <style> elements
 	HTML_SKIP_IMAGES                          // skip embedded images
 	HTML_SKIP_LINKS                           // skip all links
+	HTML_SKIP_SCRIPT                          // skip embedded <script> elements
 	HTML_SAFELINK                             // only link to trusted protocols
 	HTML_TOC                                  // generate a table of contents
 	HTML_OMIT_CONTENTS                        // skip the main contents (for a standalone table of contents)

@@ -458,6 +459,9 @@ if options.flags&HTML_SKIP_LINKS != 0 && isHtmlTag(text, "a") {
 		return
 	}
 	if options.flags&HTML_SKIP_IMAGES != 0 && isHtmlTag(text, "img") {
+		return
+	}
+	if options.flags&HTML_SKIP_SCRIPT != 0 && isHtmlTag(text, "script") {
 		return
 	}
 	out.Write(text)
M inline_test.goinline_test.go 
@@ -70,8 +70,20 @@ "<p>zz p {}</p>\n",
 
 		"zz <STYLE>p {}</STYLE>\n",
 		"<p>zz p {}</p>\n",
+
+		"<SCRIPT>alert()</SCRIPT>\n",
+		"<p>alert()</p>\n",
+
+		"zz <SCRIPT>alert()</SCRIPT>\n",
+		"<p>zz alert()</p>\n",
+
+		"zz <script>alert()</script>\n",
+		"<p>zz alert()</p>\n",
+
+		" <script>alert()</script>\n",
+		"<p>alert()</p>\n",
 	}
-	doTestsInlineParam(t, tests, 0, HTML_SKIP_STYLE)
+	doTestsInlineParam(t, tests, 0, HTML_SKIP_STYLE|HTML_SKIP_SCRIPT)
 }
 
 func TestEmphasis(t *testing.T) {