1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Source: libhtml-defang-perl
Section: perl
Priority: optional
Build-Depends:
debhelper,
perl,
Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org>
Uploaders:
Jonas Smedegaard <dr@jones.dk>,
Standards-Version: 4.3.0
Vcs-Git: https://salsa.debian.org/perl-team/modules/packages/libhtml-defang-perl.git
Vcs-Browser: https://salsa.debian.org/perl-team/modules/packages/libhtml-defang-perl
Homepage: https://metacpan.org/release/HTML-Defang
Testsuite: autopkgtest-pkg-perl
Rules-Requires-Root: no
Package: libhtml-defang-perl
Architecture: all
Depends:
${misc:Depends},
${perl:Depends},
Description: cleans HTML and CSS of scripting, executable contents and XSS attacks
HTML::Defang accepts an input HTML and/or CSS string
and removes any executable code
including scripting, embedded objects, applets, etc.,
and neutralises any XSS attacks.
A whitelist based approach is used
which means only HTML known to be safe is allowed through.
.
HTML::Defang uses a custom html tag parser.
The parser has been designed and tested
to work with nasty real world html
and to try and emulate as close as possible
what browsers actually do with strange looking constructs.
The test suite has been built
based on examples from a range of sources
such as <http://ha.ckers.org/xss.html>
and <http://imfo.ru/csstest/css_hacks/import.php>
to ensure that as many as possible XSS attack scenarios
have been dealt with.
|
