![]()
Chains attribute rewriters.
Arguments:
Returns: goog.labs.html.AttributeRewriter
a function that return g(f(x)) or null if f(x) is null.
|
code » | |||
![]()
Applied automatically to URL attributes to check that they are safe as per
SafeUrl .
Arguments:
Returns: goog.html.SafeUrl | null
a URL that is equivalent to the
input or
null if the input is not a safe URL.
|
code » | |||
A new object that is as blank as possible.
Using
Object.create to create an object with
no prototype speeds up whitelist access since there's fewer prototypes
to fall-back to for a common case where an element is not in the
white-list, and reduces the chance of confusing a member of
Object.prototype with a whitelist entry.
|
code » | |||
![]()
Given an attribute name, returns a value rewriter that enforces some
minimal safety properties.
For url atributes, it checks that any protocol is on a safe set that doesn't allow script execution. It also blanket disallows CSS and event handler attributes.
Arguments:
Returns: goog.labs.html.AttributeRewriter
No description.
|
code » | |||
![]()
No description.
Arguments:
Returns: null
No description.
|
code » | |||
HTML element and attribute names may be almost arbitrary strings, but the
sanitizer is more restrictive as to what can be white-listed.
Since HTML is case-insensitive, only lower-case identifiers composed of
ASCII letters, digits, and select punctuation are allowed.
|
code » | |||
![]()
No description.
Arguments:
Returns: goog.labs.html.AttributeValue
No description.
|
code » |