Merge pull request #3 from SYM01/develop

Optimise the support for <script>, <style> and other similar non-html elements
SYM01 · Dec 13, 2023 · 87a0f56 · 87a0f56
2 parents 39525a9 + a2afdf9
commit 87a0f56
Show file tree

Hide file tree

Showing 11 changed files with 405 additions and 92 deletions.
diff --git a/README.md b/README.md
@@ -1,10 +1,11 @@
-# Golang HTML Sanitizer
+# Golang HTML Sanitizer / Filter
 
-![Go](https://github.com/SYM01/htmlsanitizer/workflows/Go/badge.svg)
+[![Go Reference](https://pkg.go.dev/badge/github.com/sym01/htmlsanitizer.svg)](https://pkg.go.dev/github.com/sym01/htmlsanitizer)
+[![Go](https://github.com/SYM01/htmlsanitizer/workflows/Go/badge.svg)](https://github.com/SYM01/htmlsanitizer/actions/workflows/go.yml)
 [![codecov](https://codecov.io/gh/SYM01/htmlsanitizer/branch/master/graph/badge.svg)](https://codecov.io/gh/SYM01/htmlsanitizer)
 
 
-htmlsanitizer is a super fast, allowlist-based HTML sanitizer written in Golang. A built-in, secure-by-default allowlist helps you filter out any dangerous HTML content.
+htmlsanitizer is a super fast, allowlist-based HTML sanitizer (HTML filter) written in Golang. A built-in, secure-by-default allowlist helps you filter out any dangerous HTML content.
 
 Why use htmlsanitizer?
 

diff --git a/cmd/htmlsanitizer/main.go b/cmd/htmlsanitizer/main.go
@@ -0,0 +1,49 @@
+package main
+
+import (
+	"flag"
+	"io"
+	"log"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/sym01/htmlsanitizer"
+)
+
+var (
+	srcFilePath = flag.String("src", "", "could be either source file path, or the source URL")
+)
+
+func main() {
+	flag.Parse()
+
+	if len(*srcFilePath) == 0 {
+		flag.CommandLine.Usage()
+		return
+	}
+
+	var src io.ReadCloser
+	switch {
+	case strings.HasPrefix(*srcFilePath, "http://"), strings.HasPrefix(*srcFilePath, "https://"):
+		resp, err := http.Get(*srcFilePath)
+		if err != nil {
+			log.Fatalf("unable to fetch remote content: %s", err)
+		}
+		src = resp.Body
+	default:
+		file, err := os.OpenFile(*srcFilePath, os.O_RDONLY, 0755)
+		if err != nil {
+			log.Fatalf("unable to open src file: %s", err)
+		}
+		src = file
+	}
+
+	defer src.Close()
+
+	san := htmlsanitizer.NewHTMLSanitizer()
+	writer := san.NewWriter(os.Stdout)
+	if _, err := io.Copy(writer, src); err != nil {
+		log.Printf("unable to sanitize HTML content: %s", err)
+	}
+}