File Coverage

blib/lib/String/Clean/XSS.pm

Criterion	Covered	Total	%
statement	24	24	100.0
branch			n/a
condition			n/a
subroutine	8	8	100.0
pod	2	2	100.0
total	34	34	100.0

line	stmt	sub	pod	time	code
1					package String::Clean::XSS;
2					BEGIN {
3	1	1		52032	$String::Clean::XSS::VERSION = '0.031';
4					}
5
6					#use base qw{Exporter String::Class};
7	1	1		15	use Exporter qw{import};
	1			2
	1			64
8					our @EXPORT = qw{clean_XSS convert_XSS};
9
10	1	1		6	use strict;
	1			1
	1			57
11	1	1		6	use warnings;
	1			5
	1			48
12	1	1		1056	use String::Clean;
	1			5
	1			38
13	1	1		21	use Carp::Assert::More;
	1			2
	1			473
14
15					=head1 NAME
16
17					String::Clean::XSS - Clean up for Cross Site Scripting (XSS)
18
19					=head1 SYNOPSIS
20
21					Clean strings to protect from XSS attacks.
22
23					=head2 EXAMPLES
24
25					use String::Clean::XSS;
26
27					my $stuff_from_user = '';
28
29					my $safe_login = convert_XSS($stuff_from_user);
30					# results in '<script>bad stuff</script>'
31
32					my $cleaned_login = clean_XSS($stuff_from_user);
33					$ results in 'scriptbad stuff/script'
34
35					=head1 FUNCTIONS
36
37					=head2 clean_XSS
38
39					clean_XSS( $string );
40
41					Removes angle brackets from the given string.
42
43					=cut
44
45
46					sub clean_XSS {
47	2	2	1	5	my ( $string ) = @_;
48	2			7	assert_defined($string);
49	2			7	my $yaml = q{
50					---
51					- '<'
52					- '>'
53					};
54	2			13	return String::Clean->new()->clean_by_yaml( $yaml, $string );
55					}
56
57					=head2 convert_XSS
58
59					convert_XSS( $string );
60
61					Converts angle brackets to there HTML entities.
62
63					=cut
64
65					sub convert_XSS {
66	1	1	1	10	my ( $string ) = @_;
67	1			7	assert_defined($string);
68	1			4	my $yaml = q{
69					---
70					'<' : '<'
71					'>' : '>'
72					};
73	1			15	return String::Clean->new()->clean_by_yaml( $yaml, $string );
74					}
75
76					=head1 AUTHOR
77
78					ben hengst, C<< >>
79
80					=head1 BUGS
81
82					Please report any bugs or feature requests to C, or through
83					the web interface at L. I will be notified, and then you'll
84					automatically be notified of progress on your bug as I make changes.
85
86					=head1 SUPPORT
87
88					You can find documentation for this module with the perldoc command.
89
90					perldoc String::Clean
91
92
93					You can also look for information at:
94
95					=over 4
96
97					=item * RT: CPAN's request tracker
98
99					L
100
101					=item * AnnoCPAN: Annotated CPAN documentation
102
103					L
104
105					=item * CPAN Ratings
106
107					L
108
109					=item * Search CPAN
110
111					L
112
113					=back
114
115
116					=head1 ACKNOWLEDGEMENTS
117
118
119					=head1 COPYRIGHT & LICENSE
120
121					Copyright 2007 ben hengst, all rights reserved.
122
123					This program is free software; you can redistribute it and/or modify it
124					under the same terms as Perl itself.
125
126
127					=cut
128
129					1; # End of String::Clean::XSS