NAME

       HTMLDocument::ConversionSafety - The conversion safety level for String->HTML conversion

SYNOPSIS

       HTMLDocument::ConversionSafety< >

     = Safe()

     | Unsafe()

     | VeryUnsafe()

DESCRIPTION

       If  you  are using the InlineOnly or AllElements option for HTMLDocument.WhiteList (3kaya)
       you can choose various sets of elements and attributes to allow.

     - Safe - a very restricted set of elements and attributes is  allowed.  Hyperlinks,  images,
     forms, scripting, inline styles and so on are not allowed.

     -  Unsafe  -  As  Safe  , but hyperlinks, images and client-side scripting are allowed. Some
     cross-site scripting is possible as a result.

     - VeryUnsafe - As Unsafe , but form controls are also allowed. This allows some  potentially
     very  nasty  cross-site scripting attacks to be carried out with ease if an attacker is able
     to influence the String being converted, so use this with extreme caution.

       None of these allow the direct addition of <script> elements or the onX event handlers.

AUTHORS

       Kaya standard library by Edwin Brady, Chris Morris  and  others  (kaya@kayalang.org).  For
       further information see http://kayalang.org/

LICENSE

       The Kaya standard library is free software; you can redistribute it and/or modify it under
       the terms of the GNU Lesser General Public License (version 2.1 or any later  version)  as
       published by the Free Software Foundation.

RELATED

       HTMLDocument.WhiteList (3kaya)
       HTMLDocument.readFromString (3kaya)