NAME

       HTMLDocument::ConversionSafety - The conversion safety level for String->HTML conversion

SYNOPSIS

       HTMLDocument::ConversionSafety< >

     = Safe()

     | Unsafe()

     | VeryUnsafe()

DESCRIPTION

       If  you  are using the InlineOnly or AllElements option for HTMLDocument.WhiteList (3kaya) you can choose
       various sets of elements and attributes to allow.

     - Safe - a very restricted set of elements and attributes is allowed. Hyperlinks, images, forms, scripting,
     inline styles and so on are not allowed.

     - Unsafe - As Safe , but  hyperlinks,  images  and  client-side  scripting  are  allowed.  Some  cross-site
     scripting is possible as a result.

     -  VeryUnsafe  -  As  Unsafe  , but form controls are also allowed. This allows some potentially very nasty
     cross-site scripting attacks to be carried out with ease if an attacker is able  to  influence  the  String
     being converted, so use this with extreme caution.

       None of these allow the direct addition of <script> elements or the onX event handlers.

AUTHORS

       Kaya  standard  library  by  Edwin  Brady,  Chris  Morris  and  others  (kaya@kayalang.org).  For further
       information see http://kayalang.org/

LICENSE

       The Kaya standard library is free software; you can redistribute it and/or modify it under the  terms  of
       the  GNU  Lesser  General  Public  License  (version  2.1  or any later version) as published by the Free
       Software Foundation.

RELATED

       HTMLDocument.WhiteList (3kaya)
       HTMLDocument.readFromString (3kaya)

Kaya                                                July 2013               HTMLDocument.ConversionSafety(3kaya)