NAME

       HTMLDocument::ConversionSafety - The conversion safety level for String->HTML conversion

SYNOPSIS

       HTMLDocument::ConversionSafety< >

     = Safe()

     | Unsafe()

     | VeryUnsafe()

DESCRIPTION

       If  you  are using the InlineOnly or AllElements option for HTMLDocument.WhiteList (3kaya) you can choose
       various sets of elements and attributes to allow.

     - Safe - a very restricted set of elements and attributes is allowed. Hyperlinks, images, forms, scripting,
     inline styles and so on are not allowed.

     -  Unsafe  -  As  Safe  ,  but  hyperlinks,  images  and client-side scripting are allowed. Some cross-site
     scripting is possible as a result.

     - VeryUnsafe - As Unsafe , but form controls are also allowed. This  allows  some  potentially  very  nasty
     cross-site  scripting  attacks  to  be carried out with ease if an attacker is able to influence the String
     being converted, so use this with extreme caution.

       None of these allow the direct addition of <script> elements or the onX event handlers.

AUTHORS

       Kaya standard  library  by  Edwin  Brady,  Chris  Morris  and  others  (kaya@kayalang.org).  For  further
       information see http://kayalang.org/

LICENSE

       The  Kaya  standard library is free software; you can redistribute it and/or modify it under the terms of
       the GNU Lesser General Public License (version 2.1 or  any  later  version)  as  published  by  the  Free
       Software Foundation.

RELATED

       HTMLDocument.WhiteList (3kaya)
       HTMLDocument.readFromString (3kaya)