security

package
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2026 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Safe 

func Safe(content string) node.Node

Safe creates a sanitised text node from the given content. If the content fails validation, it returns an error text node instead.

func SafeScript 

func SafeScript(js string) node.Node

SafeScript creates a sanitised script element with inline JavaScript. If the JavaScript content fails validation, it returns an error comment instead.

func SafeStyle 

func SafeStyle(css string) node.Node

SafeStyle creates a sanitised style element with inline CSS. If the CSS content fails validation, it returns an error comment instead.

func Validate 

func Validate(content string) error

Validate performs sanitisation check on the given content string directly without wrapping it in a component. Returns an error if validation fails.

Types

type SanitiseBuilder 

type SanitiseBuilder struct {
	// contains filtered or unexported fields
}

SanitiseBuilder allows fluent validation with error handling

func Sanitise 

func Sanitise(comp node.Node) *SanitiseBuilder

Sanitise creates a new validation builder for the given component. It performs security validation checks against potentially unsafe content within the rendered output. This is useful when rendering raw content into <script> or <style> blocks where injection is possible.

Basic usage (renders component if valid, nothing if invalid): 

security.Sanitise(scriptComponent)

With error fallback (renders an error message if invalid): 

security.Sanitise(scriptComponent).Error()

func Sanitize 

func Sanitize(comp node.Node) *SanitiseBuilder

Sanitize is an alias for Sanitise

func (*SanitiseBuilder) DynamicKey added in v0.2.0 

func (sb *SanitiseBuilder) DynamicKey() string

DynamicKey returns an empty string - sanitise builders do not carry tracking keys.

func (*SanitiseBuilder) Error 

func (sb *SanitiseBuilder) Error() node.Node

Error returns a fallback component that renders the original component if valid, or an error message component if validation failed

func (*SanitiseBuilder) IsDynamic added in v0.2.0 

func (sb *SanitiseBuilder) IsDynamic() bool

IsDynamic returns true as SanitiseBuilder performs runtime validation.

func (*SanitiseBuilder) Nodes 

func (sb *SanitiseBuilder) Nodes() []node.Node

Nodes returns the children of the wrapped component if valid, or an empty slice if validation failed

func (*SanitiseBuilder) Render 

func (sb *SanitiseBuilder) Render(w ...io.Writer) []byte

Render renders the original component if valid, or an empty byte slice if invalid

func (*SanitiseBuilder) RenderBuilder 

func (sb *SanitiseBuilder) RenderBuilder(buf *bytes.Buffer)

RenderBuilder renders the original component into the given buffer if valid, or writes nothing if validation failed

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.