secure_output/lib.rs
1#![forbid(unsafe_code)]
2#![deny(missing_docs)]
3//! `secure_output` — Output encoding for HTML, JSON, URL, JS, CSS, XML, LDAP, and shell contexts (OWASP C4).
4//!
5//! Provides the [`OutputEncoder`] open trait and concrete implementations:
6//! - [`HtmlEncoder`] — HTML context encoding with zero-copy for safe strings
7//! - [`JsonEncoder`] — JSON context encoding preventing `</script>` injection
8//! - [`UrlEncoder`] — URL percent-encoding per RFC 3986
9//! - [`JsStringEncoder`] — JavaScript string literal encoding
10//! - [`CssEncoder`] — CSS context encoding via unicode-escape
11//! - [`XmlEncoder`] — XML text/attribute encoding
12//! - [`ldap::LdapDnEncoder`] — LDAP Distinguished Name encoding (RFC 4514)
13//! - [`ldap::LdapFilterEncoder`] — LDAP search filter encoding (RFC 4515)
14//! - [`shell::ShellEncoder`] — POSIX shell argument encoding
15//!
16//! Also provides:
17//! - [`sanitize_uri_scheme()`] — blocks dangerous URI schemes (javascript:, data:, etc.)
18
19pub mod css;
20pub mod encode;
21pub mod html;
22pub mod js;
23pub mod json;
24pub mod ldap;
25pub mod shell;
26pub mod uri;
27pub mod url;
28pub mod xml;
29
30pub use css::CssEncoder;
31pub use encode::OutputEncoder;
32pub use html::HtmlEncoder;
33pub use js::JsStringEncoder;
34pub use json::JsonEncoder;
35pub use ldap::{LdapDnEncoder, LdapFilterEncoder};
36pub use shell::ShellEncoder;
37pub use uri::{sanitize_uri_scheme, DangerousUriScheme};
38pub use url::UrlEncoder;
39pub use xml::XmlEncoder;