Crate css_sanitizer 

css-sanitizer

Policy-driven CSS sanitization on top of lightningcss.

This crate exposes lightningcss and lets you sanitize parsed CSS AST nodes directly through CssSanitizationPolicy. There is no built-in safe preset: the safety properties come from the policy you implement.

Default trait methods are fail-open and return NodeAction::Continue. A strict sanitizer must explicitly drop the rules, selectors, properties, and descriptors it does not want to keep.

String API

use css_sanitizer::{
    clean_stylesheet_with_policy, CssSanitizationPolicy, NodeAction, PropertyContext,
    RuleContext,
};
use css_sanitizer::lightningcss::rules::CssRule;

struct StyleColorOnly;

impl CssSanitizationPolicy for StyleColorOnly {
    fn visit_rule(
        &self,
        rule: &mut CssRule<'_>,
        _ctx: RuleContext,
    ) -> NodeAction {
        match rule {
            CssRule::Style(_) => NodeAction::Continue,
            _ => NodeAction::Drop,
        }
    }

    fn visit_property(
        &self,
        property: &mut css_sanitizer::lightningcss::properties::Property<'_>,
        _ctx: PropertyContext,
    ) -> NodeAction {
        if property.property_id().name() == "color" {
            NodeAction::Continue
        } else {
            NodeAction::Drop
        }
    }
}

let safe = clean_stylesheet_with_policy(
    "@import url('evil.css'); .card { color: red; position: fixed }",
    &StyleColorOnly,
);

assert!(!safe.contains("@import"));
assert!(safe.contains("color"));
assert!(!safe.contains("position"));

AST API

use css_sanitizer::{
    sanitize_stylesheet_ast, CssSanitizationPolicy, NodeAction, RuleContext,
};
use css_sanitizer::lightningcss::rules::CssRule;
use css_sanitizer::lightningcss::stylesheet::{ParserOptions, StyleSheet};

struct NoImports;

impl CssSanitizationPolicy for NoImports {
    fn visit_rule(
        &self,
        rule: &mut CssRule<'_>,
        _ctx: RuleContext,
    ) -> NodeAction {
        if matches!(rule, CssRule::Import(_)) {
            NodeAction::Drop
        } else {
            NodeAction::Continue
        }
    }
}

let mut stylesheet =
    StyleSheet::parse("@import url('evil.css'); .card { color: blue }", ParserOptions::default())
        .expect("stylesheet should parse");

sanitize_stylesheet_ast(&mut stylesheet, &NoImports);

let output = stylesheet
    .to_css(Default::default())
    .expect("stylesheet should serialize")
    .code;
assert!(!output.contains("@import"));
assert!(output.contains(".card"));

Re-exports

pub use lightningcss;

Structs

DescriptorContext

Context for descriptor-style properties that are not represented as Property.

PropertyContext

Context for a normal CSS property.

RuleContext

Context for a CSS rule node.

SelectorContext

Context for a selector list.

Enums

NodeAction

Controls how the sanitizer should handle the current node.

Traits

CssSanitizationPolicy

Advanced policy hook interface for sanitizing lightningcss AST nodes.

Functions

clean_declaration_list_with_policy

Parses and sanitizes an inline declaration list with a custom AST policy.

clean_stylesheet_with_policy

Parses and sanitizes a full stylesheet with a custom AST policy.

sanitize_declaration_block_ast

Sanitizes a parsed declaration block in place.

sanitize_stylesheet_ast

Sanitizes a parsed stylesheet AST in place.