damascene_html/options.rs
1//! Output-changing options for the HTML transformer.
2
3/// Optional knobs for [`crate::html_with_options`].
4///
5/// The default is "trusted-scrap" — no extra sanitization beyond the
6/// hardcoded baseline that always strips `<script>`, `<iframe>`,
7/// `<object>`, `<embed>`, `<noscript>`, every `on*` attribute, and
8/// every `javascript:` / `vbscript:` / `data:text/html` URL.
9#[derive(Clone, Copy, Debug, Default, PartialEq, Eq)]
10pub struct HtmlOptions {
11 /// When `true`, treat input as untrusted: also drop `<style>`
12 /// blocks (which the v2 CSS pass would otherwise consume) and any
13 /// inline `style=""` attributes. Default `false`; the v1 tier-1
14 /// transformer ignores `<style>` either way, so this flag is a
15 /// no-op until the CSS subset lands.
16 pub sanitize_styles: bool,
17}
18
19impl HtmlOptions {
20 pub fn sanitize_styles(mut self, enabled: bool) -> Self {
21 self.sanitize_styles = enabled;
22 self
23 }
24}