loofah 0.2.0

data/init.rb

@@ -0,0 +1,2 @@
+require "loofah/rails_extension"
+ActiveRecord::Base.send(:include, Loofah::RailsExtension)

data/lib/loofah.rb

@@ -0,0 +1,197 @@
+$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__))) unless $LOAD_PATH.include?(File.expand_path(File.dirname(__FILE__)))
+
+require 'rubygems'
+require 'nokogiri'
+
+require 'loofah/html5/whitelist'
+require 'loofah/html5/scrub'
+
+require 'loofah/scrubber'
+
+require 'loofah/html/document'
+require 'loofah/html/document_fragment'
+
+require 'loofah/deprecated'
+
+
+#
+# Loofah is an HTML sanitizer wrapped around Nokogiri[http://nokogiri.org], an excellent
+# HTML/XML parser. If you don't know how Nokogiri[http://nokogiri.org]
+# works, you might want to pause for a moment and go check it out. I'll
+# wait.
+#
+# A Loofah::HTML::Document is a subclass of Nokogiri::HTML::Document,
+# so a parsed document gives you all the markup fixer-uppery and API
+# goodness of Nokogiri.
+#
+#   Loofah.document(unsafe_html).is_a?(Nokogiri::HTML::Document)         # => true
+#   Loofah.fragment(unsafe_html).is_a?(Nokogiri::HTML::DocumentFragment) # => true
+#
+# Loofah adds a +scrub!+ method, which can clean up your HTML in a few
+# different ways by modifying the document in-place:
+#
+#   doc.scrub!(:strip)       # replaces unknown/unsafe tags with their inner text
+#   doc.scrub!(:prune)       # removes  unknown/unsafe tags and their children
+#   doc.scrub!(:whitewash)   # removes  unknown/unsafe/namespaced tags and their children,
+#                            #          and strips all node attributes
+#   doc.scrub!(:escape)      # escapes  unknown/unsafe tags, like this: <script>
+#
+# Loofah overrides +to_s+ to return html:
+#
+#   unsafe_html = "ohai! <div>div is safe</div> <script>but script is not</script>"
+#
+#   doc = Loofah.fragment(unsafe_html).scrub!(:strip)
+#   doc.to_s    # => "ohai! <div>div is safe</div> "
+#
+# and +text+ to return plain text:
+#
+#   doc.text    # => "ohai! div is safe "
+#
+# Or, if you prefer, you can use the shorthand methods +scrub_fragment+ and +scrub_document+:
+#
+#   Loofah.scrub_fragment(unsafe_html, :prune).to_s
+#   Loofah.scrub_document(unsafe_html, :strip).text
+#
+# == Usage
+#
+# Let's say you have a Web 2.0 application, and you allow people to
+# send HTML snippets to each other.
+#
+# Let's also say some script-kiddie from Norland sends this to your
+# users, in an effort to swipe some credit cards:
+#
+#     <script src=http://ha.ckers.org/xss.js></script>
+#
+# Oooh, that could be bad. Here's how to fix it:
+#
+#     Loofah.scrub_fragment(dangerous_html, :escape).to_s
+#
+#     # => "&lt;script src=\"http://ha.ckers.org/xss.js\"&gt;&lt;/script&gt;"
+#
+# Loofah also makes available the sanitized markup in both HTML and
+# plain-text formats without incurring the overhead of multiple
+# parsings:
+#
+#     safe_fragment = Loofah.scrub_fragment(dangerous_html, :strip)
+#     safe_fragment.to_s    # => HTML output
+#     safe_fragment.text    # => plain text output
+#
+# And you can modify the HTML using Nokogiri's API, if you like:
+#
+#     stylized_fragment = Loofah.fragment(dangerous_html)
+#     stylized_fragment.xpath("//a/text()").wrap("<span></span>")
+#     stylized_fragment.scrub!(:strip)
+#
+# == Fragments vs Documents
+#
+# Generally speaking, unless you expect to have \&lt;html\&gt; and
+# \&lt;body\&gt; tags in your HTML, you don't have a *document*, you
+# have a *fragment*.
+#
+# For parsing fragments, you should use Loofah.fragment. Nokogiri
+# won't wrap the result in +html+ and +body+ tags, and will ignore
+# +head+ elements.
+#
+# Full HTML documents should be parsed with Loofah.document, which
+# will add the DOCTYPE declaration, and properly handle +head+ and
+# +body+ elements.
+#
+# == Strings and IO Objects as Input
+#
+# Loofah.document and Loofah.fragment accept any IO object in addition
+# to accepting a string. That IO object could be a file, or a socket,
+# or a StringIO, or anything that responds to +read+ and
+# +close+. Which makes it particularly easy to sanitize mass
+# quantities of docs.
+#
+# == Scrubbing Methods
+#
+# Given:
+#     unsafe_html = "ohai! <div>div is safe</div> <foo>but foo is <b>not</b></foo>"
+#
+# === scrub!(:strip)
+#
+# +:strip+ removes unknown/unsafe tags, but leaves behind the pristine contents:
+#
+#     Loofah.fragment(unsafe_html).scrub!(:strip)
+#     # or
+#     Loofah.scrub_fragment(unsafe_html, :strip)
+#
+#     => "ohai! <div>div is safe</div> but foo is <b>not</b>"
+#
+# === scrub!(:prune)
+#
+# +:prune+ removes unknown/unsafe tags and their contents (including their subtrees):
+#
+#     Loofah.fragment(unsafe_html).scrub!(:prune)
+#     # or
+#     Loofah.scrub_fragment(unsafe_html, :prune)
+#
+#     => "ohai! <div>div is safe</div> "
+#
+# === scrub!(:escape)
+#
+# +:escape+ performs HTML entity escaping on the unknown/unsafe tags:
+#
+#     Loofah.fragment(unsafe_html).scrub!(:escape)
+#     # or
+#     Loofah.scrub_fragment(unsafe_html, :escape)
+#
+#     => "ohai! <div>div is safe</div> &lt;foo&gt;but foo is &lt;b&gt;not&lt;/b&gt;&lt;/foo&gt;"
+#
+# === scrub!(:whitewash)
+#
+# +:whitewash+ removes all comments, styling and attributes in
+# addition to doing markup-fixer-uppery and pruning unsafe tags. I
+# like to call this "whitewashing", since it's like putting a new
+# layer of paint on top of the HTML input to make it look nice.
+#
+#     messy_markup = "ohai! <div id='foo' class='bar' style='margin: 10px'>div with attributes</div>"
+#
+#     Loofah.fragment(messy_markup).scrub!(:whitewash)
+#     # or
+#     Loofah.scrub_fragment(messy_markup, :whitewash)
+#
+#     => "ohai! <div>div with attributes</div>"
+#
+# One use case for this feature is to clean up HTML that was
+# cut-and-pasted from Microsoft Word into a WYSIWYG editor or a rich
+# text editor. Microsoft's software is famous for injecting all kinds
+# of cruft into its HTML output. Who needs that? Certainly not me.
+#
+module Loofah
+  # The version of Loofah you are using
+  VERSION = '0.2.0'
+
+  # The minimum required version of Nokogiri
+  REQUIRED_NOKOGIRI_VERSION = '1.3.3'
+
+  class << self
+    # Shortcut for Loofah::HTML::Document.parse
+    # This method accepts the same parameters as Nokogiri::HTML::Document.parse
+    def document(*args, &block)
+      Loofah::HTML::Document.parse(*args, &block)
+    end
+
+    # Shortcut for Loofah::HTML::DocumentFragment.parse
+    # This method accepts the same parameters as Nokogiri::HTML::DocumentFragment.parse
+    def fragment(*args, &block)
+      Loofah::HTML::DocumentFragment.parse(*args, &block)
+    end
+
+    # Shortcut for Loofah.fragment(string_or_io).scrub!(method)
+    def scrub_fragment(string_or_io, method)
+      Loofah.fragment(string_or_io).scrub!(method)
+    end
+
+    # Shortcut for Loofah.document(string_or_io).scrub!(method)
+    def scrub_document(string_or_io, method)
+      Loofah.document(string_or_io).scrub!(method)
+    end
+
+  end
+end
+
+if Nokogiri::VERSION < Loofah::REQUIRED_NOKOGIRI_VERSION
+  raise RuntimeError, "Loofah requires Nokogiri #{Loofah::REQUIRED_NOKOGIRI_VERSION} or later (currently #{Nokogiri::VERSION})"
+end

data/lib/loofah/active_record.rb

@@ -0,0 +1,44 @@
+module Loofah
+  #
+  # Loofah can scrub ActiveRecord attributes in a before_save callback:
+  #
+  #   # in environment.rb
+  #   require 'loofah/active_record'
+  #
+  #   # db/schema.rb
+  #   create_table "posts" do |t|
+  #     t.string  "title"
+  #     t.string  "body"
+  #   end
+  #
+  #   # app/model/post.rb
+  #   class Post < ActiveRecord::Base
+  #     html_fragment :body, :scrub => :prune  # scrubs 'body' in a before_save
+  #   end
+  #
+  module ActiveRecord
+    #
+    #  scrub an ActiveRecord attribute +attr+ as an HTML fragment
+    #  using the method specified in the required +:scrub+ option.
+    #
+    def html_fragment(attr, options={})
+      raise ArgumentError, "html_fragment requires :scrub option" unless method = options[:scrub]
+      before_save do |record|
+        record[attr] = Loofah.scrub_fragment(record[attr], method)
+      end
+    end
+
+    #
+    #  scrub an ActiveRecord attribute +attr+ as an HTML document
+    #  using the method specified in the required +:scrub+ option.
+    #
+    def html_document(attr, options={})
+      raise ArgumentError, "html_document requires :scrub option" unless method = options[:scrub]
+      before_save do |record|
+        record[attr] = Loofah.scrub_document(record[attr], method)
+      end
+    end
+  end
+end
+
+ActiveRecord::Base.extend(Loofah::ActiveRecord)

data/lib/loofah/deprecated.rb

@@ -0,0 +1,38 @@
+module Loofah
+  class << self
+    def strip_tags(string_or_io) # :nodoc:
+      warn_once "WARNING: Loofah.strip_tags is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_document(string_or_io, :prune)"
+      Loofah.scrub_document(string_or_io, :prune).text
+    end
+    
+    def whitewash(string_or_io) # :nodoc:
+      warn_once "WARNING: Loofah.whitewash is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_fragment(string_or_io, :whitewash)"
+      Loofah.scrub_fragment(string_or_io, :whitewash).to_s
+    end
+
+    def whitewash_document(string_or_io) # :nodoc:
+      warn_once "WARNING: Loofah.whitewash_document is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_document(string_or_io, :whitewash)"
+      Loofah.scrub_document(string_or_io, :whitewash).to_s
+    end
+
+    def sanitize(string_or_io) # :nodoc:
+      warn_once "WARNING: Loofah.sanitize is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_fragment(string_or_io, :escape)"
+      Loofah.scrub_fragment(string_or_io, :escape).to_xml
+    end
+    
+    def sanitize_document(string_or_io) # :nodoc:
+      warn_once "WARNING: Loofah.sanitize_document is deprecated and will be removed in Loofah 0.3.0. Please switch to Loofah.scrub_document(string_or_io, :escape)"
+      Loofah.scrub_document(string_or_io, :escape).to_xml
+    end
+
+    private
+
+    def warn_once(message)
+      @aooga ||= {}
+      unless @aooga.key?(message)
+        warn message unless @aooga[message]
+        @aooga[message] = true
+      end
+    end
+  end
+end

data/lib/loofah/html/document.rb

@@ -0,0 +1,19 @@
+module Loofah
+  module HTML
+    #
+    #  Subclass of Nokogiri::HTML::Document.
+    #
+    #  See Loofah::ScrubberInstanceMethods for additional methods.
+    #
+    class Document < Nokogiri::HTML::Document
+      include Loofah::ScrubberInstanceMethods
+
+      private
+
+      def __sanitize_roots # :nodoc:
+        xpath("/html/head","/html/body")
+      end
+
+    end
+  end
+end

data/lib/loofah/html/document_fragment.rb

@@ -0,0 +1,30 @@
+module Loofah
+  module HTML
+    #
+    #  Subclass of Nokogiri::HTML::DocumentFragment. Also includes Loofah::ScrubberInstanceMethods.
+    #
+    #  See Loofah::ScrubberInstanceMethods for additional methods.
+    #
+    class DocumentFragment < Nokogiri::HTML::DocumentFragment
+      include Loofah::ScrubberInstanceMethods
+
+      class << self
+        #
+        #  Overridden Nokogiri::HTML::DocumentFragment
+        #  constructor. Applications should use Loofah.fragment to
+        #  parse a fragment.
+        #
+        def parse tags
+          self.new(Loofah::HTML::Document.new, tags)
+        end
+      end
+
+      private
+
+      def __sanitize_roots # :nodoc:
+        xpath("./body").first || self
+      end
+
+    end
+  end
+end

data/lib/loofah/html5/scrub.rb

@@ -0,0 +1,70 @@
+require 'cgi'
+
+module Loofah
+  module HTML5
+    module Scrub
+
+      class << self
+
+        #  alternative implementation of the html5lib attribute scrubbing algorithm
+        def scrub_attributes(node)
+          node.attribute_nodes.each do |attr_node|
+            attr_name = if attr_node.namespace
+                          "#{attr_node.namespace.prefix}:#{attr_node.node_name}"
+                        else
+                          attr_node.node_name
+                        end
+            attr_node.remove unless HashedWhiteList::ALLOWED_ATTRIBUTES[attr_name]
+            if HashedWhiteList::ATTR_VAL_IS_URI[attr_name]
+              # this block lifted nearly verbatim from HTML5 sanitization
+              val_unescaped = CGI.unescapeHTML(attr_node.value).gsub(/`|[\000-\040\177\s]+|\302[\200-\240]/,'').downcase
+              if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ and HashedWhiteList::ALLOWED_PROTOCOLS[val_unescaped.split(':')[0]].nil?
+                attr_node.remove
+              end
+            end
+            if HashedWhiteList::SVG_ATTR_VAL_ALLOWS_REF[attr_name]
+              attr_node.value = attr_node.value.gsub(/url\s*\(\s*[^#\s][^)]+?\)/m, ' ') if attr_node.value
+            end
+            if HashedWhiteList::SVG_ALLOW_LOCAL_HREF[node.name] && attr_name == 'xlink:href' && attr_node.value =~ /^\s*[^#\s].*/m
+              attr_node.remove
+            end
+          end
+          if node.attributes['style']
+            node['style'] = scrub_css(node.attributes['style'])
+          end
+        end
+
+        #  lifted nearly verbatim from html5lib
+        def scrub_css(style)
+          # disallow urls
+          style = style.to_s.gsub(/url\s*\(\s*[^\s)]+?\s*\)\s*/, ' ')
+
+          # gauntlet
+          return '' unless style =~ /^([:,;#%.\sa-zA-Z0-9!]|\w-\w|\'[\s\w]+\'|\"[\s\w]+\"|\([\d,\s]+\))*$/
+          return '' unless style =~ /^\s*([-\w]+\s*:[^:;]*(;\s*|$))*$/
+
+          clean = []
+          style.scan(/([-\w]+)\s*:\s*([^:;]*)/) do |prop, val|
+            next if val.empty?
+            prop.downcase!
+            if HashedWhiteList::ALLOWED_CSS_PROPERTIES[prop]
+              clean << "#{prop}: #{val};"
+            elsif %w[background border margin padding].include?(prop.split('-')[0])
+              clean << "#{prop}: #{val};" unless val.split().any? do |keyword|
+                HashedWhiteList::ALLOWED_CSS_KEYWORDS[keyword].nil? and
+                  keyword !~ /^(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$/
+              end
+            elsif HashedWhiteList::ALLOWED_SVG_PROPERTIES[prop]
+              clean << "#{prop}: #{val};"
+            end
+          end
+
+          style = clean.join(' ')
+        end
+
+      end
+
+    end
+  end
+end
+

data/lib/loofah/html5/whitelist.rb

@@ -0,0 +1,170 @@
+module Loofah
+  module HTML5
+    #
+    #  HTML whitelist lifted from HTML5lib sanitizer code:
+    #
+    #    http://code.google.com/p/html5lib/
+    #
+    # <html5_license>
+    #
+    #   Copyright (c) 2006-2008 The Authors
+    #
+    #   Contributors:
+    #   James Graham - jg307@cam.ac.uk
+    #   Anne van Kesteren - annevankesteren@gmail.com
+    #   Lachlan Hunt - lachlan.hunt@lachy.id.au
+    #   Matt McDonald - kanashii@kanashii.ca
+    #   Sam Ruby - rubys@intertwingly.net
+    #   Ian Hickson (Google) - ian@hixie.ch
+    #   Thomas Broyer - t.broyer@ltgt.net
+    #   Jacques Distler - distler@golem.ph.utexas.edu
+    #   Henri Sivonen - hsivonen@iki.fi
+    #   The Mozilla Foundation (contributions from Henri Sivonen since 2008)
+    #
+    #   Permission is hereby granted, free of charge, to any person
+    #   obtaining a copy of this software and associated documentation
+    #   files (the "Software"), to deal in the Software without
+    #   restriction, including without limitation the rights to use, copy,
+    #   modify, merge, publish, distribute, sublicense, and/or sell copies
+    #   of the Software, and to permit persons to whom the Software is
+    #   furnished to do so, subject to the following conditions:
+    #
+    #   The above copyright notice and this permission notice shall be
+    #   included in all copies or substantial portions of the Software.
+    #
+    #   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+    #   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+    #   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+    #   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+    #   HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+    #   WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    #   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+    #   DEALINGS IN THE SOFTWARE.
+    #
+    # </html5_license>
+    module WhiteList
+      ACCEPTABLE_ELEMENTS = %w[a abbr acronym address area b big blockquote br
+      button caption center cite code col colgroup dd del dfn dir div dl dt
+      em fieldset font form h1 h2 h3 h4 h5 h6 hr i img input ins kbd label
+      legend li map menu ol optgroup option p pre q s samp select small span
+      strike strong sub sup table tbody td textarea tfoot th thead tr tt u
+      ul var]
+
+      MATHML_ELEMENTS = %w[annotation annotation-xml maction math merror mfrac
+      mfenced mi mmultiscripts mn mo mover mpadded mphantom mprescripts mroot mrow
+      mspace msqrt mstyle msub msubsup msup mtable mtd mtext mtr munder
+      munderover none semantics]
+
+      SVG_ELEMENTS = %w[a animate animateColor animateMotion animateTransform
+      circle defs desc ellipse font-face font-face-name font-face-src foreignObject
+      g glyph hkern linearGradient line marker metadata missing-glyph
+      mpath path polygon polyline radialGradient rect set stop svg switch
+      text title tspan use]
+
+      ACCEPTABLE_ATTRIBUTES = %w[abbr accept accept-charset accesskey action
+      align alt axis border cellpadding cellspacing char charoff charset
+      checked cite class clear cols colspan color compact coords datetime
+      dir disabled enctype for frame headers height href hreflang hspace id
+      ismap label lang longdesc maxlength media method multiple name nohref
+      noshade nowrap prompt readonly rel rev rows rowspan rules scope
+      selected shape size span src start style summary tabindex target title
+      type usemap valign value vspace width xml:lang]
+
+      MATHML_ATTRIBUTES = %w[actiontype align close columnalign columnalign
+      columnalign columnlines columnspacing columnspan depth display
+      displaystyle encoding equalcolumns equalrows fence fontstyle fontweight
+      frame height linethickness lspace mathbackground mathcolor mathvariant
+      mathvariant maxsize minsize open other rowalign rowalign rowalign rowlines
+      rowspacing rowspan rspace scriptlevel selection separator separators
+      stretchy width width xlink:href xlink:show xlink:type xmlns xmlns:xlink]
+
+      SVG_ATTRIBUTES = %w[accent-height accumulate additive alphabetic
+       arabic-form ascent attributeName attributeType baseProfile bbox begin
+       by calcMode cap-height class color color-rendering content cx cy d dx
+       dy descent display dur end fill fill-opacity fill-rule font-family
+       font-size font-stretch font-style font-variant font-weight from fx fy g1
+       g2 glyph-name gradientUnits hanging height horiz-adv-x horiz-origin-x id
+       ideographic k keyPoints keySplines keyTimes lang marker-end
+       marker-mid marker-start markerHeight markerUnits markerWidth
+       mathematical max min name offset opacity orient origin
+       overline-position overline-thickness panose-1 path pathLength points
+       preserveAspectRatio r refX refY repeatCount repeatDur
+       requiredExtensions requiredFeatures restart rotate rx ry slope stemh
+       stemv stop-color stop-opacity strikethrough-position
+       strikethrough-thickness stroke stroke-dasharray stroke-dashoffset
+       stroke-linecap stroke-linejoin stroke-miterlimit stroke-opacity
+       stroke-width systemLanguage target text-anchor to transform type u1
+       u2 underline-position underline-thickness unicode unicode-range
+       units-per-em values version viewBox visibility width widths x
+       x-height x1 x2 xlink:actuate xlink:arcrole xlink:href xlink:role
+       xlink:show xlink:title xlink:type xml:base xml:lang xml:space xmlns
+       xmlns:xlink y y1 y2 zoomAndPan]
+
+      ATTR_VAL_IS_URI = %w[href src cite action longdesc xlink:href xml:base]
+
+      SVG_ATTR_VAL_ALLOWS_REF = %w[clip-path color-profile cursor fill
+      filter marker marker-start marker-mid marker-end mask stroke]
+
+      SVG_ALLOW_LOCAL_HREF = %w[altGlyph animate animateColor animateMotion
+      animateTransform cursor feImage filter linearGradient pattern
+      radialGradient textpath tref set use]
+
+      ACCEPTABLE_CSS_PROPERTIES = %w[azimuth background-color
+      border-bottom-color border-collapse border-color border-left-color
+      border-right-color border-top-color clear color cursor direction
+      display elevation float font font-family font-size font-style
+      font-variant font-weight height letter-spacing line-height overflow
+      pause pause-after pause-before pitch pitch-range richness speak
+      speak-header speak-numeral speak-punctuation speech-rate stress
+      text-align text-decoration text-indent unicode-bidi vertical-align
+      voice-family volume white-space width]
+
+      ACCEPTABLE_CSS_KEYWORDS = %w[auto aqua black block blue bold both bottom
+      brown center collapse dashed dotted fuchsia gray green !important
+      italic left lime maroon medium none navy normal nowrap olive pointer
+      purple red right solid silver teal top transparent underline white
+      yellow]
+
+      ACCEPTABLE_SVG_PROPERTIES = %w[fill fill-opacity fill-rule stroke
+      stroke-width stroke-linecap stroke-linejoin stroke-opacity]
+
+      ACCEPTABLE_PROTOCOLS = %w[ed2k ftp http https irc mailto news gopher nntp
+      telnet webcal xmpp callto feed urn aim rsync tag ssh sftp rtsp afs]
+
+      # subclasses may define their own versions of these constants
+      ALLOWED_ELEMENTS = ACCEPTABLE_ELEMENTS + MATHML_ELEMENTS + SVG_ELEMENTS
+      ALLOWED_ATTRIBUTES = ACCEPTABLE_ATTRIBUTES + MATHML_ATTRIBUTES + SVG_ATTRIBUTES
+      ALLOWED_CSS_PROPERTIES = ACCEPTABLE_CSS_PROPERTIES
+      ALLOWED_CSS_KEYWORDS = ACCEPTABLE_CSS_KEYWORDS
+      ALLOWED_SVG_PROPERTIES = ACCEPTABLE_SVG_PROPERTIES
+      ALLOWED_PROTOCOLS = ACCEPTABLE_PROTOCOLS
+
+      VOID_ELEMENTS = %w[
+        base
+        link
+        meta
+        hr
+        br
+        img
+        embed
+        param
+        area
+        col
+        input
+      ]
+    end      
+
+    #
+    #  The HTML5lib whitelist arrays, transformed into hashes for faster lookup.
+    #
+    module HashedWhiteList
+      WhiteList.constants.each do |constant|
+        next unless WhiteList.module_eval("#{constant}").is_a?(Array)
+        module_eval <<-CODE
+        #{constant} = {}
+        WhiteList::#{constant}.each { |c| #{constant}[c] = true ; #{constant}[c.downcase] = true }
+      CODE
+      end
+    end
+  end
+end