On Thu, Apr 17, 2014 at 7:30 AM, Ken Kahn <[email protected]> wrote:
> Using the JavaScript sanitizer (html-sanitizer-minified.js) I would like > to do the sort of thing documented on > http://google-caja.googlecode.com/svn/doc/cajajs/index.html > > Running guest HTML from a URL > > [...] > > Is it possible to accomplish this using the JavaScript client sanitizer? > The only thing the html sanitizer module does is take a string of HTML and return a different string of HTML. - If you want to fetch content, you have to do that yourself. - If you want to execute scripts, that's just not supported at all. If you want scripts, you need the rest of Caja, which uses the same HTML sanitizer but adds hooks to handle scripts, as well as doing other things needed to set up a complete virtual page for the guest code. This is still entirely client-side JS (in modern Caja). -- --- You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
