module Asciidoctor::SafeMode

Constants

SAFE

A safe mode level that closely parallels safe mode in AsciiDoc. This value prevents access to files which reside outside of the parent directory of the source file and disables any macro other than the include::[] directive.

SECURE

A safe mode level that disallows the document from attempting to read files from the file system and including the contents of them into the document, in additional to all the security features of SafeMode::SERVER. For instance, this level disallows use of the include::[] directive and the embedding of binary content (data uri), stylesheets and JavaScripts referenced by the document. (Asciidoctor and trusted extensions may still be allowed to embed trusted content into the document).

Since Asciidoctor is aiming for wide adoption, this level is the default and is recommended for server deployments.

SERVER

A safe mode level that disallows the document from setting attributes that would affect the conversion of the document, in addition to all the security features of SafeMode::SAFE. For instance, this level forbids changing the backend or source-highlighter using an attribute defined in the source document header. This is the most fundamental level of security for server deployments (hence the name).

UNSAFE

A safe mode level that disables any of the security features enforced by Asciidoctor (Ruby is still subject to its own restrictions).

Public Class Methods

name_for_value(value) click to toggle source

# File lib/asciidoctor.rb, line 97
def self.name_for_value value
  @names_by_value[value]
end

names() click to toggle source

# File lib/asciidoctor.rb, line 101
def self.names
  @names_by_value.values
end

value_for_name(name) click to toggle source

# File lib/asciidoctor.rb, line 93
def self.value_for_name name
  const_get name.upcase, false
end