use strict;
use Moo;
=head1 NAME
Articulate::Validation::NoScript
=head1 DESCRIPTION
An example validator to do a rudimentary check to see if the content has the text "<script" in it, to prevent users from injecting scripts directly into your application.
It doesn't thoroughly prevent Javascript injection, an onload attribute might do just as well.
=head1 METHODS
=head3 validate
Returns true if the content contains qr/<script/i; false otherwise.
It does not look at the meta to determine content type so might behave unexpectedly, e.g. if called on plain text.
=cut
sub validate {
my $self = shift;
my $item = shift;
return ( $item->content !~ /<script/i );
}
1;