Sanitises all changes in the given changeset that apply to field which are of the :string Ecto type.

By default it uses the HtmlSanitizeEx.strip_tags/1 function on any change that satisfies all of the following conditions:

1. The field associated with the change is of the type :string.
2. The field associated with the change is not in the blacklisted_fields list of opts as defined using the :except key in opts. Note that this function will change the value in the :changes map of an %Ecto.Changeset{} struct if the given changes are sanitized.

Examples

iex> attrs = %{string_field: "<script>Bad</script>"}
iex> result_changeset =
...>   attrs
...>   |> FakeEctoSchema.changeset()
...>   |> EctoSparkles.SanitiseStrings.strip_all_tags()
iex> result_changeset.changes
%{string_field: "Bad"}

Fields can be exempted from sanitization via the :except option.

iex> attrs = %{string_field: "<script>Bad</script>"}
iex> result_changeset =
...>   attrs
...>   |> FakeEctoSchema.changeset()
...>   |> EctoSparkles.SanitiseStrings.strip_all_tags(except: [:string_field])
iex> result_changeset.changes
%{string_field: "<script>Bad</script>"}

You can also specify a specific scrubber (by passing a function as reference):

ies> attrs

...>   |> FakeEctoSchema.changeset()
...>   |> EctoSparkles.SanitiseStrings.sanitise_strings(scrubber: HtmlSanitizeEx.Scrubber.html5/1)