# `MishkaGervaz.Table.Web.Events.SanitizationHandler`
[🔗](https://github.com/mishka-group/mishka_gervaz/blob/v0.0.1-alpha.3/lib/mishka_gervaz/table/web/events/sanitization_handler.ex#L1)

Handles input sanitization for Events module.

This module provides sanitization functions to prevent XSS and other
injection attacks from user input in event parameters.

## Customization

You can create a custom SanitizationHandler by using this module:

    defmodule MyApp.CustomSanitizationHandler do
      use MishkaGervaz.Table.Web.Events.SanitizationHandler

      # Custom sanitization that allows some HTML tags
      def sanitize(value) when is_binary(value) do
        HtmlSanitizeEx.basic_html(value)
      end
    end

Then configure it in your resource's DSL:

    mishka_gervaz do
      table do
        events do
          sanitization MyApp.CustomSanitizationHandler
        end
      end
    end

See `MishkaGervaz.Table.Web.Events`,
and the sibling handlers `RecordHandler`, `SelectionHandler`,
`BulkActionHandler`, `HookRunner`, `RelationFilterHandler`.

# `sanitize`

```elixir
@callback sanitize(value :: any()) :: any()
```

Sanitizes a value to prevent XSS and injection attacks.

## Examples

    iex> sanitize("<script>alert('xss')</script>test")
    "alert('xss')test"

    iex> sanitize(123)
    123

# `sanitize_column`
*optional* 

```elixir
@callback sanitize_column(column :: String.t()) :: atom()
```

Sanitizes a column name for sorting.

Returns the sanitized value as an existing atom, or raises ArgumentError
if the atom doesn't exist.

# `sanitize_page`
*optional* 

```elixir
@callback sanitize_page(page :: String.t() | integer()) :: integer()
```

Sanitizes a page number from params.

Returns an integer page number.

---

*Consult [api-reference.md](api-reference.md) for complete listing*