Skip to content
/ JSanity Public
forked from microsoft/JSanity

A secure-by-default, performance, cross-browser client-side HTML sanitization library

License

View license
6 stars 41 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

FreelancePentester/JSanity

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
AUTHORS
AUTHORS
 
 
CONTRIBUTORS
CONTRIBUTORS
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
jsanity-0.2.js
jsanity-0.2.js
 
 
jsanity-benchmark-pretty.htm
jsanity-benchmark-pretty.htm
 
 
jsanity-demo-pretty.htm
jsanity-demo-pretty.htm
 
 

Repository files navigation

jSanity

A secure-by-default, performant, cross-browser client-side HTML sanitization library.

Reference:
OWASP AppSec EU 2013 Talk
Slides

Status

jSanity was just recently revived from two years of cold storage. Only very minimal changes have been made so far since the code was originally developed.

Demo / Benchmark pages

Demo
Benchmark

Todo

  • Support for more elements and attributes.
  • setImmediate didn't gain traction. Switch to an alternative approach.
    • For now jSanity uses a polyfill.
  • Update / document the demo & benchmark pages
  • Unit tests
  • Remove requirement for jQuery (?)
  • Better solution for STYLE elements
  • Integration with one or more javascript frameworks
  • Experimental override for default sanitization in various web platforms
  • Leverage newer features of the web platform (Shadow DOM, etc.)

Special thanks for making jSanity a reality:

  • Ben Livshits
  • Gareth Heyes
  • Loris D'Antoni
  • Mario Heiderich
  • Matt Thomlinson
  • Michael Fanning

About

A secure-by-default, performance, cross-browser client-side HTML sanitization library

Resources

Readme

License

View license
Activity

Stars

6 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages

  • JavaScript 73.0%
  • HTML 27.0%