Skip to content
sanitize html
JavaScript
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
test
.travis.yml
CHANGELOG.md
LICENSE.txt
README.md
SEE_ALSO.md
index.js
package.json
sanitizer-bundle.js

README.md

Build Status

sanitize-caja

Sanitize HTML content using the Google Caja JsHtmlSanitizer and a set of basic assumptions, and a wrapper to make it all work in nodejs without global variable leaks and so on.

This is a slightly 'loosened' version of Caja's restrictions, to allow for things like images, links, and a few HTML5 elements.

api

sanitize(html: string) -> sanitized string

Sanitize a string of HTML content, returning a sanitized string.

install

npm install @mapbox/sanitize-caja

example

var sanitize = require('@mapbox/sanitize-caja');

document.write(sanitize(evilUserInput));

see also

You can’t perform that action at this time.