sanitize-caja

Sanitize HTML content using the Google Caja JsHtmlSanitizer and a set of basic assumptions, and a wrapper to make it all work in nodejs without global variable leaks and so on.

This is a slightly 'loosened' version of Caja's restrictions, to allow for things like images, links, and a few HTML5 elements.

api

`sanitize(html: string)` -> sanitized string

Sanitize a string of HTML content, returning a sanitized string.

install

npm install @mapbox/sanitize-caja

example

var sanitize = require('@mapbox/sanitize-caja');

document.write(sanitize(evilUserInput));

Name		Name	Last commit message	Last commit date
Latest commit History 26 Commits
test		test
.travis.yml		.travis.yml
CHANGELOG.md		CHANGELOG.md
LICENSE.txt		LICENSE.txt
README.md		README.md
SEE_ALSO.md		SEE_ALSO.md
index.js		index.js
package.json		package.json
sanitizer-bundle.js		sanitizer-bundle.js

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

sanitize-caja

api

`sanitize(html: string)` -> sanitized string

install

example

see also

About

Releases

Packages

Contributors 2

Languages

License

mapbox/sanitize-caja

Folders and files

Latest commit

History

Repository files navigation

sanitize-caja

api

sanitize(html: string) -> sanitized string

install

example

see also

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

`sanitize(html: string)` -> sanitized string

Packages