insane - Lean and configurable whitelist-oriented HTML sanitizer

  •        152

insane is a lean and configurable whitelist-oriented HTML sanitizer. It works well in browsers, as its footprint size is very small (around ~2kb gzipped). API inspired by sanitize-html (which is around 100kb gzipped).Contrary to similar sanitizers, insane drops the whole tree of descendants for elements that aren't allowed tags.

https://github.com/bevacqua/insane
https://ponyfoo.com/

Tags
Implementation
License
Platform

   




Related Projects

Bluemonday - A fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

  •    Go

bluemonday is a HTML sanitizer implemented in Go. It is fast and highly configurable.bluemonday takes untrusted user generated content as an input, and will return HTML that has been sanitised against a whitelist of approved HTML elements and attributes so that you can safely include the content in your web page.

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG

  •    Javascript

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify sanitizes HTML and prevents XSS attacks. You can feed DOMPurify with string full of dirty HTML and it will return a string (unless configured otherwise) with clean HTML. DOMPurify will strip out everything that contains dangerous HTML and thereby prevent XSS attacks and other nastiness.

sanitize-html - provides a simple HTML sanitizer with a clear API

  •    Javascript

sanitize-html provides a simple HTML sanitizer with a clear API. sanitize-html is tolerant. It is well suited for cleaning up HTML fragments such as those created by ckeditor and other rich text editors. It is especially handy for removing unwanted CSS when copying and pasting from Word.

(X)HTML Markup Sanitizer

  •    CSharp

The XHTML Markup Sanitizer takes untrusted (X)HTML and massages it into real, trusted XHTML. It's particularly useful with content management systems where users are in control of markup, but you want to target XHTML1.1.

Sanitize.js - Sanitize.js is a whitelist-based HTML sanitizer.

  •    Javascript

Sanitize.js is a whitelist-based HTML sanitizer. Given a list of acceptable elements and attributes, Sanitize.js will remove all unacceptable HTML from a DOM node. Using a simple configuration syntax, you can tell Sanitize to allow certain elements, certain attributes within those elements, and even certain URL protocols within attributes that contain URLs. Any HTML elements or attributes that you don't explicitly allow will be removed.


markdown - A super fast, highly extensible markdown parser for PHP

  •    HTML

A set of PHP classes, each representing a Markdown flavor, and a command line tool for converting markdown files to HTML files. The implementation focus is to be fast (see benchmark) and extensible. Parsing Markdown to HTML is as simple as calling a single method (see Usage) providing a solid implementation that gives most expected results even in non-trivial edge cases.

HTML Purifier - Standards compliant HTML filter written in PHP

  •    PHP

HTML Purifier is an HTML filtering solution that uses a unique combination of robust whitelists and agressive parsing to ensure that not only are XSS attacks thwarted, but the resulting HTML is standards compliant.

flow-netbeans-markdown - Markdown file support for the NetBeans IDE

  •    Java

A NetBeans IDE plugin which adds Markdown support. This plugin provides basic syntax highlighting, HTML preview and HTML export when editing a Markdown document. Markdown is a text-to-HTML conversion tool for web writers. Markdown allows you to write using an easy-to-read, easy-to-write plain text format, then convert it to structurally valid XHTML (or HTML).

HtmlSanitizer - Cleans HTML to avoid XSS attacks

  •    CSharp

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. It uses AngleSharp to parse, manipulate, and render HTML and CSS. Because HtmlSanitizer is based on a robust HTML parser it can also shield you from deliberate or accidental "tag poisoning" where invalid HTML in one fragment can corrupt the whole document leading to broken layout or style.

Sanitize.js - Sanitize.js is a whitelist-based HTML sanitizer.

  •    Javascript

Sanitize.js is a whitelist-based HTML sanitizer.

bleach - An easy, HTML5, whitelisting HTML sanitizer.

  •    Python

An easy, HTML5, whitelisting HTML sanitizer.

sanitize - Whitelist-based Ruby HTML sanitizer.

  •    Ruby

Whitelist-based Ruby HTML sanitizer.

Caja-HTML-Sanitizer - Bundles Google Caja's HTML Sanitizer within a npm installable node.js module

  •    Javascript

I don't have time to maintain this repo, and have long forgotten how any of it works. If anyone would like to take on ownership, please let me know.

showdown - A bidirectional Markdown to HTML to Markdown converter written in Javascript

  •    Javascript

Showdown is a Javascript Markdown to HTML converter, based on the original works by John Gruber. Showdown can be used client side (in the browser) or server side (with NodeJs). As you know, ShowdownJS is a free library and it will remain free forever. However, maintaining and improving the library costs time and money.

turndown - 🛏 An HTML to Markdown converter written in JavaScript

  •    HTML

Convert HTML into Markdown with JavaScript. For usage with RequireJS, UMD versions are located in lib/turndown.umd.js (for Node.js) and lib/turndown.browser.umd.js for browser usage. These files are generated when the npm package is published. To generate them manually, clone this repo and run npm run build.

tomd - Convert HTML to Markdown.

  •    Python

When crawling online articles such as news, blogs, etc. I want to save them in markdown files but not databases. Tomd has the ability of converting a HTML that converted from markdown. If a HTML can't be described by markdown, tomd can't convert it right. Tomd is a python tool.

wxParse - wxParse-微信小程序富文本解析自定义组件,支持HTML及markdown解析

  •    Javascript

wxParse-微信小程序富文本解析自定义组件,支持HTML及markdown解析

Pandoc - General Markup Converter

  •    Haskell

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. It an convert documents in markdown, reStructuredText, textile, HTML, DocBook, or LaTeX to HTML formats, Word processor formats, PDF and other markup formats.

sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis

  •    Javascript

Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis

markdown-to-jsx - 🏭 The most lightweight, customizable React markdown component.

  •    Javascript

The most lightweight, customizable React markdown component. Any HTML tags rendered by the compiler and/or <Markdown> component can be overridden to include additional props or even a different HTML representation entirely.