sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis

  •        27

Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis

https://github.com/punkave/sanitize-html

Dependencies:

htmlparser2 : ^3.9.0
lodash.escaperegexp : ^4.1.2
xtend : ^4.0.0

Tags
Implementation
License
Platform

   




Related Projects

Bluemonday - A fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

  •    Go

bluemonday is a HTML sanitizer implemented in Go. It is fast and highly configurable.bluemonday takes untrusted user generated content as an input, and will return HTML that has been sanitised against a whitelist of approved HTML elements and attributes so that you can safely include the content in your web page.

DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG

  •    Javascript

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else using Blink or WebKit). DOMPurify is written by security people who have vast background in web attacks and XSS. Fear not.

Sanitize.js - Sanitize.js is a whitelist-based HTML sanitizer.

  •    Javascript

Sanitize.js is a whitelist-based HTML sanitizer. Given a list of acceptable elements and attributes, Sanitize.js will remove all unacceptable HTML from a DOM node. Using a simple configuration syntax, you can tell Sanitize to allow certain elements, certain attributes within those elements, and even certain URL protocols within attributes that contain URLs. Any HTML elements or attributes that you don't explicitly allow will be removed.

(X)HTML Markup Sanitizer

  •    CSharp

The XHTML Markup Sanitizer takes untrusted (X)HTML and massages it into real, trusted XHTML. It's particularly useful with content management systems where users are in control of markup, but you want to target XHTML1.1.

sanitize - Whitelist-based Ruby HTML sanitizer.

  •    Ruby

Whitelist-based Ruby HTML sanitizer.


HTML Purifier - Standards compliant HTML filter written in PHP

  •    PHP

HTML Purifier is an HTML filtering solution that uses a unique combination of robust whitelists and agressive parsing to ensure that not only are XSS attacks thwarted, but the resulting HTML is standards compliant.

HtmlSanitizer - Cleans HTML to avoid XSS attacks

  •    CSharp

HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. It uses AngleSharp to parse, manipulate, and render HTML and CSS. Because HtmlSanitizer is based on a robust HTML parser it can also shield you from deliberate or accidental "tag poisoning" where invalid HTML in one fragment can corrupt the whole document leading to broken layout or style.

Sanitize.js - Sanitize.js is a whitelist-based HTML sanitizer.

  •    Javascript

Sanitize.js is a whitelist-based HTML sanitizer.

bleach - An easy, HTML5, whitelisting HTML sanitizer.

  •    Python

An easy, HTML5, whitelisting HTML sanitizer.

Caja-HTML-Sanitizer - Bundles Google Caja's HTML Sanitizer within a npm installable node.js module

  •    Javascript

I don't have time to maintain this repo, and have long forgotten how any of it works. If anyone would like to take on ownership, please let me know.

parse5 - HTML parsing/serialization toolset for Node

  •    Javascript

HTML parsing/serialization toolset for Node.js. WHATWG HTML Living Standard (aka HTML5)-compliant.parse5 provides nearly everything you may need when dealing with HTML. It's the fastest spec-compliant HTML parser for Node to date. It parses HTML the way the latest version of your browser does. It has proven itself reliable in such projects as jsdom, Angular2, Polymer and many more.

Neko HTML Parser - simple HTML scanner

  •    Java

NekoHTML is a simple HTML scanner and tag balancer that enables application programmers to parse HTML documents and access the information using standard XML interfaces. The parser can scan HTML files and fix up many common mistakes that human (and computer) authors make in writing HTML documents. NekoHTML adds missing parent elements. Automatically closes elements with optional end tags and can handle mismatched inline element tags.

TagSoup - HTML/XML parser for Haskell

  •    Haskell

TagSoup is a library for parsing HTML/XML. It supports the HTML 5 specification, and can be used to parse either well-formed XML, or unstructured and malformed HTML from the web. The library also provides useful functions to extract information from an HTML document, making it ideal for screen-scraping.

sanitize - Package sanitize provides functions for sanitizing text in golang strings.

  •    Go

Package sanitize provides functions to sanitize html and paths with go (golang). Accents replaces a set of accented characters with ascii equivalents.

posthtml - PostHTML is a tool to transform HTML/XML with JS plugins

  •    Javascript

PostHTML is a tool for transforming HTML/XML with JS plugins. PostHTML itself is very small. It includes only a HTML parser, a HTML node tree API and a node tree stringifier. All HTML transformations are made by plugins. And these plugins are just small plain JS functions, which receive a HTML node tree, transform it, and return a modified tree.

Hpricot - HTML parser for Ruby

  •    C

Hpricot is a fast, flexible HTML parser. Hpricot can be handy for reading broken XML files, since many of the same techniques can be used. If a quote is missing, Hpricot tries to figure it out. If tags overlap, Hpricot works on sorting them out.

Html Agility Pack

  •    

This is an HTML parser that builds a read/write DOM from “real world” HTML files. It supports XPATH or XSLT and is tolerant with "real world" malformed HTML.

php-simple-html-dom-parser - PHP Simple HTML DOM Parser adaptation for Composer and PSR-0

  •    HTML

A HTML DOM parser written in PHP5+ let you manipulate HTML in a very easy way! Require PHP 5+. Supports invalid HTML. Find tags on an HTML page with selectors just like jQuery. Extract contents from HTML in a single line.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.