Displaying 1 to 2 from 2 results

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG

  •    Javascript

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify sanitizes HTML and prevents XSS attacks. You can feed DOMPurify with string full of dirty HTML and it will return a string (unless configured otherwise) with clean HTML. DOMPurify will strip out everything that contains dangerous HTML and thereby prevent XSS attacks and other nastiness.

ember-purify - Purify your html content before marking it safe

  •    Javascript

When you need to render user provided HTML content but don't want to trust the user content with Ember's Ember.String.htmlSafe or {{{ }}}. Uses DOMPurify to sanitize HTML & SVG. I strongly recommend you watch the video linked under the inspiration section. See XSS in action in Ember in this twiddle. You can also run ember serve to see the above mentioned approaches along with the purify-dom helper. Inspect the DOM on all three broken images to see the difference.