Node wrapper for caja sanitizer for html/css

npm install html-css-sanitizer
1 downloads in the last day
27 downloads in the last week
78 downloads in the last month


Port of the google caja html sanitizer library.


Require the library and go

var sanitizer = require('html-css-sanitizer');
function urlX(u) { return u } //url transformer (noop here)
function idX(id) { return id } //id transformer (noop here)
function sanitize (string) {
  return sanitizer.sanitize(string, urlX, idX);
var result = sanitize('test<script>console.log("hi there");</script>');

The default caja library doesn't handle self-closing tags in the best way, so I'm stealing a pull request from isaacs to create a smartSanitize method. To use that, do this:

function smartSanitize (string) {
  return sanitizer.smartSanitize(string, urlX, idX);
result = smartSanitize('<p><a name="foo"/> This is the foo section.</p><p><a name="bar"/> This is the bar section.</p>');

I'm NOT overwriting the original caja sanitize call because.

More info

npm loves you