DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
OTHER License
Bot releases are hidden (Show)
Published by cure53 6 months ago
Published by cure53 6 months ago
Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.
Published by cure53 6 months ago
Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.
Published by cure53 6 months ago
SAFE_FOR_XML
to enable better control over comment scrubbingPublished by cure53 6 months ago
SAFE_FOR_XML
to enable better control over comment scrubbingPublished by cure53 7 months ago
Published by cure53 7 months ago
Published by cure53 7 months ago
Published by cure53 7 months ago
Published by cure53 7 months ago
Published by cure53 8 months ago
hasOwnProperty
logic, thanks @ssi02014console.warn
making HappyDom happier, thanks @HugoPoiPublished by cure53 10 months ago
Published by cure53 10 months ago
Published by cure53 about 1 year ago
Published by cure53 over 1 year ago
Published by cure53 over 1 year ago
Published by cure53 over 1 year ago
shadowrootmod
which should be shadowrootmode
, thanks @masatokinugawaPublished by cure53 over 1 year ago
noframes
element is permitted, thanks @leeNPublished by cure53 over 1 year ago
TRUSTED_TYPES_POLICY
configuration option, thanks @dejangfeDropShadow
to the SVG filter allow-list, thanks @SelfMadeSystem