0.1.3 • Published 8 years ago
sanitizer v0.1.3
Installation
npm install sanitizer
Require
var sanitizer = require('sanitizer');
Use
See /test/test-sanitzer.js for full documentation.
sanitizer.escape('your dirty string'); // Escapes HTML special characters in attribute values as HTML entities
var yourParser = sanitizer.makeSaxParser(yourHandler); // Given a SAX-like event handler, produce a function that feeds those events and a parameter to the event handler.
sanitizer.normalizeRCData('your dirty string'); // Escape entities in RCDATA that can be escaped without changing the meaning.
sanitizer.sanitize('your dirty string'); // Strips unsafe tags and attributes from html.
exports.unescapeEntities('your string'); // The plain text of a chunk of HTML CDATA which possibly containing.
Caveats
It's use this at your own risk really - Caja HTML Sanitizer was written by people far cleverer than me. I have just repackaged it to solve a problem I had (sanitization on a Node server). It seems to work, and it passes all its tests in re-packaged form - however I don't fully understand its internals so cannot guarantee its security.
More information
0.1.3
8 years ago
0.1.2
10 years ago
0.1.1
11 years ago
0.1.0
11 years ago
0.1.0-alpha
11 years ago
0.1.2-alpha
11 years ago
0.1.1-alpha
11 years ago
0.0.9
12 years ago
0.0.8
12 years ago
0.0.7
12 years ago
0.0.6
12 years ago
0.0.5
12 years ago
0.0.4
12 years ago
0.0.3
12 years ago
0.0.2
12 years ago
0.0.14
12 years ago
0.0.13
12 years ago
0.0.12
12 years ago
0.0.11
12 years ago
0.0.10
12 years ago
0.0.1
12 years ago
0.0.15
12 years ago