DOMPurify
XSS sanitizer
A DOM-only XSS sanitizer for HTML, MathML, and SVG
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
14k stars
153 watching
741 forks
Language: JavaScript
last commit: 2 months ago
Linked from 6 awesome lists
cross-site-scriptingdomdompurifyhtmljavascriptmathmlprevent-xss-attackssanitizersecuritysvgxss
sorrycc/awesome-javascript
qazbnm456/awesome-web-security
jobbole/awesome-javascript-cn
lirantal/awesome-nodejs-security
jingwentian/awesome-frontend
pestov/best-of-awesomeness-and-usefulness-for-webdevRelated projects:
| Repository | Description | Stars |
|---|---|---|
 leizongmin/js-xss | Sanitizes untrusted HTML to prevent cross-site scripting attacks by filtering input based on a whitelist of allowed tags and attributes. | 5,227 |
 apostrophecms/sanitize-html | A JavaScript library for cleaning up and sanitizing user-submitted HTML, removing unwanted content while preserving whitelisted elements and attributes. | 3,867 |
 csstools/sanitize.css | A collection of CSS stylesheets providing consistent, cross-browser default styling and normalization for various HTML elements. | 5,232 |
 microcosm-cc/bluemonday | A fast and highly configurable HTML sanitizer that protects against cross-site scripting (XSS) attacks by scrubbing user-generated content against an allowlist of safe elements and attributes. | 3,241 |
 necolas/normalize.css | A CSS reset that preserves useful defaults and corrects common browser inconsistencies. | 52,625 |
 ezyang/htmlpurifier | An HTML filtering solution that ensures documents from untrusted sources are standards compliant and safe from XSS attacks. | 3,106 |
 fb55/htmlparser2 | A fast and forgiving HTML parser with a focus on minimal allocations | 4,474 |
 webreflection/hyperhtml | A lightweight virtual DOM alternative built on top of HTML template literals | 3,071 |
 docsifyjs/docsify | Generates websites from Markdown files with no build process required | 28,044 |
 evilstreak/markdown-js | A Markdown parser that produces well-formed HTML with intermediate representation and supports extensibility | 7,697 |
 licitdev/directus-extension-sanitize-html | An extension that sanitizes user-provided HTML input data to prevent XSS attacks | 7 |
 xemlock/htmlpurifier-html5 | A library that provides HTML5 element definitions and sanitization rules for the popular HTML Purifier library | 101 |
 hahwul/dalfox | Automates the process of identifying vulnerabilities in web applications by scanning for cross-site scripting (XSS) flaws and analyzing parameters. | 3,820 |
 sindresorhus/modern-normalize | Creates a standardized CSS style sheet for modern web browsers | 6,379 |
 payloadbox/xss-payload-list | A collection of scripts and payloads designed to exploit Cross-Site Scripting (XSS) vulnerabilities in web applications. | 6,484 |