bluemonday
HTML sanitizer
A fast and highly configurable HTML sanitizer that protects against cross-site scripting (XSS) attacks by scrubbing user-generated content against an allowlist of safe elements and attributes.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
3k stars
38 watching
178 forks
Language: Go
last commit: 8 months ago
Linked from 3 awesome lists
allowlistgogolanghtmlowaspsanitizationsecurityxss
avelino/awesome-go
loveoss/awesome-cobol
xwjdsh/awesome-go-extraRelated projects:
| Repository | Description | Stars |
|---|---|---|
 leizongmin/js-xss | Sanitizes untrusted HTML to prevent cross-site scripting attacks by filtering input based on a whitelist of allowed tags and attributes. | 5,227 |
 marksweb/django-bleach | Sanitizes user input HTML to prevent XSS attacks. | 149 |
 apostrophecms/sanitize-html | A JavaScript library for cleaning up and sanitizing user-submitted HTML, removing unwanted content while preserving whitelisted elements and attributes. | 3,867 |
 cure53/dompurify | A DOM-only XSS sanitizer for HTML, MathML, and SVG | 14,245 |
 mganss/htmlsanitizer | A library that cleans HTML to prevent cross-site scripting attacks | 1,573 |
 russross/blackfriday | A markdown processor implemented in Go, supporting common extensions and fast utf-8 input processing. | 5,476 |
 gopherjs/gopherjs | Compiles Go code to JavaScript for running in browsers | 12,785 |
 justinas/nosurf | Protects against Cross-Site Request Forgery (CSRF) attacks in web applications by verifying user input | 1,603 |
 payloadbox/xss-payload-list | A collection of scripts and payloads designed to exploit Cross-Site Scripting (XSS) vulnerabilities in web applications. | 6,484 |
 maruel/panicparse | Analyze crash dumps from Go applications to deduce and prioritize problematic goroutines | 3,533 |
 go-kit/kit | A toolkit for building microservices in Go | 26,684 |
 gophish/gophish | An open-source toolkit designed to help businesses and penetration testers execute simulated phishing attacks and security awareness training. | 11,868 |
 google/sanitizers | Maintains documentation and helper code for a set of sanitizers to detect and prevent common programming errors. | 11,610 |
 symfony/html-sanitizer | Provides an object-oriented API to sanitize untrusted HTML input | 241 |
 hipotermia/vaya-ciego-nen | Detects and exploits Blind Cross-site scripting (XSS) vulnerabilities to retrieve sensitive information and control user interactions. | 41 |