Skip to content
Snippets Groups Projects
Select Git revision
  • develop default protected
  • master
  • 1.0.1
  • 1121-download
  • plugins-v3
  • 876-http-signature
  • plugins-v2
  • plugins
  • 1.0.1
  • 1.0
  • 1.0-rc1
  • 0.21.2
  • 0.21.1
  • 0.21
  • 0.21-rc2
  • 0.21-rc1
  • 0.20.1
  • 0.20.0
  • 0.20.0-rc1
  • 0.19.1
  • 0.19.0
  • 0.19.0-rc2
  • 0.19.0-rc1
  • 0.18.3
  • 0.18.2
  • 0.18.1
  • 0.18
  • 0.17
28 results

sanitize.js

Blame
    • Forked from funkwhale / funkwhale
    5126 commits behind the upstream repository.
    sanitize.js 683 B 
    import sanitizeHtml from "sanitize-html"

const allowedTags = [
  "h3",
  "h4",
  "h5",
  "h6",
  "blockquote",
  "p",
  "a",
  "ul",
  "ol",
  "nl",
  "li",
  "b",
  "i",
  "strong",
  "em",
  "strike",
  "code",
  "hr",
  "br",
  "div",
  "table",
  "thead",
  "caption",
  "tbody",
  "tr",
  "th",
  "td",
  "pre",
]
const allowedAttributes = {
  a: ["href", "name", "target"],
  // We don't currently allow img itself by default, but this
  // would make sense if we did. You could add srcset here,
  // and if you do the URL is checked for safety
  img: ["src"]
}

export default function sanitize(input) {
  return sanitizeHtml(input, {allowedAttributes, allowedAttributes})
}