How to use the dompurify/dist/purify.es function in dompurify

To help you get started, we’ve selected a few dompurify examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github ampproject / amphtml / src / purifier.js View on Github external
} from './sanitation';
import {dev, user} from './log';
import {isAmp4Email} from './format';
import {removeElement} from './dom';
import {rewriteAttributeValue} from './url-rewrite';
import {startsWith} from './string';
import purify from 'dompurify/dist/purify.es';

/**
 * @typedef {{addHook: !Function, removeAllHooks: !Function, sanitize: !Function}}
 */
export let DomPurifyDef;

// TODO(choumx): Convert this into a class to avoid import side effects.
/** @private @const {!DomPurifyDef} */
const DomPurify = purify(self);

/** @private @const {string} */
const TAG = 'purifier';

/**
 * Tags that are only whitelisted for specific values of given attributes.
 * @private @const {!Object}>}
 */
const WHITELISTED_TAGS_BY_ATTRS = {
  'script': {
    'attribute': 'type',
    'values': ['application/json', 'application/ld+json'],
  },
};

const PURIFY_PROFILES = /** @type {!DomPurifyConfig} */ ({
github ampproject / amphtml / src / purifier.js View on Github external
export function createPurifier(doc, opt_config) {
  const domPurify = purify(self);
  const config = Object.assign(opt_config || {}, standardPurifyConfig());
  domPurify.setConfig(config);
  addPurifyHooks(domPurify, doc);
  return domPurify;
}

dompurify

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin

(MPL-2.0 OR Apache-2.0)
Latest version published 2 days ago

Package Health Score

91 / 100
Full package analysis