Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
@ciscospark/helper-html
Advanced tools
HTML filter for the Cisco Webex JS SDK. See https://webex.github.io/spark-js-sdk/
Note: This package relies on DOM apis and largely returns noops in node environments.
npm install --save @ciscospark/helper-html
filter(allowedTags, allowedStyles, html)
Filters an html string such that it only includes the allowed tags and styles. Disallowed tags and styles are removed while their contents are kept.
allowedTags
is an object keyed on tag name mapped to an array of attribuets allowed for that tag.
allwedStyles
is an array of allowed style string.
html
is a string.
Returns a promise that resolves with the new html string.
filterSync()
See filter()
filterEscape(processCallback, allowedTags, allowedStyles, html)
Filters an html string such that it only includes the allowed tags and styles. Disallowed tags and styles and their children are escaped.
processCallback
synchronous callback that receives the body of the html fragment generated from html
. Presents an opportunity to do preprocessing (e.g turn urls into links) without parsing html mulitple
times
allowedTags
is an object keyed on tag name mapped to an array of attribuets allowed for that tag.
allwedStyles
is an array of allowed style string.
html
is a string.
Returns a promise that resolves with the new html string.
filterEscapeSync()
See filterEscape()
This package is maintained by Cisco Webex for Developers.
Pull requests welcome. Please see CONTRIBUTING.md for more details.
© 2016-2018 Cisco and/or its affiliates. All Rights Reserved.
FAQs
HTML Utiltities
We found that @ciscospark/helper-html demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.