Sanitize your HTML the easy way!
npm install bleach
Basic:
var bleach = require('bleach');
var html = bleach.sanitize(aBunchOfHTML);
console.log(html);
Advanced:
var bleach = require('bleach');
var whitelist = [
'a',
'b',
'i',
'em',
'strong'
]
var options = {
mode: 'white',
list: whitelist
}
var html = bleach.sanitize(aBunchOfHTML);
console.log(html);
Runs HTML through sanitizer and returns sanitized HTML as string.
options may contain the following optional attributes:
mode may be set to 'white' or 'black'list is an array containing tags to match againstwhitemode will remove all tags from html, excluding those in list
blackmode will remove all tags found in list that are found in html
Will extract all tags from HTML and return an array of JSON objects. Example return:
[
{
full: '<div id="post-119477">',
name: 'div',
attr: [
"id": "post-119477"
]
},
...
]
FAQs
A minimalistic HTML sanitizer
The npm package bleach receives a total of 349 weekly downloads. As such, bleach popularity was classified as not popular.
We found that bleach demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.