cockblock
Simple whitelist-based html sanitizer inspired by the SanitizationFilter
in GitHub's html-pipeline library.
Works in node (through cheerio) and in the browser
(through jquery), and weighs in ~ 2kb minimized.
API
var cockblock = require("cockblock");
cockblock(html[, options]);
cockblock.url(url[, options]);
In the browser, just include jquery and cockblock.js:
<script src="path/to/jquery.js" type="text/javascript"></script>
<script src="path/to/cockblock.js" type="text/javascript"></script>
Options
The library comes with a sensible set of defaults. You can override them
through cockblock.defaults
or simply pass the options inline.
cockblock.defaults = {
elements: ["a", "em", "strong"],
attributes: {
"a": ["href"],
"all": ["title"]
},
protocols: /^(http|https)/i
};
See lib/cockblock.js for the default set of allowed elements, attributes, and
supported protocols.
Contributing
Want to contribute? Great! Open an issue if you've found a bug, and pull
requests are always welcome.
git clone https://github.com/kumu/cockblock && cd cockblock
npm install -g mocha
npm install
make test # run tests within console / cheerio
make test-browser # run tests within browser / jquery