
Security News
npm Adopts OIDC for Trusted Publishing in CI/CD Workflows
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
html-purify
Advanced tools
Supply Chain Security
Vulnerability
Quality
Maintenance
License
HTML5 Purifier - a fast and small footprint HTML5 purifier. The module uses a whitelist based approach to filter malicious characters,tags, attributes and attribute values while keeping the resulting output HTML5 compliant. It uses context parser for parsing the input string, xss filters for filtering URI attribute values and css-js for filtering CSS data within the HTML input.
Install html-purify from the npm repo
npm install html-purify
Server side use(nodejs)
/* create the html purifier */
var Purifier = require('html-purify');
var purifier = new Purifier();
var input = '...';
/* filter the input string */
var result = purifier.purify(input);
npm install
npm run-script build
npm test
This software is free to use under the Yahoo Inc. BSD license. See the LICENSE file for license text and copyright information.
FAQs
HTML5 Purifier
The npm package html-purify receives a total of 92 weekly downloads. As such, html-purify popularity was classified as not popular.
We found that html-purify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.