Big news!Introducing Socket AI - ChatGPT-Powered Threat Analysis.Learn more


Package Overview
File Explorer

Advanced tools


Fast & forgiving HTML/XML parser


Version published
Weekly downloads
increased by7.07%

Weekly downloads




Breaking Changes

  • The tokenizer now uses the EntityDecoder from the entities module
    • Parsing of entities in attributes is now aligned with the HTML spec, and some inputs will produce different results. Eg. in <a href='&amp=boo'> the attribute value won't be modified any more.
    • The ontextentity tokenizer callback now has an endIndex argument; if you use the tokenizer directly, make sure indices are still the same.
  • Stacks inside the parser have been reversed.


  • Added a createDocumentStream function, analogous to createDomStream (which is now deprecated)

Full Changelog:




NPM version Downloads Node.js CI Coverage

The fast & forgiving HTML/XML parser.

htmlparser2 is the fastest HTML parser, and takes some shortcuts to get there. If you need strict HTML spec compliance, have a look at parse5.


npm install htmlparser2

A live demo of htmlparser2 is available on AST Explorer.


htmlparser2Fast & forgiving HTML/XML parser
domhandlerHandler for htmlparser2 that turns documents into a DOM
domutilsUtilities for working with domhandler's DOM
css-selectCSS selector engine, compatible with domhandler's DOM
cheerioThe jQuery API for domhandler's DOM
dom-serializerSerializer for domhandler's DOM


htmlparser2 itself provides a callback interface that allows consumption of documents with minimal allocations. For a more ergonomic experience, read Getting a DOM below.

import * as htmlparser2 from "htmlparser2"; const parser = new htmlparser2.Parser({ onopentag(name, attributes) { /* * This fires when a new tag is opened. * * If you don't need an aggregated `attributes` object, * have a look at the `onopentagname` and `onattribute` events. */ if (name === "script" && attributes.type === "text/javascript") { console.log("JS! Hooray!"); } }, ontext(text) { /* * Fires whenever a section of text was processed. * * Note that this can fire at any point within text and you might * have to stitch together multiple pieces. */ console.log("-->", text); }, onclosetag(tagname) { /* * Fires when a tag is closed. * * You can rely on this event only firing when you have received an * equivalent opening tag before. Closing tags without corresponding * opening tags will be ignored. */ if (tagname === "script") { console.log("That's it?!"); } }, }); parser.write( "Xyz <script type='text/javascript'>const foo = '<<bar>>';</script>" ); parser.end();

Output (with multiple text events combined):

--> Xyz JS! Hooray! --> const foo = '<<bar>>'; That's it?!

This example only shows three of the possible events. Read more about the parser, its events and options in the wiki.

Usage with streams

While the Parser interface closely resembles Node.js streams, it's not a 100% match. Use the WritableStream interface to process a streaming input:

import { WritableStream } from "htmlparser2/lib/WritableStream"; const parserStream = new WritableStream({ ontext(text) { console.log("Streaming:", text); }, }); const htmlStream = fs.createReadStream("./my-file.html"); htmlStream.pipe(parserStream).on("finish", () => console.log("done"));

Getting a DOM

The DomHandler produces a DOM (document object model) that can be manipulated using the DomUtils helper.

import * as htmlparser2 from "htmlparser2"; const dom = htmlparser2.parseDocument(htmlString);

The DomHandler, while still bundled with this module, was moved to its own module. Have a look at that for further information.

Parsing Feeds

htmlparser2 makes it easy to parse RSS, RDF and Atom feeds, by providing a parseFeed method:

const feed = htmlparser2.parseFeed(content, options);


After having some artificial benchmarks for some time, @AndreasMadsen published his htmlparser-benchmark, which benchmarks HTML parses based on real-world websites.

At the time of writing, the latest versions of all supported parsers show the following performance characteristics on GitHub Actions (sourced from here):

htmlparser2 : 2.17215 ms/file ± 3.81587 node-html-parser : 2.35983 ms/file ± 1.54487 html5parser : 2.43468 ms/file ± 2.81501 neutron-html5parser: 2.61356 ms/file ± 1.70324 htmlparser2-dom : 3.09034 ms/file ± 4.77033 html-dom-parser : 3.56804 ms/file ± 5.15621 libxmljs : 4.07490 ms/file ± 2.99869 htmljs-parser : 6.15812 ms/file ± 7.52497 parse5 : 9.70406 ms/file ± 6.74872 htmlparser : 15.0596 ms/file ± 89.0826 html-parser : 28.6282 ms/file ± 22.6652 saxes : 45.7921 ms/file ± 128.691 html5 : 120.844 ms/file ± 153.944

How does this module differ from node-htmlparser?

In 2011, this module started as a fork of the htmlparser module. htmlparser2 was rewritten multiple times and, while it maintains an API that's mostly compatible with htmlparser, the projects don't share any code anymore.

The parser now provides a callback interface inspired by sax.js (originally targeted at readabilitySAX). As a result, old handlers won't work anymore.

The DefaultHandler was renamed to clarify its purpose (to DomHandler). The old name is still available when requiring htmlparser2 and your code should work as expected.

The RssHandler was replaced with a getFeed function that takes a DomHandler DOM and returns a feed object. There is a parseFeed helper function that can be used to parse a feed from a string.

Security contact information

To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.

htmlparser2 for enterprise

Available as part of the Tidelift Subscription.

The maintainers of htmlparser2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. Learn more.



Last updated on 10 May 2023

Did you know?

Socket installs a Github app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.

Install Socket
Socket SOC 2 Logo


  • Package Issues
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc