sanitize-html
Advanced tools
sanitize-html - npm Package Compare versions
Comparing version 1.8.0 to 1.9.0
14
index.js
@@ -37,4 +37,10 @@ var htmlparser = require('htmlparser2'); | ||
| options = sanitizeHtml.defaults; | ||
| options.parser = htmlParserDefaults; | ||
| } else { | ||
| options = extend(sanitizeHtml.defaults, options); | ||
| if (options.parser) { | ||
| options.parser = extend(htmlParserDefaults, options.parser); | ||
| } else { | ||
| options.parser = htmlParserDefaults; | ||
| } | ||
| } | ||
@@ -235,4 +241,3 @@ // Tags that contain something other than HTML, or where discarding | ||
| } | ||
| }, { decodeEntities: true }); | ||
| }, options.parser); | ||
| parser.write(html); | ||
@@ -289,2 +294,5 @@ parser.end(); | ||
| var htmlParserDefaults = { | ||
| decodeEntities: true | ||
| }; | ||
| sanitizeHtml.defaults = { | ||
@@ -326,2 +334,2 @@ allowedTags: [ 'h3', 'h4', 'h5', 'h6', 'blockquote', 'p', 'a', 'ul', 'ol', | ||
| }; | ||
| }; | ||
| }; |
| { | ||
| "name": "sanitize-html", | ||
| "version": "1.8.0", | ||
| "version": "1.9.0", | ||
| "description": "Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -88,3 +88,16 @@ # sanitize-html | ||
| ``` | ||
| ### htmlparser2 Options | ||
| `santizeHtml` is built on `htmlparser2`. By default the only option passed down is `decodeEntities: true` You can set the options to pass by using the parser option. | ||
| ```javascript | ||
| clean = sanitizeHtml(dirty, { | ||
| allowedTags: ['a'], | ||
| parser: { | ||
| lowerCaseTags: true | ||
| } | ||
| }); | ||
| ``` | ||
| See the [htmlparser2 wiki] (https://github.com/fb55/htmlparser2/wiki/Parser-options) for the full list of possible options. | ||
| ### Transformations | ||
@@ -230,2 +243,4 @@ | ||
| 1.9.0: `parser` option allows options to be passed directly to `htmlparser2. Thanks to Danny Scott. | ||
| 1.8.0: | ||
@@ -232,0 +247,0 @@ |
@@ -428,2 +428,21 @@ var assert = require("assert"); | ||
| }); | ||
| it('should respect htmlparser2 options when passed in', function() { | ||
| assert.equal( | ||
| sanitizeHtml("<Archer><Sterling>I am</Sterling></Archer>", { | ||
| allowedTags: false, | ||
| allowedAttributes: false, | ||
| }), | ||
| "<archer><sterling>I am</sterling></archer>" | ||
| ); | ||
| assert.equal( | ||
| sanitizeHtml("<Archer><Sterling>I am</Sterling></Archer>", { | ||
| allowedTags: false, | ||
| allowedAttributes: false, | ||
| parser: { | ||
| lowerCaseTags: false | ||
| } | ||
| }), | ||
| "<Archer><Sterling>I am</Sterling></Archer>" | ||
| ); | ||
| }); | ||
| }); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.87%
48120
- Lines of code
- increased by3.78%
742
- Number of lines in readme file
- increased by4.78%
329