Sanitize

Sanitize is an allowlist-based HTML and CSS sanitizer. It removes all HTML and/or CSS from a string except the elements, attributes, and properties you choose to allow. Using a simple configuration syntax, you can tell Sanitize to allow certain HTML elements, certain attributes within those elements, and even certain URL protocols within attributes that contain URLs. You can also allow specific CSS properties, @ rules, and URL protocols in elements or attributes containing CSS. Any HTML or CSS that you don't explicitly allow will be removed. Sanitize is based on the Nokogiri HTML5 parser, which parses HTML the same way modern browsers do, and Crass, which parses CSS the same way modern browsers do. As long as your allowlist config only allows safe markup and CSS, even the most malformed or malicious input will be transformed into safe output.

Features

HTML fragments
HTML documents
CSS stylesheets inside HTML style elements
CSS properties inside HTML style attributes
Standalone CSS stylesheets
Standalone CSS properties

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow Sanitize

Sanitize Web Site

Other Useful Business Software

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Reviews

Be the first to post a review of Sanitize!

Additional Project Details

Programming Language

Ruby

Related Categories

Ruby HTML XHTML

Registered

2023-04-21

Similar Business Software

Pinegrow

Pinegrow is a Mac, Windows and Linux web editor that lets you build responsive websites faster with live multi-page editing, CSS & SASS styling, CSS Grid editor and support for Bootstrap, Tailwind CSS, Foundation and WordPress. Pinegrow is a desktop website builder that opens and saves standard...

See Software
Adobe Dreamweaver

Responsive websites. Really fast. Build beautiful sites for any browser or device. Quickly create and publish web pages almost anywhere with web design software that supports HTML, CSS, JavaScript, and more. Create, code, and manage dynamic websites easily with a smart, simplified coding engine....

See Software
Apache NetBeans

Apache NetBeans is a versatile, open-source Integrated Development Environment (IDE) used for developing applications across a wide range of programming languages, including Java, JavaScript, PHP, HTML5, and C/C++. Known for its modular architecture, NetBeans provides robust tools and features...

See Software
Sublime Text

A sophisticated text editor for code, markup and prose. Use Goto Anything to open files with only a few keystrokes, and instantly jump to symbols, lines or words. Make ten changes at the same time, not one change ten times. Multiple selections allow you to interactively change many lines at...

See Software
SeaMonkey

SeaMonkey is an all-in-one Internet application suite that combines a web browser, email and newsgroup client, feed reader, IRC chat, and HTML editor into one powerful platform. Developed by the SeaMonkey community, it continues the legacy of the classic Netscape and Mozilla suites with a...

See Software
Vim

Vim is a highly configurable text editor built for creating and changing any kind of text efficiently. It is included as "vi" with most UNIX systems and with Apple OS X. Vim is rock stable and is continuously being developed to become even better. Vim is persistent, multi-level, with an...

See Software