7 repositorios
Tools for parsing, normalizing, and transforming external HTML content into structured formats.
Distinguishing note: Focuses on transformation and normalization of pasted content rather than simple security-focused sanitization.
Explore 7 awesome GitHub repositories matching web development · HTML Sanitization Utilities. Refine with filters or upvote what's useful.
Quill is a modular, web-based rich text editor designed for structured content authoring. It provides a comprehensive toolkit for building tailored editing experiences, allowing developers to manage document state, handle user input, and synchronize content through a predictable, serializable data model. The editor distinguishes itself through a custom document abstraction that maps the browser DOM to a structured tree of nodes, ensuring consistent behavior across different environments. It utilizes an operational change tracking system that represents all document modifications as a sequence
Custom rules intercept pasted HTML content and transform it into the internal document format using CSS selectors and node type matching.
Trix is a rich text editor and WYSIWYG text component designed for composing and formatting documents with inline styling and block elements. It functions as an HTML content editor that manages and sanitizes input to ensure a secure and consistent document structure, while serving as a document state manager that tracks edit history and persists serialized state. The editor integrates directly with standard HTML forms, converting rich text into data for submission. It features a configurable sanitization engine that cleanses input HTML to remove unsupported tags and mitigate security risks.
Features a configurable sanitization engine that removes unsupported HTML tags to mitigate security risks.
DOMPurify is a security-focused library designed to sanitize untrusted HTML input, preventing cross-site scripting attacks by stripping malicious code while preserving safe content. It functions as a utility for secure document object model manipulation, ensuring that user-provided rich text can be rendered safely within web applications. The library distinguishes itself through a single-pass, mutation-observer-free processing model that operates on detached document fragments to avoid triggering unintended side effects. It employs recursive node traversal and context-aware logic to inspect a
Strips malicious code from untrusted HTML input to prevent cross-site scripting attacks in web applications.
This project is a browser-based JavaScript library that transforms standard web elements into inline, WYSIWYG rich text editing areas. It functions as a programmatic wrapper around the native browser content-editable attribute, providing a structured interface for managing text input, media embedding, and document formatting directly within existing page layouts. The editor is distinguished by its contextual floating toolbar, which dynamically appears based on user text selection to provide relevant formatting options. It utilizes a plugin-based architecture that allows developers to inject c
Filters and cleans incoming content during paste operations to ensure structural integrity and remove unauthorized markup.
Parsedown is a PHP library that converts Markdown text and common extensions into structured HTML output for web browsers. It functions as a Markdown to HTML converter that processes both block-level and inline elements to generate valid web content. The library includes a PHP HTML sanitizer designed to escape HTML and scripting vectors. This security layer provides input sanitization to prevent attacks when processing untrusted user-generated content.
Provides utilities to sanitize and escape HTML and scripting vectors within untrusted user input.
Whoogle-search is a self-hosted, containerized metasearch engine designed to provide search results while stripping away advertisements, tracking scripts, and cookies. It functions as a privacy-focused proxy that fetches results from major search providers, ensuring that user activity remains isolated from the original service providers. The platform distinguishes itself through granular traffic management and request-level security. It masks user identity by rotating browser identification strings and routing queries through intermediate proxies. Users can further customize their experience
Parses and sanitizes raw search engine responses to remove tracking scripts and advertisements.
ContentTools es un framework de JavaScript y un conjunto de herramientas para construir editores visuales WYSIWYG. Proporciona una biblioteca de manipulación del DOM para analizar y transformar cadenas HTML en regiones editables estructuradas, junto con un orquestador de documentos visual que gestiona los comportamientos de los elementos y las transiciones de estado. El framework incluye un gestor de selección de navegador especializado para asegurar un posicionamiento del cursor y un resaltado de rango de texto consistentes en diferentes navegadores web. También cuenta con un validador de contenido HTML utilizado para sanitizar la salida y convertir enlaces de medios de terceros en formatos de incrustación válidos. El sistema cubre una amplia gama de capacidades, incluyendo manipulación interactiva del DOM para elementos arrastrables y redimensionables, formato de texto enriquecido y flujos de trabajo de procesamiento de imágenes para recortar y rotar. También proporciona herramientas para el seguimiento del historial de edición mediante instantáneas del DOM y un sistema de componentes de UI para gestionar cajas de herramientas y navegación jerárquica mediante breadcrumbs. El proyecto aplica seguridad mediante restricciones de atributos de elementos para evitar modificaciones no autorizadas de etiquetas HTML.
Ships utilities for sanitizing HTML output and transforming media links into valid embed formats.