sanitizeHtml - Intuned

export declare function sanitizeHtml(options: SanitizeHtmlOptions): string;

Sanitizes and cleans HTML content by removing unwanted elements, attributes, and whitespace. Provides fine-grained control over each cleaning operation through configurable options.

Examples

import { sanitizeHtml } from "@intuned/browser";
export default async function handler(params, page, context){
const dirtyHtml = `
  <div>
    <script>alert('xss')</script>
    <p style="color: red;">Hello World</p>
    <span></span>
  </div>
`;
const sanitizedHtml = sanitizeHtml({ html: dirtyHtml });
// Returns: '<div><p>Hello World</p></div>'
}

Arguments

options

SanitizeHtmlOptions

required

Configuration options for sanitization

Show options

options.html

string

The HTML content to sanitize

options.removeScripts

boolean

Remove all <script> elements. Defaults to true.

options.removeStyles

boolean

Remove all <style> elements. Defaults to true.

options.removeSvgs

boolean

Remove all <svg> elements. Defaults to true.

options.removeComments

boolean

Remove HTML comments. Defaults to true.

options.removeLongAttributes

boolean

Remove attributes longer than maxAttributeLength. Defaults to true.

options.maxAttributeLength

number

Maximum length for attributes before removal. Defaults to 500.

options.preserveAttributes

Array<string>

List of attribute names to always preserve. Defaults to [“class”, “src”].

options.removeEmptyTags

boolean

Remove empty tags (except preserved ones). Defaults to true.

options.preserveEmptyTags

Array<string>

List of tag names to preserve even when empty. Defaults to [“img”].

options.minifyWhitespace

boolean

Remove extra whitespace between tags and empty lines. Defaults to true.

Returns: `string`

The sanitized HTML string

Get started

​Examples

​Arguments

​Returns: string

Examples

Arguments

Returns: `string`