simple-xss/dist/xss.min.js

Simple whitelist-based html sanitizer for node and browser.

!function(t){function e(t,a){return r(t,a||e.defaults)}function r(e,r){var n=t("<body>").html(e);return i(n,a(r)),n.html()}function a(t){var e={};e.protocols=t.protocols,e.elements=n(t.elements),e.attributes={};for(var r in t.attributes){var a=t.attributes[r];"all"!=r&&(a=a.concat(t.attributes.all)),e.attributes[r]=n(a)}return e}function n(t){return new RegExp("^("+t.join("|")+")$","i")}function o(t,e){return e.elements.test(d(t))&&s(t)?(l(t,e),i(t,e),t):void t.remove()}function i(e,r){e.children().each(function(){o(t(this),r)})}function s(t){var e=m[p(t)];return!e||e.test(d(t.parent()))}function l(t,e){var r,a=p(t),n=f(t),o=e.attributes[a]||e.attributes.all;for(var i in n)n.hasOwnProperty(i)&&(r=h(n,i))&&(o.test(r)?c(t,r,e):t.removeAttr(r))}function c(t,e,r){b.test(e)&&t.attr(e,u(t.attr(e),r))}function u(t,e){return t&&e.protocols.test(t)?t:""}function d(t){return t[0].tagName||t[0].name}function p(t){return d(t).toLowerCase()}function f(t){return t[0].attributes||t[0].attribs}function h(t,e){if(Number(e)==e){var r=t[String(e)];return r&&r.name}return e}e.url=function(t,r){return u(t,r||e.defaults)},e._sanitizeAttributes=l,e._getAttributeName=h,e.defaults={elements:["a","aside","b","blockquote","br","caption","code","del","dd","dfn","div","dl","dt","em","h1","h2","h3","h4","h5","h6","hr","i","img","ins","kbd","li","ol","p","pre","q","samp","strike","strong","sub","sup","table","tbody","td","tfoot","th","thead","tr","tt","ul","var"],attributes:{a:["href"],img:["src"],div:["itemscope","itemtype"],all:["abbr","accept","accept-charset","accesskey","action","align","alt","axis","border","cellpadding","cellspacing","char","charoff","charset","checked","cite","clear","cols","colspan","color","compact","coords","datetime","dir","disabled","enctype","for","frame","headers","height","hreflang","hspace","ismap","label","lang","longdesc","maxlength","media","method","multiple","name","nohref","noshade","nowrap","prompt","readonly","rel","rev","rows","rowspan","rules","scope","selected","shape","size","span","start","summary","tabindex","target","title","type","usemap","valign","value","vspace","width","itemprop"]},protocols:/^(http|https|mailto|#|\/)/i};var m={};m.thead=m.tbody=m.tfoot=/^table$/i,m.tr=/^(table|thead|tbody|tfoot)$/i,m.th=m.td=/^tr$/i,m.li=/^(ul|ol)$/i;var b=/^(src|href)$/;"undefined"==typeof window?module.exports=e:window.xss=e}("undefined"==typeof window?require("cheerio"):$);