Reactive Html Sanitizer

Stable Version 1.0.0 (OutSystems 11)
Published on 28 Mar by 

Reactive Html Sanitizer

Details
Fast JavaScript customizable HTML Sanitizer, client-side (in the browser, no server actions required). This library can be used in OutSystems Reactive web applications, and also in Outsystems Mobile applications. It works also when the mobile application is offline.
Read More

Please note: to prevent XSS attacks you should always sanitize input on the server too. Never trust the client!

The sanitizer uses whitelisting approach (as opposed to "blacklisting") to clean out everything that's not allowed.

Speed

It uses browser/DOM to parse the html by creating an invisible "sandboxed" iframe (hence the browser "front-end only" requirement) which makes it much faster than "pure JavaScript" sanitizers, or server-side sanitizers.

Tags allowed by default

a, abbr, b, blockquote, body, br, center, code, div, em, font, h1, h2, h3, h4, h5, h6, hr, i, img, label, li, ol, p, pre, small, source, span, strong, table, tbody, tr, td, th, thead, ul, u, video

Attributes allowed by default

align, color, controls, height, href, src, style, target, title, type, width

CSS styles allowed by default

color, background-color, font-size, text-align, text-decoration, font-weight

BUT WHY?

Why create a front-end HTML sanitizer if the input has to be sanitized on the server anyway?

Users often copy-paste awful HTML generated by MS Word, MS Outlook or Apple Mail that needs a clean-up. Or you need to remove excessive formatting in a WYSIWYG editor. Or you need to display an (ugly) email message in a (beautiful) mobile app. Or (my favorite) you simply need to ease the load in the server-side sanitizer. And many many other use-cases.

Based on: https://github.com/jitbit/HtmlSanitizer

Reviews (0)
Category
UI & Widgets, Libraries
Support Options
This component is not supported by OutSystems. You may use the discussion forums to leave suggestions or obtain best-effort support from the community, including from Daniël Kuhlmann who created this component.
Dependencies
Reactive Html Sanitizer has no dependencies.
Requirements
Platform:
11.0.606.0
Database:
All
Stack:
.NET
Component Consumers
No consumers yet.
Weekly Downloads