Lib.rs

Web programming
#html #allowlist #filter #w3c #standard #settings #purifier

html-purifier

HTML Purifier

by mehmetcan

4 releases (2 breaking)

0.3.0 Jan 31, 2024
0.2.0 Feb 29, 2020
0.1.1 Feb 25, 2020
0.1.0 Feb 24, 2020

#4 in #allowlist

Download history 13/week @ 2024-07-22 30/week @ 2024-07-29 10/week @ 2024-08-05 20/week @ 2024-08-12 24/week @ 2024-08-19 24/week @ 2024-08-26 18/week @ 2024-09-16 20/week @ 2024-09-23 17/week @ 2024-09-30 1/week @ 2024-10-07 23/week @ 2024-10-14 8/week @ 2024-10-21 14/week @ 2024-10-28 8/week @ 2024-11-04

53 downloads per month

MIT/Apache

10KB
162 lines

HTML Purifier

GHA Build Status MIT licensed crates.io Released API docs

HTML Purifier is a standard HTML filter library.

HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications. HTML Purifier

Example

use html_purifier::{purifier, Settings};

let settings = Settings {
    ..Settings::default()
};
let input = r#"<a href="/test" style="color: black;"><img src="/logo.png" onerror="javascript:;"/>Rust</a>"#;
let output = purifier(input, settings);

Input HTML

<a href="/test" style="color: black;"
  ><img src="/logo.png" onerror="javascript:;" />Rust</a
>

Output HTML

<a href="/test"><img src="/logo.png" />Rust</a>

Dependencies

~8MB
~208K SLoC