Lib.rs

Web programming
#html #allowlist #filter #w3c #standard #settings #purifier

html-purifier

HTML Purifier

by mehmetcan

4 releases (2 breaking)

0.3.0 Jan 31, 2024
0.2.0 Feb 29, 2020
0.1.1 Feb 25, 2020
0.1.0 Feb 24, 2020

#4 in #allowlist

Download history 44/week @ 2024-07-06 60/week @ 2024-07-13 6/week @ 2024-07-20 37/week @ 2024-07-27 9/week @ 2024-08-03 17/week @ 2024-08-10 16/week @ 2024-08-17 28/week @ 2024-08-24 8/week @ 2024-08-31 16/week @ 2024-09-14 19/week @ 2024-09-21 18/week @ 2024-09-28 3/week @ 2024-10-05 21/week @ 2024-10-12 9/week @ 2024-10-19

53 downloads per month

MIT/Apache

10KB
162 lines

HTML Purifier

GHA Build Status MIT licensed crates.io Released API docs

HTML Purifier is a standard HTML filter library.

HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications. HTML Purifier

Example

use html_purifier::{purifier, Settings};

let settings = Settings {
    ..Settings::default()
};
let input = r#"<a href="/test" style="color: black;"><img src="/logo.png" onerror="javascript:;"/>Rust</a>"#;
let output = purifier(input, settings);

Input HTML

<a href="/test" style="color: black;"
  ><img src="/logo.png" onerror="javascript:;" />Rust</a
>

Output HTML

<a href="/test"><img src="/logo.png" />Rust</a>

Dependencies

~8.5MB
~209K SLoC