Lib.rs

Web programming
#html #allowlist #filter #w3c #standard #settings #purifier

html-purifier

HTML Purifier

by mehmetcan

4 releases (2 breaking)

0.3.0 Jan 31, 2024
0.2.0 Feb 29, 2020
0.1.1 Feb 25, 2020
0.1.0 Feb 24, 2020

#7 in #allowlist

Download history 5/week @ 2024-09-11 21/week @ 2024-09-18 19/week @ 2024-09-25 10/week @ 2024-10-02 8/week @ 2024-10-09 17/week @ 2024-10-16 10/week @ 2024-10-23 13/week @ 2024-10-30 6/week @ 2024-11-06 3/week @ 2024-11-13 9/week @ 2024-11-20 15/week @ 2024-11-27 34/week @ 2024-12-04 45/week @ 2024-12-11 21/week @ 2024-12-18

102 downloads per month

MIT/Apache

10KB
162 lines

HTML Purifier

GHA Build Status MIT licensed crates.io Released API docs

HTML Purifier is a standard HTML filter library.

HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications. HTML Purifier

Example

use html_purifier::{purifier, Settings};

let settings = Settings {
    ..Settings::default()
};
let input = r#"<a href="/test" style="color: black;"><img src="/logo.png" onerror="javascript:;"/>Rust</a>"#;
let output = purifier(input, settings);

Input HTML

<a href="/test" style="color: black;"
  ><img src="/logo.png" onerror="javascript:;" />Rust</a
>

Output HTML

<a href="/test"><img src="/logo.png" />Rust</a>

Dependencies

~8.5MB
~210K SLoC