Popularity

8.2

Stable

Activity

0.0

Stars 278

Watchers 5

Forks 65

Last Commit 8 months ago

Monthly Downloads: 162,250

Programming language: Elixir

License: MIT License

Tags: Text And Numbers HTML

Latest version: v1.4.1

html_sanitize_ex alternatives and similar packages

Based on the "HTML" category.
Alternatively, view html_sanitize_ex alternatives based on common mentions on social networks and blogs.

floki

9.8 7.7 html_sanitize_ex VS floki

Floki is a simple HTML parser that enables search for nodes using CSS selectors.
Drab

9.3 0.0 html_sanitize_ex VS Drab

Remote controlled frontend framework for Phoenix.

CodeRabbit: AI Code Reviews for Developers

Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

Promo coderabbit.ai

Meeseeks

8.1 3.1 html_sanitize_ex VS Meeseeks

An Elixir library for parsing and extracting data from HTML and XML with CSS or XPath selectors.
html_entities

6.5 0.0 html_sanitize_ex VS html_entities

Elixir module for decoding HTML entities.
vnu-elixir

4.7 6.7 html_sanitize_ex VS vnu-elixir

An Elixir client for the Nu HTML Checker (v.Nu).
modest_ex

3.9 1.8 html_sanitize_ex VS modest_ex

Elixir library to do pipeable transformations on html strings (with CSS selectors)
myhtmlex

3.4 0.0 html_sanitize_ex VS myhtmlex

Elixir/Erlang bindings for lexborisov's myhtml
tidy_ex

1.8 2.5 html_sanitize_ex VS tidy_ex

Elixir binding to the granddaddy of HTML tools
texas

- html_sanitize_ex VS texas

Texas is a powerful abstraction over updating your clients using server-side rendering and server-side Virtual DOM diff/patching.

Do you think we are missing an alternative of html_sanitize_ex or a related project?

Add another 'HTML' Package

Popular Comparisons

README

HtmlSanitizeEx

html_sanitize_ex provides a fast and straightforward HTML Sanitizer written in Elixir which lets you include HTML authored by third-parties in your web application while protecting against XSS.

It is the first Hex package to come out of the elixirstatus.com project, where it will be used to sanitize user announcements from the Elixir community.

What can it do?

html_sanitize_ex parses a given HTML string and, based on the used Scrubber, either completely strips it from HTML tags or sanitizes it by only allowing certain HTML elements and attributes to be present.

NOTE: The one thing missing at this moment is support for styles. To add this, we have to implement a Scrubber for CSS, to prevent nasty CSS hacks using <style> tags and attributes.

Otherwise html_sanitize_ex is a full-featured HTML sanitizer.

Installation

Add html_sanitize_ex as a dependency in your mix.exs file.

defp deps do
  [{:html_sanitize_ex, "~> 1.3.0-rc3"}]
end

After adding you are done, run mix deps.get in your shell to fetch the new dependency.

The only dependency of html_sanitize_ex is mochiweb which is used to parse HTML.

Usage

It can strip all tags from the given string:

text = "<a href=\"javascript:alert('XSS');\">text here</a>"
HtmlSanitizeEx.strip_tags(text)
# => "text here"

Or allow certain basic HTML elements to remain:

text = "<h1>Hello <script>World!</script></h1>"
HtmlSanitizeEx.basic_html(text)
# => "<h1>Hello World!</h1>"

The following scrubbing options exist:

HtmlSanitizeEx.noscrub(html)
HtmlSanitizeEx.basic_html(html)
HtmlSanitizeEx.html5(html)
HtmlSanitizeEx.markdown_html(html)
HtmlSanitizeEx.strip_tags(html)

TODO: write more comprehensive usage description

Contributing

Fork it!
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request

Author

René Föhring (@rrrene)

License

html_sanitize_ex is released under the MIT License. See the LICENSE file for further details.

*Note that all licence references and agreements mentioned in the html_sanitize_ex README section above are relevant to that project's source code only.

html_sanitize_ex

HTML sanitizer for Elixir