phoenix_html_sanitizer alternatives and similar packages
Based on the "Framework Components" category.
Alternatively, view phoenix_html_sanitizer alternatives based on common mentions on social networks and blogs.
-
-
surface
A server-side rendering component library for Phoenix -
commanded
Use Commanded to build Elixir CQRS/ES applications -
ex_admin
ExAdmin is an auto administration package for Elixir and the Phoenix Framework -
-
phoenix_html
Building blocks for working with HTML in Phoenix -
phoenix_ecto
Phoenix and Ecto integration with support for concurrent acceptance testing -
react_phoenix
Make rendering React.js components in Phoenix easy -
absinthe_plug
Plug support for Absinthe, the GraphQL toolkit for Elixir -
phoenix_live_reload
Provides live-reload functionality for Phoenix -
-
params
Easy parameters validation/casting with Ecto.Schema, akin to Rails' strong parameters. -
phoenix_pubsub_redis
The Redis PubSub adapter for the Phoenix framework -
-
-
rummage_ecto
Search, Sort and Pagination for ecto queries -
dayron
A repository `similar` to Ecto.Repo that maps to an underlying http client, sending requests to an external rest api instead of a database -
rummage_phoenix
Full Phoenix Support for Rummage. It can be used for searching, sorting and paginating collections in phoenix. -
phoenix_token_auth
Token authentication solution for Phoenix. Useful for APIs for e.g. single page apps. -
recaptcha
A simple reCaptcha 2 library for Elixir applications. -
sentinel
DEPRECATED - Phoenix Authentication library that wraps Guardian for extra functionality -
plug_graphql
Plug (Phoenix) integration for GraphQL Elixir -
-
phx_component_helpers
Extensible Phoenix liveview components, without boilerplate -
plug_rails_cookie_session_store
Rails compatible Plug session store -
multiverse
Elixir package that allows to add compatibility layers via API gateways. -
filterable
Filtering from incoming params in Elixir/Ecto/Phoenix with easy to use DSL. -
access pass
provides a full user authentication experience for an API. Includes login,logout,register,forgot password, forgot username, confirmation email and all that other good stuff. Includes plug for checking for authenticated users and macro for generating the required routes. -
better_params
Cleaner request parameters in Elixir web applications 🙌 -
scrivener_headers
Scrivener pagination with headers and web linking -
phoenix_pubsub_rabbitmq
RabbitMQ adapter for Phoenix's PubSub layer -
plug_checkup
PlugCheckup provides a Plug for adding simple health checks to your app -
plug_statsd
Send connection response time and count to statsd -
plug_rest
REST behaviour and Plug router for hypermedia web applications in Elixir -
Votex
Implements vote / like / follow functionality for Ecto models in Elixir. Inspired from Acts as Votable gem in Ruby on Rails -
plug_canonical_host
PlugCanonicalHost ensures that all requests are served by a single canonical host. -
trailing_format_plug
An elixir plug to support legacy APIs that use a rails-like trailing format: http://api.dev/resources.json -
WorkOS - The modern identity platform for B2B SaaS
Do you think we are missing an alternative of phoenix_html_sanitizer or a related project?
|
InfluxDB - Power Real-Time Data Analytics at Scale
sponsored
www.influxdata.com
|
Popular Comparisons
-
phoenix_html_sanitizervsplug_rest
-
phoenix_html_sanitizervsex_admin
-
phoenix_html_sanitizervssentinel
-
phoenix_html_sanitizervsparams
-
phoenix_html_sanitizervsbetter_params
|
SaaSHub - Software Alternatives and Reviews
sponsored
www.saashub.com
|
README
Phoenix HTML Sanitizer 
phoenix_html_sanitizer provides a simple way to sanitize user input in your Phoenix app.
It is extracted from the elixirstatus.com project, where it is used to sanitize user annoucements from around the Elixir community.
What can it do?
phoenix_html_sanitizer parses a given HTML string and either completely strips it from HTML tags or sanitizes it by only allowing certain HTML elements and attributes to be present. It depends on html_sanitize_ex to do this.
Installation
Add phoenix_html_sanitizer as a dependency in your mix.exs file.
defp deps do
[
# ...
{:phoenix_html_sanitizer, "~> 1.0.0"}
]
end
After you are done, run mix deps.get in your shell.
To include the Sanitizer into all your views, you can add it to your web.ex
file:
def view do
quote do
use Phoenix.View, root: "web/templates"
[snip]
# Use all HTML functionality (forms, tags, etc)
use Phoenix.HTML
use PhoenixHtmlSanitizer, :basic_html <-------- add this line
end
end
You have to set one of three base modes here:
:strip_tags- all tags are stripped from the input.:basic_html- some basic HTML tags are allowed. This is great for allowing basic usages of HTML for sites like online forums and it works great in combination with a Markdown parser.:full_html- all HTML5 tags are allowed and sanitized.
After you included PhoenixHtmlSanitizer into your web.ex, it will provide
two functions in your views:
sanitize/1uses the defined base mode,sanitize/2takes the mode as second parameter.
Usage in views
sanitize can strip all tags from the given string:
text = "<a href=\"javascript:alert('XSS');\">text here</a>"
sanitize(text, :strips_tags)
# => {:safe, "text here"}
Or allow certain basic HTML elements to remain:
text = "<h1>Hello <script>World!</script></h1>"
sanitize(text, :basic_html)
# => {:safe, "<h1>Hello World!</h1>"}
text = "<header>Hello <script>World!</script></header>"
sanitize(text, :full_html)
# => {:safe, "<header>Hello World!</header>"}
Notice how the output follows the Phoenix.HTML.Safe protocol.
Thus both sanitize/1 and sanitize/2 can be used directly in your views:
<%= sanitize "<h1>Hello <script>World!</script></h1>" %>
This prints <h1>Hello World!</h1> into your eex template.
Contributing
- Fork it!
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request
Author
René Föhring (@rrrene)
License
phoenix_html_sanitizer is released under the MIT License. See the LICENSE file for further details.
*Note that all licence references and agreements mentioned in the phoenix_html_sanitizer README section above
are relevant to that project's source code only.