mirror of
https://github.com/gosticks/DefinitelyTyped.git
synced 2026-04-07 14:14:31 +00:00
f7fb43c092
* sanitize-html: add allowedSchemesByTag to IOptions * sanitize-html: add allowProtocolRelative to IOptions
30 lines
848 B
TypeScript
30 lines
848 B
TypeScript
|
|
import * as sanitize from 'sanitize-html';
|
|
|
|
let options: sanitize.IOptions = {
|
|
allowedTags: sanitize.defaults.allowedTags.concat('h1', 'h2', 'img'),
|
|
allowedAttributes: {
|
|
'a': sanitize.defaults.allowedAttributes['a'].concat('rel'),
|
|
'img': ['src', 'height', 'width', 'alt']
|
|
},
|
|
transformTags: {
|
|
'a': sanitize.simpleTransform('a', { 'rel': 'nofollow' }),
|
|
'img': (tagName: string, attribs: sanitize.Attributes) => {
|
|
let img = { tagName, attribs };
|
|
img.attribs['alt'] = 'transformed' ;
|
|
return img;
|
|
}
|
|
},
|
|
exclusiveFilter: function(frame: sanitize.IFrame) {
|
|
return frame.tag === 'a' && !frame.text.trim();
|
|
},
|
|
allowedSchemesByTag: {
|
|
'a': ['http', 'https']
|
|
},
|
|
allowProtocolRelative: false
|
|
};
|
|
|
|
let unsafe = '<div><script>alert("hello");</script></div>';
|
|
|
|
let safe = sanitize(unsafe, options);
|