Created
December 14, 2012 02:44
-
-
Save charleshimmer/4282143 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function santizeHTML(riskyHTML){ | |
| // create an invisible but fully functional HTML document | |
| var doc = document.implementation.createHTMLDocument(); | |
| // set it's HTML to the HTML we need to santize | |
| doc.body.innerHtml = riskyHTML; | |
| // black list of tags we want to remove | |
| var badNodes = doc.querySelectorAll("script,style,link,object"); | |
| // remove all bad tags found | |
| for (var i=0, len=badNodes.length; i < len; i++){ | |
| badNodes[i].parentNode.removeChild(badNodes[i]); | |
| } | |
| // return the santized HTML | |
| return doc.body.innerHtml; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment