Element wrapper for the Sanitize.js library (a whitelist-based HTML sanitizer)

[ This description is mirrored from README.md at github.com/howking/sanitize-element on 2019-05-22 ]

Build Status Published on webcomponents.org Polymer2.0 ES6

<sanitize-element>

Element wrapper for the Sanitize.js library (a whitelist-based HTML sanitizer), to use <marked-element>.

Usage

<style>
  .logo { width: 32px; }
</style>

<sanitize-element config='{
   "elements": ["img"],
   "attributes":{"img":["class","src"]},
   "protocols":{"img":{"src":["https"]}}
   }' sanitizer="{{sanitizer}}"></sanitize-element>

<marked-element sanitize sanitizer="[[sanitizer]]">
  <div slot="markdown-html"></div>
  <script type="text/markdown">
Markdown Image link `![image](url)`.

![WebComponents](https://web-components-resources.appspot.com/static/logo.svg)

You can set `class` like `<img class="logo">` and remove other attributes (e.g. onclick).

<img class="logo"
     src="https://web-components-resources.appspot.com/static/logo.svg"
     onclick="alert('WebComponents')">

Source block is escaped.

      <img class="logo"
           src="https://web-components-resources.appspot.com/static/logo.svg"
           onclick="alert('WebComponents')">

  </script>
</marked-element>

Other config like this.

<sanitize-element config='{
  "elements":["a","img"],
  "attributes":{"__ALL__":["class"], "a":["href","title"], "img":["src"]},
  "protocols":{"a":{"href":["http","https"]}}
  }' sanitizer="{{sanitizer}}"></sanitize-element>

<marked-element markdown="[[markdown]]" sanitize sanitizer="[[sanitizer]]">
  <div slot="markdown-html"></div>
</markd-element>

Note: The config attribute must be double quoted JSON.

Install the Polymer-CLI

First, make sure you have the Polymer CLI installed. Then run polymer serve to serve your element locally.

Viewing Your Element

$ polymer serve

Running Tests

$ polymer test

Your application is already set up to be tested via web-component-tester. Run polymer test to run your application's test suite locally.

Install

Link to this version
ImportedReleased 18 August 2017MIT License
Framework Support
Polymer 2.0+
Browser Compatibility
Install with
bower install --save howking/sanitize-element"#0.2.2"
Run the above Bower command in your project folder. If you have any issues installing, please contact the author.
Release notes - Version 0.2.2

Dependencies

  • sanitize#gbirke/Sanitize.js#v1.0.0
  • marked-element#PolymerElements/marked-element#^2.3.0
  • polymer#Polymer/polymer#^2.0.0