Caja-HTML-Sanitizer
Caja-HTML-Sanitizer copied to clipboard
theSmaw
Bundles Google Caja's HTML Sanitizer within a npm installable node.js module
Hey there! I'd like to report a security issue but cannot find contact instructions on your repository. If not a hassle, might you kindly add a `SECURITY.md` file with an...
Hi, one of the json request in our project contains a value something like {"test" : "
Thanks for this module, it's very useful to have it wrapped up. I see the sanitize() function is very conservative and strips a lot from the html. I'm wondering how...
Latest commit allows support for tel, sms and geo URI: https://github.com/google/caja/commits/master/src/com/google/caja/plugin/html-sanitizer.js Cheers and thanks :)
Hi Ben I needed the unescapeEntities method client-side and didn't want to include the rest of the lib in my app so I published it as a [module](https://github.com/skattyadz/Caja-HTML-Sanitizer-unescapeEntities) I don't...
Two vulnerabilities have been [found](https://github.com/google/caja/wiki/SecurityAdvisory20160421) in Caja, and a patched version has been released. In their words: > This is a complete breach of the Caja sandbox. All users should...
hey, I just encountered the problem that a boolean false got converted to the string "false" using your sanitize function: console.log(typeof(worldhit)); > boolean console.log(typeof(sanitizer.sanitize(worldhit))); > string the value of the...
