TechQA.

DOMPurify Keep text between tags || Remove only Tags

3.5k views Asked by At

I have an Test string.

const html = '{%remove%} useful {{remove}} <svg></p><style><a id="</style><img src=1 onerror=alert(1)>"> keep';

And I'm trying to remove all the html content and the {{, }}, {%, %}. But I'd like to keep the useful and keep words on string.

const purifyConfig = {
    FORBID_TAGS: ['{{', '{%',],
    SAFE_FOR_TEMPLATES: true,
    RETURN_TRUSTED_TYPE: true,
    ALLOW_DATA_ATTR: false,
    KEEP_CONTENT: true,
};
const clean = DOMPurify.sanitize(html, purifyConfig);

The clean Result in a Empty string. What configuration should I use to do this?

javascript xss html-injections dompurify
Original Q&A
0

There are 0 answers

Related Questions in JAVASCRIPT

Related Questions in XSS

Related Questions in HTML-INJECTIONS

Related Questions in DOMPURIFY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions