How to use the defaults function from sanitize-html

sanitize-html.defaults is a Node.js module that provides default options for the sanitize-html library, which allows you to sanitize HTML input and remove potentially malicious code.

How does sanitize-html.defaults work?

sanitize-html.defaults works by creating a configuration object that can be pre-populated with default options for the sanitize-html library.

When you use the sanitizeHtml function provided by the sanitize-html library, it first merges the default options with any options you provide.

This allows you to set up a sensible default configuration for your HTML sanitization, but still give users the ability to customize it based on their specific needs.

The default options can include things like allowed HTML tags, attributes, and URI schemes, as well as a variety of other sanitization-related settings.

Ai Example

1
2
3
4
5
6
7
8
9
10
11
12
13
const sanitizeHtml = require("sanitize-html");
const defaults = require("sanitize-html/defaults");

// Override some of the default options
defaults.allowedTags.push("img");
defaults.allowedAttributes.img = ["src", "alt"];

// Sanitize some HTML using the default options
const dirtyHtml = " Hello, ";
const cleanHtml = sanitizeHtml(dirtyHtml, defaults);

console.log(`Original HTML: ${dirtyHtml}`);
console.log(`Cleaned HTML: ${cleanHtml}`);

In this example, we first require both the sanitize-html library and the sanitize-html/defaults module. We then override some of the default options by adding an allowed img tag and its src and alt attributes to the list of allowed tags and attributes. Finally, we use the sanitizeHtml function to sanitize some potentially malicious HTML by removing any scripts and other dangerous code. We demonstrate that the sanitized HTML is safe to use by logging both the original and cleaned versions of the HTML to the console.