This repository was archived by the owner on Dec 21, 2017. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Sanitizers
fogine edited this page Jul 16, 2016
·
2 revisions
| name | argument | description |
|---|---|---|
| $escape | Recursively escapes all strings in a data structure the sanitizer is called upon. Eg.: {description: {$is: String, $escape: null}}
|
|
| $sanitizeHtml | HtmlSanitizerOptionsObject | Recursively sanitizes a data structure the sanitizer is called upon. Allows you to specify the tags you want to permit, and the permitted attributes for each of those tags |
| $sanitize | Function |
The function is given data being sanitized as an argument. The function is expected to return sanitized data |
The html-sanitizer is using internaly the sanitize-html library. So please refer to the library's documentation for more information about default option values and full list of available options. The option object is passed straight to the sanitize-html module so any future additions / changes in the module will be compatible.
| property | type |
|---|---|
| allowedTags |
Array / Boolean
|
| allowedAttributes |
Object /Boolean
|
| allowedSchemes | Array |
| allowedSchemesByTag | Object |