Home Search

DriveWorks Pro 22
HTMLSanitize

Send Feedback

HTMLSanitize

Cleans HTML to prevent XSS attacks.

This function will examine an HTML document to ensure only tags that are deemed safe are preserved, and will also close tags that are left open.

This is to protect against cross-site scripting (XSS) attacks by sanitizing the inputted HTML code.

Syntax

HTMLSanitize(Text)

Where:

Text: The string of HTML text to sanitize.

Example

RuleMeaning
HtmlSanitize("<p>Hello World")Returns: <p>Hello World</p>

The function will close the <p> tag that has been left open.

HtmlSanitize("<div><button onclick=""myFunction()"">Click me</button>Button")Returns: <div>Button</div>

The function removes the potentially dangerous attribute, onClick, and closes the <div> tag.