Server-side HTML Sanitization


#1

I need to sanitize HTML server-side. Any advice? Any library I should know? Anyone tried meteor-sanitize-html?


#2

Meteor do not send HTML over the wire. So, you can’t this project directly.
Meteor’s Blaze takes some measures to prevent cross site scripts.

If you are accepting user inputs it’s good job to sanitize them. For that you can use any NPM module(I hope there are lot) for that.
Otherwise you can use Meteor’s Check package.

If you are accepting HTML directly, you can use that package. Check npm package to use NPM modules with Meteor.

Hope this is what you looking for?


#3

@arunoda, thanks for pointing me to meteorhacks:npm. It will definitively be useful if I decide to use a node package directly (I saw a few html parsers). I need to sanitize raw HTML coming from a rich text editor.


#4

Check out this package https://atmospherejs.com/vazco/universe-html-purifier
I think it does exactly what you want.


#5

Thanks @macrusher, I will definitely have a look at it.