Skip to content
/ rickdom Public

RickDOM is a javascript library to build DOM elements from string safety using DOMParser API or createHTMLDocument API of modern browsers.

License

MIT license
72 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hasegawayosuke/rickdom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
demo
demo
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

RickDOM - ricking DOM elements safety from string

RickDOM is a javascript library to build DOM elements from string using DOMParser API or createHTMLDocument API of modern browsers.

Usage

var rickdom = new RickDOM();
var container = document.getElementById( "container" );
var elements;
var i;

// read allowings property to show default rule 
// div.textContent = JSON.stringify( rickdom.allowings, undefined, 2 );

// write allowings property if you want to customize rule.
// rickdom.allowings = { a : { href : { pattern : "^https?:\\/\\/", flag : "i" }, title : "" } };

// build method returns array of HTMLElement.
elements = rickdom.build( '<img src=# onerror=alert(1)><a href="http://example.jp/">example.jp</a><br><a href="javascript:alert(1)">javascript</a>' );
for( i = 0; i < elements.length; i++ ){ 
    container.appendChild( elements[ i ] );
}

Demo

Live demo is here.

License

See LICENSE file.

About

RickDOM is a javascript library to build DOM elements from string safety using DOMParser API or createHTMLDocument API of modern browsers.

Resources

Readme

License

MIT license
Activity

Stars

72 stars

Watchers

12 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages