13 lines
377 B
TypeScript
13 lines
377 B
TypeScript
import DOMPurify from 'isomorphic-dompurify';
|
|
|
|
/**
|
|
* Sanitizes HTML content, allowing only safe inline formatting elements.
|
|
* Removes scripts, event handlers, iframes, and other risky elements.
|
|
*/
|
|
export function sanitizeHtml(html: string): string {
|
|
return DOMPurify.sanitize(html, {
|
|
ALLOWED_TAGS: ['b', 'i', 'em', 'strong', 'br', 'p', 'span'],
|
|
ALLOWED_ATTR: []
|
|
});
|
|
}
|