search

cure53 / DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
https://cure53.de/purify
Other
13.25k stars 687 forks source link

Policy creator #979

Open jmanico opened 3 days ago

jmanico commented 3 days ago

I would like to suggest making a policy creator where I can enter in my domain and create a policy where all resources can only be loaded from that domain.

I'm not a fan of allowing images and other resources to be loaded from any domain.

Love you Mario <3

cure53 commented 3 days ago

Sure, that might be doable. You are planning to send a PR or need any other help?