DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
When using DOMPurify to sanitize an HTML input element with a name attribute, the name attribute is being removed even when it is expected to be preserved.
Steps to Reproduce:
Use the following code to sanitize an input element:
When using DOMPurify to sanitize an HTML input element with a name attribute, the name attribute is being removed even when it is expected to be preserved.
Steps to Reproduce:
Use the following code to sanitize an input element:
Observe that the name attribute is removed in the sanitized output: