search

leizongmin / js-xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
http://jsxss.com
Other
5.2k stars 629 forks source link

The module encodes any < > even if they are not part of a tag #176

Open tomerb15 opened 5 years ago

tomerb15 commented 5 years ago

For example: xss("This is a > test") will result: this is a &gt; test

I wonder if there is a way to sanitise only Tags?

YuanKunLong commented 3 years ago

你好 解决了吗? 我也遇到了相同的问题

psamusev commented 1 year ago

Same for me. It breaks content of the style attribute that contains css selector ">"