add allowed schemes for URLS. eg, http:// https:// mailto: tel: sms:

leizongmin / js-xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

http://jsxss.com

Other

5.19k stars 630 forks source link

add allowed schemes for URLS. eg, http:// https:// mailto: tel: sms: #221

Open amit777 opened 3 years ago

amit777 commented 3 years ago

We are migrating from sanitize-html module which has a feature to only allow links with allowed schemes like http, https, mailto, tel, and sms. That would be an awesome feature to have here.

ryans-usafacts commented 1 year ago

@amit777 , I had a similar need and came across this solution that is very easy to implement with a regex that tests for the schemes you're looking for.