Open amjadaliup opened 2 years ago
@amjadaliup
I think what you need to use is the stripIgnoreTag
attribute, which you can set like this:
const source = `some text..<script>alert(1);`;
const html = filterXSS(source, {
whiteList: {}, // just make sure that the whiteList does not contain script
stripIgnoreTag: true, // filter out all HTML not in the whitelist
});
Or a more violent way
const html = filterXSS(source, {
onTag: function onTag(tag, html, options) {
if (tag === 'script') {
return ''
}
}
})
@lumburr Thank you for your answer. But I need to remove body content of the script tag also. That is not possible with these 2 ways. I'm using stripIgnoreTagBody: ['script'] for that.
I given stripIgnoreTagBody option as ['script'] and given input is like,
And got out put as:-
I only need output like:-
how can I remove [removed] text from output. Not:- if I give [removed] in input that will be in output.
Thanks in advance