Y
Hacker News
new
|
ask
|
show
|
jobs
by
evilpie
57 days ago
The HTML Sanitizer API has a subset of SVG that is allowed by the default configuration. It won't help you with sanitizing CSS at all however, style is simply not allowed by default.
https://developer.mozilla.org/en-US/docs/Web/API/HTML_Saniti...
https://developer.mozilla.org/en-US/docs/Web/API/HTML_Saniti...
1 comments
Grokify
56 days ago
Good reference, along with the article. I built a SVG sanitizer in Go and will look to these to make it more strict.
link