markdown-it-sanitize-html

![Test](https://github.com/mshibanami/markdown-it-sanitize-html/actions/workflows/test.yml) ![npm version](https://badge.fury.io/js/%40mshibanami-org%2Fmarkdown-it-sanitize-html) ![License: MIT](https://opensource.org/licenses/MIT)

A markdown-it plugin to sanitize HTML using sanitize-html.

This plugin sanitizes any HTML content in the original Markdown to prevent XSS attacks and other security vulnerabilities. In other words, it does not sanitize HTML generated by markdown-it itself or other plugins. This is the example:

``js markdownIt({ html: true }) .use(require('markdown-it-task-checkbox')) .use(markdownItSanitizeHtml); .render(- [ ] Task 1
- [x] Task 2

);
// Output:
// 

//  Task 1

//  Task 2

// 

// 
//   Name:
//



Installation

`bash npm install @mshibanami-org/markdown-it-sanitize-html`

`Usage`

JavaScript:

`js const markdownIt = require('markdown-it'); const markdownItSanitizeHtml = require('@mshibanami-org/markdown-it-sanitize-html');

const md = markdownIt({ html: true }); md.use(markdownItSanitizeHtml);

const markdown = 'Hello, world! '; const html = md.render(markdown);

console.log(html); // Output:

Hello, world!


TypeScript:

`ts import markdownIt from 'markdown-it'; import markdownItSanitizeHtml from '@mshibanami-org/markdown-it-sanitize-html';

const md = markdownIt({ html: true }); md.use(markdownItSanitizeHtml);

const markdown = 'Hello, world! '; const html = md.render(markdown);

console.log(html); // Output:

Hello, world!


Options
You can pass options to sanitize-html during initialization.

`js md.use(markdownItSanitizeHtml, { FORBID_TAGS: ['style'] });``

See the sanitize-html documentation for the available options.

License

sanitize-html -
MIT License
Copyright (c) 2013, 2014, 2015 P'unk Avenue LLC

markdown-it-sanitize-html

A markdown-it plugin to sanitize HTML using sanitize-html.

``js markdownIt({ html: true }) .use(require('markdown-it-task-checkbox')) .use(markdownItSanitizeHtml); .render(- [ ] Task 1
- [x] Task 2

);
// Output:
// 

//  Task 1

//  Task 2

// 

// 
//   Name:
//



Installation

`bash npm install @mshibanami-org/markdown-it-sanitize-html`

`Usage`

JavaScript:

`js const markdownIt = require('markdown-it'); const markdownItSanitizeHtml = require('@mshibanami-org/markdown-it-sanitize-html');

const md = markdownIt({ html: true }); md.use(markdownItSanitizeHtml);

const markdown = 'Hello, world! '; const html = md.render(markdown);

console.log(html); // Output:

Hello, world!


TypeScript:

`ts import markdownIt from 'markdown-it'; import markdownItSanitizeHtml from '@mshibanami-org/markdown-it-sanitize-html';

const md = markdownIt({ html: true }); md.use(markdownItSanitizeHtml);

const markdown = 'Hello, world! '; const html = md.render(markdown);

console.log(html); // Output:

Hello, world!


Options
You can pass options to sanitize-html during initialization.

`js md.use(markdownItSanitizeHtml, { FORBID_TAGS: ['style'] });``

See the sanitize-html documentation for the available options.