package:sanitize_html - Added containsDisallowedContent Function for Detecting Prohibited HTML in User-Defined Validation Scenarios #263
+90
−0
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation:
In scenarios where users only want to detect malicious or disallowed HTML content without sanitizing it, a validation mechanism becomes crucial. This feature allows applications to abort processes or take corrective actions when encountering unsafe HTML, ensuring robustness and security.
Use Cases:
Prevent Malicious Submissions:
Detect malicious content in user-generated inputs, such as comment fields or form submissions, and reject the input early without modifying the HTML.
Abort Application Flow:
Halt the execution of specific workflows (e.g., data processing or rendering) if unsafe HTML is detected, ensuring that the application does not proceed with invalid data.
Custom Security Workflows:
Integrate with security pipelines to log, monitor, or analyze the occurrence of unsafe HTML without sanitizing or altering the input.
Audit User Content:
Validate HTML against custom policies for compliance audits without altering the original content, useful for applications dealing with regulatory constraints or collaborative platforms.
Summary of Changes:
containsDisallowedContent
, a validation function to detect prohibited HTML tags, attributes, or links.id
,class
, and attribute handling.This feature extends the library's utility by providing a lightweight, focused mechanism for HTML validation.