Neutrino: HTML Sanitizer

Clean and sanitize HTML to ensure user supplied content is safe and secure

Neutrino's HTML Clean API sanitizes and cleans untrusted HTML from user supplied content (or content from external sources), to ensure that it is safe and prevent cross-site scripting attacks (XSS).

The Neutrino HTML Sanitizer block filters HTML from real-time messages to prevent security exploits or reformats the text to whatever you want. For example, if you're building a real-time forum, HTML Sanitizer block can reformat user submissions to ensure that it only includes bold and italics, and scrubs out any security issues that may be hidden in the HTML.

Walkthrough

Sign up for the Neutrino API and enter your User ID and API Key as the two variables userId and apiKeyrespectively.

Then specify what level of HTML filtering your system requires in the variable output-type. Neutrino supports the following settings:

plain-text: reduce the content to plain text only (no HTML tags at all)

simple-text: allow only very basic text formatting tags like b, em, i, strong, u

basic-html: allow advanced text formatting and hyper links

basic-html-with-images: same as basic html but also allows image tags

advanced-html: same as basic html with images but also allows many more common HTML tags like table, ul, dl, pre

The block will then forward messages sent to it to the Neutrino API and filter HTML before it reaches the next client.

Input

Message including HTML sent over PubNub

1

Output

Filtered message that only includes bold and italics.

1

Talk to an expert