There is a library called Jsoup written in java using which i can remove unsafe tags in html like <script></script etc.
If i have # rohit
<script>alert(10)</script> I want to get # rohit
The use case for this is :
I am writing a markdown editor. User enters markdown in a textarea then switches to markdown mode and i show the corresponding HTML in another pane.
This is all happening on client side.
Now in my case whats happening is user can type stuff like # rohit and when switches to other tab using a lib called
marked i convert it to HTML which causes the unsafe html tags if present like <script>alert(10)</script> to execute.
Although marked does have an option sanitize but it just replaces < > with < etc..
which does prevent the script tag from executing. But the issue is if i type something like <b> rohit </b> in raw markdown the converted HTML will show it as bold. But after sanitization this will show as it is which is wrong.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Originally, this post was published on Monitis Blog, you can check it
Websites are getting bigger and more complicated by the day. Video, images and custom fonts are all great for showcasing your product or service. But the price to pay in…
In this tutorial viewers will learn how to style transparent/translucent elements using alpha transparency in CSS
Start with a normal styled element, such as a div.: Define its "background-color" property as "rgba (255, 255, 255, .5): The numbers in…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5.
As we learned in our last micr…