https://github.com/trestletech/sanitizer
HTML sanitization for R
https://github.com/trestletech/sanitizer
Last synced: 4 months ago
JSON representation
HTML sanitization for R
- Host: GitHub
- URL: https://github.com/trestletech/sanitizer
- Owner: trestletech
- License: other
- Created: 2021-07-16T21:50:49.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2021-07-19T22:00:07.000Z (over 3 years ago)
- Last Synced: 2024-08-13T07:11:06.886Z (8 months ago)
- Language: R
- Size: 11.7 KB
- Stars: 1
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.Rmd
- License: LICENSE
Awesome Lists containing this project
- jimsghstars - trestletech/sanitizer - HTML sanitization for R (R)
README
---
output: github_document
---
```{r, include = FALSE}
knitr::opts_chunk$set(
collapse = TRUE,
comment = "#>",
fig.path = "man/figures/README-",
out.width = "100%"
)
options(tibble.print_min = 5, tibble.print_max = 5)
library(sanitizer)
```
# sanitizer
[](https://github.com/trestletech/sanitizer/actions)
Sanitize HTML in R. Here's an example of a markdown strings that includes a potentially malicious script tag. It also has a `target` attribute in the `` tag which we don't allow by default. You can see that we render the markdown to HTML and then sanitize the resultant HTML to only allow the approved tags and attributes.
```{r}
html <- paste0('
')
sanitize_markdown(paste0('**hi** there ', html))
```
```{r}
sanitize_html(html)
```
```{r}
node <- xml2::read_xml(html)
san <- sanitize_node(node)
as.character(san, options=c("no_declaration"))
```