I am using Google Caja HTML Sanitizer (https://code.google.com/p/google-caja/wiki/JsHtmlSanitizer), however it is sanitizing things I don't want it to.
Sometimes I want to input data in a format similar to:
Bob <Carpenter>
but this becomes:
Bob
How to relax Google Caja HTML Sanitizer? It's sanitizing too much
405 Views Asked by atkayla At
1
There are 1 best solutions below
Related Questions in JAVASCRIPT
- Using Puppeteer to scrape a public API only when the data changes
- inline SVG text (js)
- An array of images and a for loop display the buttons. How to assign each button to open its own block by name?
- Storing the preferred font-size in localStorage
- Simple movie API request not showing up in the console log
- Authenticate Flask rest API
- Deploying sveltekit app with gunjs on vercel throws cannot find module './lib/text-encoding'
- How to request administrator rights?
- mp4 embedded videos within github pages website not loading
- Scrimba tutorial was working, suddenly stopped even trying the default
- In Datatables, start value resets to 0, when column sorting
- How do I link two models in mongoose?
- parameter values only being sent to certain columns in google sheet?
- Run main several times of wasm in browser
- Variable inside a Variable, not updating
Related Questions in HTML
- How to store a date/time in sqlite (or something similar to a date)
- How to use custom font during html to pdf conversion?
- Storing the preferred font-size in localStorage
- mp4 embedded videos within github pages website not loading
- Scrimba tutorial was working, suddenly stopped even trying the default
- Is there any way to glow this bulb image like a real light bulb
- With non-graphical maps in Leaflet, zoomDelta doesn't work
- What can I do to improve my coding on both html and css
- Uncaught TypeError: google.maps.LatLng is not a constructor at init (script.js:7:13)
- Bootstrap modal not showing at the desired position on a web page when the screen size is smaller
- Displaying a Movie List on a Website Using Jinja2 and Bootstrap
- How to redirect to thank you page after submitting a Google form embedded into a Google Site?
- Storing selected language in localStorage
- Fences (parenthesis, braces) in HTML and MathML
- Understanding Scroll Anchoring Behavoir
Related Questions in NODE.JS
- Using Puppeteer to scrape a public API only when the data changes
- How to request administrator rights?
- How do I link two models in mongoose?
- Variable inside a Variable, not updating
- Unable to Post Form Data to MongoDB because of picturepath
- Connection terminated unexpectedly while performing multi row insert using pg-promise
- Processing multiple forms in nodejs and postgresql
- Node.js Server + Socket.IO + Android Mobile Applicatoin XHR Polling Error...?
- How to change the Font Weight of a SelectValue component in React when a SelectItem is selected?
- My unban and ban commands arent showing when i put the slash
- how to make read only file/directory in Mac writable
- How can I outsource worker processes within a for loop?
- Get remote MKV file metadata using nodejs
- Adding google-profanity-words to web page
- Products aren't displayed after fetching data from mysql db (node.js & express)
Related Questions in XSS
- How to sanitise request body in spring boot if some attributes contain these values
- Using Content Security Policy to prevent XSS with HTML object/data tag
- Checkmarx DOM XSS Vulnerability flagging JS/jQuery code
- Prevent XSS attack on an application made using outsystems, preventing file upload which has hidden javascript code
- How to fix checkmarx reflected XSS attack in JSP page?
- how to prevent url custom parameters xss attack in WordPress
- XSS scan with python and selenium
- i'm trying to sanitize but it doesn't work
- XSS attack on location map
- How to create "unsafe" environment for JavaScript XSS testing
- Is there still an XSS bug in JQuery1.12.4 when I upgrade my JQuery framework from 1.7.2 to 1.12.4?
- Is it safe to store TwitterAPI access tokens in Session variables?
- Sanitize injected CSS to prevent XSS
- Is this POC a real XSS vulnerability?
- How to preserve rich text formatting in contentNote after escaping HTML characters to prevent XSS attack in salesforce
Related Questions in GOOGLE-CAJA
- Web Workers as the means for sanitizing user input JS
- Sanitizing user supplied javascript using Google Caja
- Block all network access in html page
- Allow images and links in Google Caja HTML emails
- How to pass libraries through Google CAJA?
- Prevent a code reading cookies (possibly using google CAJA)
- How can you check if the user's browser supports Google Caja?
- Prevent removal of <style></style> with Google Caja
- Java: Parse JavaScript & Flag Errors
- Loading html, css, javascript in sandbox preventing any communications
- How to use Google Caja HTML/CSS sanitizer JS library in Java
- How to relax Google Caja HTML Sanitizer? It's sanitizing too much
- Unable to serve download links in google apps script
- How can I position a jQuery dialog, using htmlService
- Is this Google Picker warning irrelevant?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Caja sanitizes HTML.
<Carpenter>isn't valid HTML. Therefore, it gets sanitized.If the data you're inputting isn't actually HTML, don't run it through Caja.