-
Wow, the HTML Sanitizer API is a useful potential Web platform addition: const safe = (new Sanitizer()).sanitize(On twitter.com
<script> alert("pwned 😈") </script> <p>Harmless 👼</p>); safe.children.length; // 1 safe.children[0]; // <p> t.co/xbhqUoSGZ7♻️ 17 Retweets ❤️ 45 Favorites Mood +10 🙂
-
For people thinking this comes out of nowhere: it doesn’t. Here’s the in-flux spec: wicg.github.io/sanitizer-api/.Permalink On twitter.com