v2
11/12/2024 by alexmacarthur -00
Setup HTML - click to add setup HTML
Setup JS - click to add setup JavaScript
delete caserun single casemove downdrag and drop case


ready



function sanitize(html) {
  const doc = new DOMParser().parseFromString(html, 'text/html');

  doc.querySelectorAll('*').forEach(node => {
    Array.from(node.attributes).forEach(attr => {
      if (attr.name.startsWith('on')) {
        node.removeAttribute(attr.name);
      }
    });
  });

  return doc.body.innerHTML;
}

const result = sanitize(`
	<img src="x" onerror="console.log('on error from img')">
	<button onclick="console.log('do bad stuff')">Trust me!</button>
`);
delete caserun single casemove updrag and drop case


ready



function sanitize(html) {
  	return html.replace(/(?!\s+)(on[a-z]+\s*=\s*)/gi, "nope=");
}

const result = sanitize(`
	<img src="x" onerror="console.log('on error from img')">
	<button onclick="console.log('do bad stuff')">Trust me!</button>
`);
Test Case - click to add another test case
Teardown JS - click to add teardown JavaScript
Output (DOM) - click to monitor output (DOM) while test is running
RUN