1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
5 import DOMPurify from 'dompurify';
7 type TDomPurifyConfig = {
8 ALLOWED_TAGS: string[];
9 ALLOWED_ATTR: string[];
12 const domPurifyConfig: TDomPurifyConfig = {
45 ALLOWED_ATTR: ['src', 'width', 'height', 'href', 'alt', 'title', 'style' ],
48 export const sanitizeHTML = (dirtyInput: string): string => DOMPurify.sanitize(dirtyInput, domPurifyConfig);