dompurify

security utility

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML, and SVG. It is written in JavaScript and functions in all modern browsers including Safari, Opera (15+), Internet Explorer (10+), Firefox, and Chrome - as well as nearly any other browser using Blink or WebKit. DOMPurify is crafted by security professionals with extensive experience in web attacks and XSS.

Latest Ver 3.2.5

Homepage

Github

15,075

The First Line of Defense for Purity

Safely navigate the web by sanitizing harmful elements with DOMPurify.

DOMPurify is a JavaScript library specifically designed to prevent XSS attacks in web applications. It sanitizes HTML, MathML, and SVG content securely.

CDN Download

License: (MPL-2.0 OR Apache-2.0)

Asset Type :

View All Versions

https://cdnjs.cloudflare.com/ajax/libs/dompurify/3.2.5/purify.js

https://cdnjs.cloudflare.com/ajax/libs/dompurify/3.2.5/purify.min.js

https://cdnjs.cloudflare.com/ajax/libs/dompurify/3.2.5/purify.js.map

https://cdnjs.cloudflare.com/ajax/libs/dompurify/3.2.5/purify.min.js.map

Sample Code

⚠️ Some code, including import statements, may not run properly on jsFiddle. If it fails to execute, please copy the code and try it in your own environment.

📄 HTML
<div id='example'>
  <p>Hello</p>
</div>

🧩 External JS
<script src="https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.3.6/purify.min.js"></script>

⚙️ JavaScript
document.getElementById('example').innerHTML = DOMPurify.sanitize('<img src=x onerror=alert(1)>');