micromark-util-sanitize-uri
    TypeScript icon, indicating that this package has built-in type declarations

    1.0.0 • Public • Published

    micromark-util-sanitize-uri

    Build Coverage Downloads Size Sponsors Backers Chat

    micromark utility to sanitize urls.

    Contents

    Install

    npm:

    npm install micromark-util-sanitize-uri

    Use

    import {sanitizeUri} from 'micromark-util-sanitize-uri'
    
    sanitizeUri('https://example.com/a&b') // 'https://example.com/a&b'
    sanitizeUri('https://example.com/a%b') // 'https://example.com/a%25b'
    sanitizeUri('https://example.com/a%20b') // 'https://example.com/a%20b'
    sanitizeUri('https://example.com/👍') // 'https://example.com/%F0%9F%91%8D'
    sanitizeUri('https://example.com/', /^https?$/i) // 'https://example.com/'
    sanitizeUri('javascript:alert(1)', /^https?$/i) // ''
    sanitizeUri('./example.jpg', /^https?$/i) // './example.jpg'
    sanitizeUri('#a', /^https?$/i) // '#a'

    API

    This module exports the following identifiers: sanitizeUri. There is no default export.

    sanitizeUri(url[, pattern])

    Make a value safe for injection as a URL.

    This encodes unsafe characters with percent-encoding and skips already encoded sequences (see normalizeUri internally). Further unsafe characters are encoded as character references (see micromark-util-encode).

    A regex of allowed protocols can be given, in which case the URL is sanitized. For example, /^(https?|ircs?|mailto|xmpp)$/i can be used for a[href], or /^https?$/i for img[src] (this is what github.com allows). If the URL includes an unknown protocol (one not matched by protocol, such as a dangerous example, javascript:), the value is ignored.

    Parameters
    • url (string) — URI to sanitize.
    • pattern (RegExp, optional) — Allowed protocols.
    Returns

    string — Sanitized URI.

    Security

    See security.md in micromark/.github for how to submit a security report.

    Contribute

    See contributing.md in micromark/.github for ways to get started. See support.md for ways to get help.

    This project has a code of conduct. By interacting with this repository, organisation, or community you agree to abide by its terms.

    License

    MIT © Titus Wormer

    Install

    npm i micromark-util-sanitize-uri

    DownloadsWeekly Downloads

    491,400

    Version

    1.0.0

    License

    MIT

    Unpacked Size

    13.3 kB

    Total Files

    6

    Last publish

    Collaborators

    • wooorm