striptags
    TypeScript icon, indicating that this package has built-in type declarations

    3.2.0 • Public • Published

    striptags Build Status

    An implementation of PHP's strip_tags in Node.js.

    Note: v3+ targets ES6, and is therefore incompatible with the master branch of uglifyjs. You can either:

    • use babili, which supports ES6
    • use the harmony branch of uglifyjs
    • stick with the 2.x.x branch

    Features

    • Fast
    • Zero dependencies
    • 100% test code coverage
    • No unsafe regular expressions

    Installing

    npm install striptags
    

    Basic Usage

    striptags(html, allowed_tags, tag_replacement);

    Example

    var striptags = require('striptags');
    
    var html =
        '<a href="https://example.com">' +
            'lorem ipsum <strong>dolor</strong> <em>sit</em> amet' +
        '</a>';
    
    striptags(html);
    striptags(html, '<strong>');
    striptags(html, ['a']);
    striptags(html, [], '\n');

    Outputs:

    'lorem ipsum dolor sit amet'
    
    lorem ipsum <strong>dolor</strong> sit amet'
    
    '<a href="https://example.com">lorem ipsum dolor sit amet</a>'
    
    lorem ipsum 
    dolor
     
    sit
     amet
    

    Streaming Mode

    striptags can also operate in streaming mode. Simply call init_streaming_mode to get back a function that accepts HTML and outputs stripped HTML. State is saved between calls so that partial HTML can be safely passed in.

    let stream_function = striptags.init_streaming_mode(
        allowed_tags,
        tag_replacement
    );
    
    let partial_text = stream_function(partial_html);
    let more_text    = stream_function(more_html);

    Check out test/striptags-test.js for a concrete example.

    Tests

    You can run tests (powered by mocha) locally via:

    npm test
    

    Generate test coverage (powered by istanbul) via :

    npm run coverage
    

    Doesn't use regular expressions

    striptags does not use any regular expressions for stripping HTML tags.

    Regular expressions are not capable of preventing all possible scripting attacks (see this). Here is a great StackOverflow answer regarding how strip_tags (when used without specifying allowableTags) is not vulnerable to scripting attacks.

    Install

    npm i striptags

    DownloadsWeekly Downloads

    343,139

    Version

    3.2.0

    License

    MIT

    Unpacked Size

    17.9 kB

    Total Files

    8

    Last publish

    Collaborators

    • avatar