サニタイズ

サニタイズ

[1] はてなダイアリーXSS対策 - はてなダイアリーのヘルプ ( ( 版)) http://hatenadiary.g.hatena.ne.jp/keyword/%E3%81%AF%E3%81%A6%E3%81%AA%E3%83%80%E3%82%A4%E3%82%A2%E3%83%AA%E3%83%BCXSS%E5%AF%BE%E7%AD%96?kid=247

[2] GitHub Flavored Markdown Spec () https://github.github.com/gfm/#disallowed-raw-html-extension-

[3] Sanitize Untrusted HTML () https://mikewest.github.io/purification/

[4] cure53/DOMPurify: DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo: () https://github.com/cure53/DOMPurify

[5] IIIFのHTML

[6] RFP: Sanitizer specification · Issue #106 · mozilla/standards-positions () https://github.com/mozilla/standards-positions/issues/106