DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
updated at May 26, 2024, 3:11 a.m.
HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
updated at May 26, 2024, 5:32 a.m.