Sanitizer API
Limited availability
The Document.parseHTML() static method and the setHTML() method of Element and ShadowRoot objects parse and insert HTML into the DOM in a way that can prevent cross-site scripting attacks. The Sanitizer API can customize the sanitization process.
Browser support
Need this feature?
Leave a 👍 on the feedback issue
Don't forget to also leave a comment explaining your specific use case.
MDN documentation
Specifications
- HTML (#html-sanitization), from HTML Workstream (WHATWG).
Web Platform Tests (WPT)
View the latest WPT test results for this featureView as JSON | Edit this feature | Report an issue | Web-features entry: source, dist