dompurify
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin
xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
cssfilter
Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS