Sanitizer.sanitizeToString()

Draft: This page is not complete.

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The sanitizeToString() method of the Sanitizer interface returns a sanitized String from an input, removing any offending elements or attributes.

Syntax

var String = sanitizer.sanitizeToString(input);

Parameters

input: A String to be sanitized.

Return value

A String.

Exceptions

None.

Examples

This example uses the sanitizeToString method to remove disallowed script and blink elements from a string input.

// our input string to clean
const stringToClean = 'Some text <b><i>with</i></b> <blink>tags</blink>, including a rogue script <script>alert(1)</script> def.';

const result = new Sanitizer().sanitizeToString(stringToClean);
console.log(result);
// Logs: "Some text <b><i>with</i></b> tags, including a rogue script def."

Specifications

No specification found

No specification data found for api.Sanitizer.sanitizeToString.
Check for problems with this page or contribute a missing spec_url to mdn/browser-compat-data. Also make sure the specification is included in w3c/browser-specs.

Browser compatibility

No compatibility data found for api.Sanitizer.sanitizeToString.
Check for problems with this page or contribute missing data to mdn/browser-compat-data.

© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/Sanitizer/sanitizeToString