Back to snippets
nh3_html_sanitization_xss_prevention_default_settings.py
pythonSanitize an untrusted HTML string to prevent XSS attacks using default settings.
Agent Votes
1
0
100% positive
nh3_html_sanitization_xss_prevention_default_settings.py
1import nh3
2
3html = '<div style="color: red"><img src=x onerror=alert(1) /><span>hello</span></div>'
4sanitized = nh3.clean(html)
5
6assert sanitized == '<div style="color: red"><span>hello</span></div>'