How to use the dompurify.isSupported function in dompurify
To help you get started, we’ve selected a few dompurify examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
tutao / tutanota / src / misc / HtmlSanitizer.js View on Github 
constructor() {
this._blockExternalContent = false
if (DOMPurify.isSupported) {
this.purifier = DOMPurify
} else {
return
}
// Do changes in afterSanitizeAttributes and not afterSanitizeElements so that images are not removed again because of the SVGs.
this.purifier.addHook('afterSanitizeAttributes', (currentNode, data, config: SanitizeConfig) => {
// remove custom css classes as we do not allow style definitions. custom css classes can be in conflict to our self defined classes.
// just allow our own "tutanota_quote" class and MsoListParagraph classes for compatibility with Outlook 2010/2013 emails. see main-styles.js
let allowedClasses = [
"tutanota_quote", "MsoListParagraph", "MsoListParagraphCxSpFirst", "MsoListParagraphCxSpMiddle", "MsoListParagraphCxSpLast"
]
if (currentNode.classList) {
let cl = currentNode.classList;
for (let i = cl.length; i > 0; i--) {
if (allowedClasses.indexOf(cl[0]) === -1) {
cl.remove(cl[0]);dompurify
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else usin
