Construct an XSS HTML Validator.
Overriding content policy for this validator. Takes precedence over the content policy specified as context to validate().
Insert the rewritten URIs into the HTML (token replacement).
Escape the HTML prior to the upcoming insertion of token replacements.
Pass URIs through the Content Policy.
Sanitize the HTML. Compile all URIs into an array. Replace all URIs in the HTML with replacement tokens.
Turn an index number into a replacement token.
Unescape data after replacing tokens.
Sanitize a string of HTML to eliminate XSS risks.
The string HTML which needs to be sanitized.
String of sanitized HTML.
Validator which sanitizes HTML content to eliminate XSS (cross-site scripting) security risks. This validator has some special functionality surrounding the handling of URIs as they are sanitized: