
A React component that will sanitize user-inputted HTML code, using the popular sanitize-html package

Primary LanguageJavaScriptMIT LicenseMIT


npm version Build Status Node.js dependencies npm downloads

A React component that will sanitize user-inputted HTML code, using the popular sanitize-html package.


This React component requires both react and sanitize-html to be installed to work. We marked both as peer dependency so you could use the version of React as it fit.

Run npm install react-sanitized-html sanitize-html --save to install this package.

Because both htmlparser2 and domhandler (dependencies of sanitize-html) requires ES2015 Property Accessors for shorthanded properties. Thus, this component cannot be used in IE8.

In sanitize-html@1.14.1, shorthands are not used. Thus, it is possible to build a workaround for IE8 by customizing both [htmlparser2] and [domhandler] without shorthands.

Example usage

import SanitizedHTML from 'react-sanitized-html';

const HTML_FROM_USER = '<a href="http://bing.com/">Bing</a>';

  <SanitizedHTML html={ HTML_FROM_USER } />,

It will output as:

  <a href="http://bing.com/">Bing</a>


You can add sanitize-html options as props. For example,

  allowedAttributes={{ 'a': ['href'] }}
  html={ `<a href="http://bing.com/">Bing</a>` }

You can find more options here.


To setup your development environment, after cloning the repository, run the following steps.

npm install react sanitize-html
npm install --only=development

Then run npm test to run all tests.


Like us? Star us.

Found an issue? File us an issue.