Sanitizer class

Experimental: This is an experimental technologyCheck the Browser compatibility table carefully before using this in production.Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The interface of the HTML Sanitizer API provides methods to sanitize untrusted strings of HTML, Document and DocumentFragment objects. After sanitization, unwanted elements or attributes are removed, and the returned objects can safely be inserted into a document’s DOM.

A object is also used by the Element.setHTML() method to parse and sanitize a string of HTML, and immediately insert it into an element.

The default configuration strips out XSS-relevant input by default, including <script> tags, custom elements, and comments. This configuration may be customized using constructor options.

Available extensions
Annotations
  • @JS()
  • @staticInterop

Constructors

Sanitizer([SanitizerConfig? config])
factory

Properties

hashCode int
The hash code for this object.
no setterinherited
runtimeType Type
A representation of the runtime type of the object.
no setterinherited

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toString() String
A string representation of this object.
inherited

Operators

operator ==(Object other) bool
The equality operator.
inherited