I want to give end users the ability to save HTML to my backend

Question

0

Asked: May 16, 20262026-05-16T05:24:11+00:00 2026-05-16T05:24:11+00:00

I want to give end users the ability to save HTML to my backend

0

I want to give end users the ability to save HTML to my backend store. Since this feature could easily cause SQL Injection, and loads of other issues, does anyone know of a server side library that will clean the input so only the “safe” parts of HTML can be used?

Some things I’d like to avoid:

Object Tag use
JavaScript use
Windows “style” pop-up boxes (such as your PC is infected with a virus)
CSS with a Javascript action
inline data from external sites

Since there is a 100% guarantee that I didn’t come up with all the ways a user could be malicious with this feature, I’d like to learn what options I have to clean the data, but preserve basic formatting

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-16T05:24:11+00:00

Editorial Team

2026-05-16T05:24:11+00:00Added an answer on May 16, 2026 at 5:24 am

Consider sanitizing user input with the Microsoft AntiXSS library.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want to give end users the ability to save HTML to my backend

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply