in js/bootstrap.bundle.js [5407:5446]
function sanitizeHtml(unsafeHtml, whiteList, sanitizeFn) {
if (unsafeHtml.length === 0) {
return unsafeHtml;
}
if (sanitizeFn && typeof sanitizeFn === 'function') {
return sanitizeFn(unsafeHtml);
}
var domParser = new window.DOMParser();
var createdDocument = domParser.parseFromString(unsafeHtml, 'text/html');
var whitelistKeys = Object.keys(whiteList);
var elements = [].slice.call(createdDocument.body.querySelectorAll('*'));
var _loop = function _loop(i, len) {
var el = elements[i];
var elName = el.nodeName.toLowerCase();
if (whitelistKeys.indexOf(el.nodeName.toLowerCase()) === -1) {
el.parentNode.removeChild(el);
return "continue";
}
var attributeList = [].slice.call(el.attributes);
var whitelistedAttributes = [].concat(whiteList['*'] || [], whiteList[elName] || []);
attributeList.forEach(function (attr) {
if (!allowedAttribute(attr, whitelistedAttributes)) {
el.removeAttribute(attr.nodeName);
}
});
};
for (var i = 0, len = elements.length; i < len; i++) {
var _ret = _loop(i);
if (_ret === "continue") continue;
}
return createdDocument.body.innerHTML;
}