38 lines
1.2 KiB
TypeScript
38 lines
1.2 KiB
TypeScript
import DOMPurify from "isomorphic-dompurify";
|
|
|
|
/**
|
|
* Sanitize plain text inputs by stripping all HTML tags.
|
|
* Use for names, phone numbers, and simple text fields.
|
|
*/
|
|
export function sanitizeText(input: string | undefined): string {
|
|
if (!input) return "";
|
|
const cleaned = DOMPurify.sanitize(input, { ALLOWED_TAGS: [], ALLOWED_ATTR: [] });
|
|
return cleaned.trim();
|
|
}
|
|
|
|
/**
|
|
* Sanitize rich text notes allowing only a minimal, safe subset of tags.
|
|
* Use for free-form notes or comments where basic formatting is acceptable.
|
|
*/
|
|
export function sanitizeHtml(input: string | undefined): string {
|
|
if (!input) return "";
|
|
const cleaned = DOMPurify.sanitize(input, {
|
|
ALLOWED_TAGS: ["br", "p", "strong", "em", "u", "a", "ul", "li"],
|
|
ALLOWED_ATTR: ["href", "title", "target", "rel"],
|
|
ALLOWED_URI_REGEXP: /^(?:https?:)?\/\//i,
|
|
KEEP_CONTENT: true,
|
|
});
|
|
return cleaned.trim();
|
|
}
|
|
|
|
/**
|
|
* Sanitize phone numbers by stripping HTML and keeping only digits and a few symbols.
|
|
* Allowed characters: digits, +, -, (, ), and spaces.
|
|
*/
|
|
export function sanitizePhone(input: string | undefined): string {
|
|
const text = sanitizeText(input);
|
|
return text.replace(/[^0-9+\-()\s]/g, "");
|
|
}
|
|
|
|
|