Become a sponsor to Cure53
We maintain a HTML sanitizer that aims to be as secure as possible while being as tolerant as possible as well (we allow most of HTML, SVG and MathML by default).
This is not always an easy job and often requires intense testing and research, night shifts - as well as being as fast as possible in case for example a bypass is found and fixed.
Your sponsorship will allow to allocate more quality time to the project and help us to deliver what is expected from us - fast and secure sanitization that is up-to-date and reliable. And free for all of our users.
Featured work
-
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
JavaScript 14,121 -
cure53/H5SC
HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
JavaScript 2,858 -
cure53/XSSChallengeWiki
Welcome to the XSS Challenge Wiki!
-
cure53/HTTPLeaks
HTTPLeaks - All possible ways, a website can leak HTTP requests
HTML 1,983