{"library":"micromark-util-sanitize-uri","title":"URI Sanitization Utility for Micromark","description":"micromark-util-sanitize-uri is a focused utility package within the unified collective's micromark ecosystem, designed to safely normalize and sanitize URIs. It currently operates at version 2.0.1. The package encodes unsafe characters using percent-encoding, skips already encoded sequences, and can further sanitize URIs by validating against a regex of allowed protocols, effectively neutralizing potentially dangerous `javascript:` schemes. This utility is crucial for developers building custom micromark extensions or processing user-generated content, ensuring that URLs rendered in HTML are free from XSS vulnerabilities. As part of the broader micromark project, it follows the unified collective's release cadence, with major versions tied to Node.js LTS support, ensuring compatibility with Node.js 16+ for its current v2 release.","language":"javascript","status":"active","last_verified":"Sun Apr 19","install":{"commands":["npm install micromark-util-sanitize-uri"],"cli":null},"imports":["import { sanitizeUri } from 'micromark-util-sanitize-uri'","import { normalizeUri } from 'micromark-util-sanitize-uri'"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import { sanitizeUri, normalizeUri } from 'micromark-util-sanitize-uri';\n\n// Sanitize a URI, disallowing javascript: protocols\nconst safeUrl = sanitizeUri('javascript:alert(1)', /^https?$/i);\nconsole.log(`Sanitized dangerous URL: '${safeUrl}'`); // Expected: ''\n\n// Normalize a URI, encoding unsafe characters\nconst encodedUrl = normalizeUri('https://example.com/a&b space👍');\nconsole.log(`Normalized URL with special chars: '${encodedUrl}'`); // Expected: 'https://example.com/a&amp;b%20space%F0%9F%91%8D'\n\n// Sanitize a relative URL, still allowing it through if protocol pattern is specific\nconst relativeUrl = sanitizeUri('./image.png', /^https?$/i);\nconsole.log(`Sanitized relative URL with http/s pattern: '${relativeUrl}'`); // Expected: './image.png'\n\n// An example of a valid URL passing through the sanitizer\nconst validUrl = sanitizeUri('https://example.com/path', /^https?$/i);\nconsole.log(`Sanitized valid URL: '${validUrl}'`); // Expected: 'https://example.com/path'\n","lang":"typescript","description":"Demonstrates `sanitizeUri` with protocol filtering and `normalizeUri` for encoding special characters, showing how to make URLs safe for embedding.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}