{
  "url": "https://unifast.dev/it/docs/packages/node/sanitize/",
  "locale": "it",
  "title": "sanitize()",
  "description": "Crea un plugin di sanitizzazione che rimuove tag HTML, attributi e protocolli URL pericolosi dall'output compilato.",
  "section": "packages",
  "body": "```ts\n\n```\n\n## Firma\n\n```ts\nfunction sanitize(options?: SanitizePluginOptions): UnifastPlugin\n```\n\n## Parametri\n\n### options?\n\nConfigurazione della sanitizzazione\n\n| Proprietà | Tipo | Predefinito | Descrizione |\n|-----------|------|-------------|-------------|\n| `enabled` | `boolean` | `true` | Abilita o disabilita la sanitizzazione |\n| `schema` | `SanitizeSchema` | — | Schema di sanitizzazione personalizzato |\n\n#### SanitizeSchema\n\n| Proprietà | Tipo | Descrizione |\n|-----------|------|-------------|\n| `allowedTags` | `string[]` | Nomi di tag HTML da consentire (tutti gli altri vengono rimossi) |\n| `allowedAttributes` | `Record<string, string[]>` | Mappa dal nome del tag ai nomi degli attributi consentiti |\n| `allowedProtocols` | `Record<string, string[]>` | Mappa dal nome dell'attributo ai protocolli URL consentiti |\n\n## Utilizzo\n\n```ts\n\nconst result = compile(md, {\n  plugins: [\n    sanitize({\n      enabled: true,\n      schema: {\n        allowedTags: [\"h1\", \"h2\", \"h3\", \"p\", \"a\", \"strong\", \"em\", \"code\", \"pre\", \"img\", \"ul\", \"ol\", \"li\", \"blockquote\", \"table\", \"thead\", \"tbody\", \"tr\", \"th\", \"td\"],\n        allowedAttributes: {\n          a: [\"href\", \"title\", \"target\"],\n          img: [\"src\", \"alt\", \"width\", \"height\"],\n          code: [\"class\"],\n          pre: [\"class\"],\n        },\n        allowedProtocols: {\n          href: [\"https\", \"http\", \"mailto\"],\n          src: [\"https\", \"http\"],\n        },\n      },\n    }),\n  ],\n});\n```\n\n## Esempi\n\n### Rimuovere HTML pericoloso\n\n```ts\n\nconst untrustedMd = `\n# Hello\n\n<script>alert(\"xss\")</script>\n\n<img src=\"x\" onerror=\"alert('xss')\">\n\n[Click me](javascript:alert('xss'))\n`;\n\nconst result = compile(untrustedMd, {\n  plugins: [sanitize()],\n});\n\nconsole.log(result.output);\n// <script> tags, onerror attributes, and javascript: URLs are removed\n```\n\n### Tag consentiti personalizzati\n\n```ts\n\nconst result = compile(md, {\n  plugins: [\n    sanitize({\n      schema: {\n        allowedTags: [\"p\", \"a\", \"strong\", \"em\", \"code\", \"pre\"],\n      },\n    }),\n  ],\n});\n\nconsole.log(result.output);\n// Only the specified tags are kept; all others are stripped\n```\n\n### Limitare i protocolli URL\n\n```ts\n\nconst result = compile(md, {\n  plugins: [\n    sanitize({\n      schema: {\n        allowedProtocols: {\n          href: [\"https\", \"mailto\"],\n          src: [\"https\"],\n        },\n      },\n    }),\n  ],\n});\n\nconsole.log(result.output);\n// Only https: and mailto: links are allowed\n```\n\n### Disabilitare la sanitizzazione\n\n```ts\n\nconst result = compile(md, {\n  plugins: [sanitize({ enabled: false })],\n});\n\nconsole.log(result.output);\n// No sanitization applied — use only with trusted input\n```",
  "alternates": [
    {
      "locale": "en",
      "url": "https://unifast.dev/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/docs/packages/node/sanitize.json"
    },
    {
      "locale": "ja",
      "url": "https://unifast.dev/ja/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/ja/docs/packages/node/sanitize.json"
    },
    {
      "locale": "zh-CN",
      "url": "https://unifast.dev/zh-CN/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/zh-CN/docs/packages/node/sanitize.json"
    },
    {
      "locale": "zh-TW",
      "url": "https://unifast.dev/zh-TW/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/zh-TW/docs/packages/node/sanitize.json"
    },
    {
      "locale": "ko",
      "url": "https://unifast.dev/ko/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/ko/docs/packages/node/sanitize.json"
    },
    {
      "locale": "fr",
      "url": "https://unifast.dev/fr/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/fr/docs/packages/node/sanitize.json"
    },
    {
      "locale": "it",
      "url": "https://unifast.dev/it/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/it/docs/packages/node/sanitize.json"
    },
    {
      "locale": "es",
      "url": "https://unifast.dev/es/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/es/docs/packages/node/sanitize.json"
    },
    {
      "locale": "pt-BR",
      "url": "https://unifast.dev/pt-BR/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/pt-BR/docs/packages/node/sanitize.json"
    },
    {
      "locale": "de",
      "url": "https://unifast.dev/de/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/de/docs/packages/node/sanitize.json"
    },
    {
      "locale": "ru",
      "url": "https://unifast.dev/ru/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/ru/docs/packages/node/sanitize.json"
    },
    {
      "locale": "hi",
      "url": "https://unifast.dev/hi/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/hi/docs/packages/node/sanitize.json"
    },
    {
      "locale": "id",
      "url": "https://unifast.dev/id/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/id/docs/packages/node/sanitize.json"
    },
    {
      "locale": "tr",
      "url": "https://unifast.dev/tr/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/tr/docs/packages/node/sanitize.json"
    },
    {
      "locale": "vi",
      "url": "https://unifast.dev/vi/docs/packages/node/sanitize/",
      "api": "https://unifast.dev//api/vi/docs/packages/node/sanitize.json"
    }
  ]
}