+
+export function getCustomMarkupSanitizeOptions (additionalAllowedTags: string[] = []) {
+ const base = getSanitizeOptions()
+
+ return {
+ allowedTags: [
+ ...base.allowedTags,
+ ...additionalAllowedTags,
+ 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img'
+ ],
+ allowedSchemes: base.allowedSchemes,
+ allowedAttributes: {
+ ...base.allowedAttributes,
+
+ 'img': [ 'src', 'alt' ],
+ '*': [ 'data-*', 'style' ]
+ }
+ }
+}
+
+// Thanks: https://stackoverflow.com/a/12034334
+export function escapeHTML (stringParam: string) {
+ if (!stringParam) return ''
+
+ const entityMap = {
+ '&': '&',
+ '<': '<',
+ '>': '>',
+ '"': '"',
+ '\'': ''',
+ '/': '/',
+ '`': '`',
+ '=': '='
+ }
+
+ return String(stringParam).replace(/[&<>"'`=/]/g, s => entityMap[s])
+}