1

On JavaScript, it can remove all HTML tags in the text with regular expressions like this:

replace(/(<([^>]+)>)/ig, "")

In addition, I would like to keep specific tags.

ex)<h1>Text</h1><input type="text">Text</input><b>Text</b> → <h1>Text</h1>Text<b>Text</b>

I tried this code, but it doesn't work correctly. 

replace(/<\/{0,1}!(font|h\d|p|hr|pre|blockquote|ol|ul|...).*?>/ig, "");

Please let me know the best formula.

Improve this question
2
  • There's numerous posts around explaining that parsing (i.e., analyzing) HTML will not succeed with REs. Simple tasks, such as eliminating all markup, will work, but more complex stuff won't work. This is due to the simplicity of regular languages (strings described by REs), compared to the complexity of HTML. My first attempt would be to filter the DOM. Commented Feb 6, 2014 at 12:11
  • I'll use strip_tags for JavaScript. I appreciate everybody's reply. Commented Feb 7, 2014 at 3:53

3 Answers 3

Reset to default
1

THE PONY HE COMES

Especially in JavaScript, there is no excuse.

var div = document.createElement('div');
div.innerHTML = your_input_here;
var allowedtags = "font|h[1-6]|p|hr|...";

var rgx = new RegExp("^(?:"+allowedtags+")$","i");
var tags = div.getElementsByTagName('*');
var length = tags.length;
var i;
for( i=length-1; i>=0; i--) {
    if( !tags[i].nodeName.match(rgx)) {
        while(tags[i].firstChild) {
            tags[i].parentNode.insertBefore(tags[i].firstChild,tags[i]);
            // this will take all children and extract them
        }
        tags[i].parentNode.removeChild(tags[i]);
    }
}

var result = div.innerHTML;
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

What about using such a simple function to remove unwanted tags:

function sanitize(text, allowed) {

    var tags = typeof allowed === 'string' ? allowed.split(',') : allowed;

    var a = document.createElement('div');
    a.innerHTML = text;

    for (var c = a.childNodes, i = c.length; i--;) {
        if (c[i].nodeType == 1) {
            c[i].innerHTML = sanitize(c[i].innerHTML, tags);
            if (tags.indexOf(c[i].tagName.toLowerCase()) === -1) {
                c[i].parentNode.removeChild(c[i]);
            }
        }
    }

    return a.innerHTML;
}

sanitize('<h1>This is a <script>alert(1)</script> test</h1> <input type="text"> and <b>this</b> should stay.', 'font,h1,h2,p,b,ul')

Output:

"<h1>This is a  test</h1>  and <b>this</b> should stay."

Or you can replace tag with it's text content if you use

c[i].parentNode.replaceChild(document.createTextNode(c[i].innerText);

instead of c[i].parentNode.removeChild(c[i]);

Improve this answer

Comments

0

You need to use negative lookahead:

replace(/<\/?(?!(font|h[1234]|p|hr|input|pre|blockquote|ol|ul))[^>]*>/ig, "");

Caution: HTML parsing and manipulation is error prone using regex like this. Better to use DOM parsers.

Improve this answer

1 Comment

I trid this regex, but some tags will remain. <h1>Text</h1><input type="text">Text</input><b>Text</b> → <h1>Text<input type="text">Text<b>Text

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.