The static HTML property allows you to get/set filtered HTML directly on the DOM object you’re using. The browser vendors don’t support this property yet, IE has a toStaticHTML function and Firefox via the Noscript plugin emulates toStaticHTML but doesn’t allow you to set/get directly, so I decided to create a JavaScript version that can […]

I did a talk in Leeds about DOM sandboxing with regular expressions, it went ok. I’m not the best speaker to be honest but with a bit more practice I’ll get there. Here are the slides:- PDF version Powerpoint slides

Description I finally sat down and started work on a sandboxed DOM API. Originally I was just going to develop a new framework because the DOM is messy but instead I decided it would be cool to have a safe simulated DOM instead and build a framework on top of that. It isn’t complete yet […]

Birth of the regex sandbox I decided today to do a proper blog post to explain my reasons for creating regex sandboxes. I don’t often write a lot of words on this blog partly because I’m not very good a making long meaningful sentences and partly because I think the point can often be made […]

I’ve been having a bit of a fight with DOM CSS. Single css rules in various browsers are carried over to two or more rules in some instances depending which characters you use. This was playing havoc on my HTMLReg sandbox, I whitelist allowed rules so I can’t allow rules to be injected. The IE […]

Yeah you knew it was coming. This was easier than JavaScript parsing because I can use both the HTML and CSS renderers of the browser to make sure I can parse the code safely. So really this is CSS/HTML reg, I don’t support the style tag yet but that shouldn’t be difficult as I can […]