`.
```
--------------------------------
### SanitizerOptions.rewriteExternalResources
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
A callback invoked for every src attribute on elements (e.g.,
![]()
) and every url() value in inline or embedded CSS. Used to proxy or block remote resource loading. When set, schema restrictions are bypassed for resources.
```APIDOC
## SanitizerOptions.rewriteExternalResources
### Description
A callback invoked for every `src` attribute on elements (e.g., `
![]()
`) and every `url()` value in inline or embedded CSS. Used to proxy or block remote resource loading. When set, schema restrictions are bypassed for resources.
### Usage
```typescript
import { sanitize } from 'lettersanitizer';
const proxy = (url: string) => `https://imgproxy.example.com/?src=${encodeURIComponent(url)}`;
const result = sanitize(
`
text`,
'',
{
id: 'msg_res',
rewriteExternalResources: proxy,
}
);
// Images and CSS backgrounds are proxied:
//

//
text
```
```
--------------------------------
### SanitizerOptions.allowedSchemas
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
An array of allowed URL schemes (protocols) for href and src attributes when no rewrite callbacks are set. Defaults to ['http', 'https', 'mailto']. Scheme matching is case-insensitive. URLs with disallowed schemes have their attribute removed entirely.
```APIDOC
## SanitizerOptions.allowedSchemas
### Description
An array of allowed URL schemes (protocols) for `href` and `src` attributes when no rewrite callbacks are set. Defaults to `['http', 'https', 'mailto']`. Scheme matching is case-insensitive. URLs with disallowed schemes have their attribute removed entirely.
### Usage
```typescript
import { sanitize } from 'lettersanitizer';
// Default schemas: http, https, mailto are allowed
const safe = sanitize('
Email us', '', { id: 'test' });
// => '
'
// ftp:// is not in the default list — href is stripped
const ftpBlocked = sanitize('
FTP', '', { id: 'test' });
// => '
'
// Allow data: URIs for inline images (e.g., in offline/embedded email viewers)
const withData = sanitize(
'

',
'',
{ id: 'test', allowedSchemas: ['http', 'https', 'mailto', 'data'] }
);
// => '
'
```
```
--------------------------------
### CSS Scoping and Media Rule Handling
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
Demonstrates how Lettersanitizer automatically scopes embedded `
`,
'',
{ id: 'email' }
);
// @keyframes, @font-face, @import are removed
// body selector → #email body, .header → #email .email_header, #logo → #email #email_logo
// @media block is preserved and scoped
// => '
'
```
--------------------------------
### Customizing Allowed CSS Properties
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
Extend the default allowlist of CSS properties to include custom ones. Ensure that only the specified properties are retained in inline styles and `',
'',
{ noWrapper: true }
);
// Class names and CSS selectors are NOT prefixed:
// => '
Hello!
'
// Compare: with wrapper and id, classes are prefixed
const wrapped = sanitize(
'
Hello!
',
'',
{ id: 'msg' }
);
// => '
'
```
```
--------------------------------
### Exported Default CSS Property Allowlist
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
Access the default list of allowed CSS properties for inspection or extension. This list can be used as a base for creating custom allowlists.
```typescript
import { allowedCssProperties } from 'lettersanitizer';
console.log(allowedCssProperties.includes('color')); // true
console.log(allowedCssProperties.includes('pointer-events')); // false
console.log(allowedCssProperties.length); // ~130 properties
// Use as a base to build a custom allowlist
const myAllowedProperties = [...allowedCssProperties, 'pointer-events', 'cursor'];
```
--------------------------------
### SanitizerOptions.dropAllHtmlTags
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
When true, all HTML tags are removed and only their text content is preserved.
`,
'',
{ id: 'msg_123' }
);
// CSS selectors and element attributes are scoped:
// => '
'
```
--------------------------------
### SanitizerOptions.preserveCssPriority
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
Controls whether !important declarations are preserved in sanitized CSS. Defaults to true. Set to false to strip all !important flags, useful when the host page's styles should be able to override email styles.
```APIDOC
## SanitizerOptions.preserveCssPriority
### Description
Controls whether `!important` declarations are preserved in sanitized CSS. Defaults to `true`. Set to `false` to strip all `!important` flags, useful when the host page's styles should be able to override email styles.
### Usage
```typescript
import { sanitize } from 'lettersanitizer';
// Default: !important is preserved
const preserved = sanitize(
'
text
',
'',
{ noWrapper: true }
);
// => '
text
'
// Stripped: !important removed
const stripped = sanitize(
'
text
',
'',
{ noWrapper: true, preserveCssPriority: false }
);
// => '
text
'
```
```
--------------------------------
### Strip All HTML Tags
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
Set `dropAllHtmlTags` to `true` to remove all HTML tags and preserve only the text content. This is useful for rendering plain-text views.
```typescript
import { sanitize } from 'lettersanitizer';
const result = sanitize(
'
Hello World
This is important
',
'',
{ id: 'plain', dropAllHtmlTags: true }
);
// => '
Hello WorldThis is important
'
```
--------------------------------
### sanitize function
Source: https://github.com/mat-sz/lettersanitizer/blob/main/README.md
The sanitize function uses DOMParser to sanitize HTML content and returns safe HTML text. It accepts the HTML string, fallback text, and an optional options object.
```APIDOC
## sanitize function
### Description
Sanitizes HTML content using DOMParser and returns safe HTML text. `text` is used for fallback if no HTML source is available.
### Signature
```typescript
function sanitize(html: string, text?: string, options?: SanitizerOptions)
```
### Parameters
#### `html` (string) - Required
The HTML content to sanitize.
#### `text` (string) - Optional
Fallback text to use if no HTML source is available.
#### `options` (SanitizerOptions) - Optional
An object containing sanitization options.
```typescript
interface SanitizerOptions {
id?: string;
dropAllHtmlTags?: boolean;
rewriteExternalResources?: (url: string) => string;
rewriteExternalLinks?: (url: string) => string;
allowedSchemas?: string[];
preserveCssPriority?: boolean;
noWrapper?: boolean;
}
```
### Request Example
```typescript
import { sanitize } from 'lettersanitizer';
sanitize('
test', '', { id: 'test' });
// Expected output:
test
```
### Response
Returns the sanitized HTML string.
```
--------------------------------
### Remove Outer Wrapper Element
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
Use `noWrapper: true` to return sanitized content without the default wrapping `
` element. CSS scoping is also disabled.
```typescript
import { sanitize } from 'lettersanitizer';
const result = sanitize(
'
Hello!
',
'',
{ noWrapper: true }
);
// Class names and CSS selectors are NOT prefixed:
// => '
Hello!
'
// Compare: with wrapper and id, classes are prefixed
const wrapped = sanitize(
'
Hello!
',
'',
{ id: 'msg' }
);
// => '
'
```
--------------------------------
### Control CSS !important Declarations
Source: https://context7.com/mat-sz/lettersanitizer/llms.txt
The `preserveCssPriority` option controls whether `!important` declarations are kept in sanitized CSS. Defaults to `true`.
```typescript
import { sanitize } from 'lettersanitizer';
// Default: !important is preserved
const preserved = sanitize(
'
text
',
'',
{ noWrapper: true }
);
// => '
text
'
// Stripped: !important removed
const stripped = sanitize(
'
text
',
'',
{ noWrapper: true, preserveCssPriority: false }
);
// => '
text
'
```
=== COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.