Sanitize untrusted HTML
API · /htmlsanitize-api
HTML Sanitizer API
healthy
4,907 Subscribers
Make untrusted HTML safe to display. Send any HTML — a comment, a rich-text submission, a snippet from an email or a scraped page — and get back a clean, XSS-free version: <script> tags, inline event handlers (onclick, onerror), javascript: URLs, <iframe>, <style> and anything not on the allowlist are removed. Override the allowed tags and attributes to fit your needs, or drop links entirely. A strip endpoint returns plain text with all markup removed. Pure local sanitization — no key, no third-party service, instant. Live. 3 endpoints. Built for user-generated content, comment systems, rich-text editors, email rendering and any place untrusted HTML reaches a browser. Distinct from a Markdown renderer or an HTML data extractor.
api.oanor.com/htmlsanitize-api
API health
healthy- Uptime
- 100.00%
- Server probes · 24h
- Avg latency
- 91 ms
- Server probes · 24h
- Subscribers
- 4,907
- active
- Total calls
- 45
- last 7 days
Pricing
Pick a tier — billed monthly, cancel anytime.
Free
Free
- 1,240 calls / month
- 2 requests / second
- Hard cap (429 above quota, no overage)
- 1,240 calls/month
- 2 req/sec
- Sanitize + strip
- No credit card
Starter
€4.20 /month
- 15,000 calls / month
- 8 requests / second
- Hard cap (429 above quota, no overage)
- 15k calls/month
- 8 req/sec
- Custom allowlist
- Email support
Pro
€23.80 /month
- 156,000 calls / month
- 20 requests / second
- Hard cap (429 above quota, no overage)
- 156k calls/month
- 20 req/sec
- UGC / comment pipelines
- Priority support
Mega
€59.80 /month
- 800,000 calls / month
- 50 requests / second
- Hard cap (429 above quota, no overage)
- 800k calls/month
- 50 req/sec
- Platform scale
- Dedicated SLA
Built by
Related APIs
Other APIs with overlapping tags.
HTML Table API
Render tabular data as an HTML table, and parse an HTML table back into data. The render endpoint turns a JSON array (of objects, or of arrays) or CSV into a clean, semantic <table> with <thead>/<tbody>, an optional caption and CSS class — every cell HTML-escaped so it is safe to embed. The parse endpoint does the reverse: give it any HTML containing a table and get back the headers, the rows and a ready-to-use JSON array of objects, with entities decoded and tags stripped from each cell. Perfect for emails and reports, dashboards and admin screens, and scraping or migrating tabular content. Pure local computation — no key, no third-party service, instant; up to 2 MB via POST. Live, nothing stored. 3 endpoints. Distinct from Markdown/ASCII table rendering and from generic HTML extraction.
api.oanor.com/htmltable-api
BBCode API
Render BBCode — the [b]…[/b] markup used by forums, bulletin boards, game communities and many comment systems — into clean HTML, or strip it down to plain text. Supports bold, italic, underline, strikethrough, lists, quotes, code blocks, links, images, colour and size. Dangerous URL schemes (javascript:, data:, vbscript:) in links and images are neutralised, so the HTML is safe to display. The to-text endpoint removes all markup for previews, search indexes, notifications and excerpts. Powered by the bbob parser. Pure local computation — no key, no third-party service, instant; send large posts via POST. Live, nothing stored. 3 endpoints. Distinct from Markdown rendering and HTML-to-Markdown conversion.
api.oanor.com/bbcode-api
Minify API
Shrink your web assets. Minify CSS, JavaScript and HTML through one simple API and get back the compact output plus how many bytes (and what percent) you saved. CSS is minified with clean-css, JavaScript with Terser (with optional name-mangling and compression toggles), and HTML with html-minifier-terser (collapsing whitespace, dropping comments and redundant attributes, and minifying inline CSS and JS). Pass the source as a parameter or in the request body (up to 5 MB). Pure local processing — no key, no third-party service, instant. Live. 4 endpoints. Built for build pipelines, on-the-fly asset optimisation, email-HTML slimming, CMS and CDN tooling, and page-speed work.
api.oanor.com/minify-api
HTML to Markdown API
Convert HTML into clean GitHub-Flavored Markdown. Pass an HTML string, or a live page URL to fetch and convert, and get back tidy Markdown — headings, bold/italic, links, images, lists, blockquotes, code blocks, plus GFM tables, strikethrough and task lists. Script, style and head elements are stripped automatically. Tune the output: ATX or setext headings, the bullet marker, fenced or indented code blocks, inline or referenced links, and the emphasis/strong delimiters; toggle GFM on or off. The inverse of a Markdown-to-HTML renderer. Pure local conversion (the optional URL fetch aside) — no key, no third-party service, instant. Live. 3 endpoints. Built for content migration, web clipping and "save as Markdown", scraping cleanup, CMS import and documentation pipelines.
api.oanor.com/htmltomarkdown-api
Frequently asked questions
Quick answers about pricing, quotas, and integration.
How do I get an API key for HTML Sanitizer API?
Sign up for free at oanor.com, generate an API key from the developer dashboard, and call HTML Sanitizer API with the x-oanor-key header. No credit card needed for the free tier.
What's the rate limit for HTML Sanitizer API?
Free tier allows 1 request per second. Paid plans scale up to 50 requests per second on the Mega tier. Hard limits return HTTP 429 above the quota — no surprise overage charges.
How much does HTML Sanitizer API cost?
HTML Sanitizer API has a free tier with 100 calls / month. Paid plans start at €4.20 / month with higher quotas and faster rate limits.
Can I cancel my subscription anytime?
Yes. Plans are billed monthly and you can cancel anytime from your billing dashboard. No long-term contracts and no cancellation fee.
Is HTML Sanitizer API GDPR-compliant?
All requests to HTML Sanitizer API go through our EU-based gateway. Your upstream API key never leaves our server and no personal data is shared with the upstream provider beyond the request you send.
Pick an endpoint from the list on the left to see its details and try it.
Code snippets
Sign up to get an API key, then call any path under your slug.
curl https://api.oanor.com/htmlsanitize-api/SOME_PATH \
-H "x-oanor-key: oanor_test_..."const res = await fetch("https://api.oanor.com/htmlsanitize-api/SOME_PATH", {
headers: { "x-oanor-key": "oanor_test_..." }
});
const data = await res.json();$ch = curl_init("https://api.oanor.com/htmlsanitize-api/SOME_PATH");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ["x-oanor-key: oanor_test_..."]);
$response = curl_exec($ch);import requests
r = requests.get(
"https://api.oanor.com/htmlsanitize-api/SOME_PATH",
headers={"x-oanor-key": "oanor_test_..."},
)
print(r.json())Ratings
Sign in to rate.
No reviews yet.
Discussion
Ask questions, share usage tips, get answers from the provider and other developers. Public — anyone can read.
Sign in to start a thread or reply.
Sign inNew thread
📌 Pinned
🔒 Locked
·
·
·
-
Provider answer
🔒 This thread is locked — no new replies.
-
·
- No threads yet — start the discussion.
Support
Private 1:1 support with the provider — billing questions, integration issues, account problems. Only you and the provider team can see these threads.
Sign in to open a support ticket.
Sign inOpen new ticket
Describe what you need help with. The provider team gets an email and replies on the ticket page.
-
·
Urgent - No tickets yet for this API.