1. Web
  2. Web APIs
  3. Sanitizer
  4. setDataAttributes()

Sanitizer: setDataAttributes() method

Limited availability

This feature is not Baseline because it does not work in some of the most widely-used browsers.

Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The setDataAttributes() method of the Sanitizer interface sets whether all data-* attributes will be allowed by the sanitizer, or if they must be individually specified.

If this is set true, then data attributes are automatically allowed and you should not add them individually using Sanitizer.allowAttribute() (or Sanitizer.allowElement() for local attributes).

Note that this method is useful for allow configurations which have a lot of data-* attributes that you want to allow. The method returns false when used with remove configurations, which can allow all data-* attributes simply by omitting them.

Syntax

js
setDataAttributes(allow);

Parameters

allow

true if all data-* attributes are allowed, and false if they must be explicitly specified.

Return value

true if the operation changed the configuration, and false if the configuration already set dataAttributes to the specified value or dataAttributes cannot be set true because this sanitizer has a remove configuration.

Examples

Basic usage

The code below shows the basic usage of the setDataAttributes() method.

js
// Create sanitizer (in this case the default)
const sanitizer = new Sanitizer();

// Allow all data-* attributes
sanitizer.setDataAttributes(true);

// data-* attributes are allowed by adding them
// to the attributes array
sanitizer.setDataAttributes(false);

Specifications

Specification
HTML Sanitizer API
# dom-sanitizer-setdataattributes

Browser compatibility

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content