GoQuery VS bluemonday

Compare GoQuery vs bluemonday and see what are their differences.

bluemonday

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS (by microcosm-cc)
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
GoQuery bluemonday
11 8
14,106 3,231
0.6% 1.1%
7.2 6.6
22 days ago 5 months ago
Go Go
BSD 3-clause "New" or "Revised" License BSD 3-clause "New" or "Revised" License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

GoQuery

Posts with mentions or reviews of GoQuery. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-11.

bluemonday

Posts with mentions or reviews of bluemonday. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-07-13.
  • Don't try to sanitize input. Escape output. (2020)
    2 projects | news.ycombinator.com | 13 Jul 2024
  • Geomys, a blueprint for a sustainable open-source maintenance firm
    1 project | news.ycombinator.com | 8 Jul 2024
    I'm really glad to see `bluemonday` in such company, but I'm also really happy to hand over the reigns to a group of engineers that can focus on OSS.

    I am the author of https://github.com/microcosm-cc/bluemonday but being a maintainer is a journey, you make a tool for yourself, you realise others will benefit and open it up to others... time passes... and then you realise you are that tiny pillar in the XKCD comic about dependencies, and that when you make a casual update to the project that multiple security companies ping you to ask the impact and scope of the change, implications, and of course others ping you to say that it breaks their individual workflow.

    I've known Filippo for almost as long as that library has existed, and I know it's in a safe pair of hands, and that Geomys is going to be a good home to all of the OSS projects that they have in their portfolio.

    It's definitely a journey, how should these foundational elements be supported and funded? This is one answer to that question, and I'm glad it exists as my spare cycles were very few.

  • Sponsor the open source projects you depend on
    6 projects | news.ycombinator.com | 10 Apr 2023
    I'm on the receiving end of donations from sourcegraph for this. It's around $10 per month from that single donation and is for the only Go HTML santizer, which you use when you have user generated / untrusted input that you need to display as HTML. https://github.com/microcosm-cc/bluemonday

    For me the library has been good enough for my own use for a very very long time. I mostly neglect it unless there's some critical issue. I don't improve it at all as my time is better spent on my day job.

    I've often thought that there's room for improvement such as a DOM style santizer to validate input rather than just a SAX style sanitizer, perhaps formatting of output in addition to sanitising input, transformation rules, etc.

    When I got the donation I was surprised, first ever bit of support for open source software I'd written (as this was not written on company dime).

    Even at $10 per month it's motivating enough to think someone values it. If it accrues into something significant I may actually feel motivated to improve it.

    Interesting is that I'd regard this as successful by usage, it's used by virtually everything in the Go world that makes a website.

    Perhaps people don't know it exists though? And for that awareness thanks to thanks.dev

  • How to secure POST API endpoint getting rich text editor HTML string
    1 project | /r/golang | 10 Apr 2023
    bluemonday is an html sanitizer you could try
  • Does anyone know of an HTML parser that would allow me to manipulate the HMTL? Namely I'm interested in stripping all attributes from strings.
    2 projects | /r/golang | 16 Dec 2022
    For sanitizing html input at work we use https://github.com/microcosm-cc/bluemonday.
  • Bluemonday: A fast Golang HTML sanitizer
    1 project | news.ycombinator.com | 29 May 2022
  • How to validate a string is a valid HTML tag/attribute?
    1 project | /r/golang | 6 Mar 2022
    Sounds like a task for bluemonday.
  • HTML Sanitizer API
    5 projects | news.ycombinator.com | 6 May 2021

What are some alternatives?

When comparing GoQuery and bluemonday you can also consider the following projects:

colly - Elegant Scraper and Crawler Framework for Golang

inject

xpath - XPath package for Golang, supports HTML, XML, JSON document query.

go-pkg-xmlx

htmlquery - htmlquery is golang XPath package for HTML query.

mxj - Decode / encode XML to/from map[string]interface{} (or JSON); extract values with dot-notation paths and wildcards. Replaces x2j and j2x packages.

jsonpath - JSONPath with dot notation generator for golang

xml - Package feed implements a flexible, robust and efficient RSS and Atom parser

bbConvert - Converter from BBCode to HTML

goregen - randexp for Go.

sh - A shell parser, formatter, and interpreter with bash support; includes shfmt

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Did you konow that Go is
the 4th most popular programming language
based on number of metions?