#sanitize

Strip, extract and count emoji in any text. The strip endpoint removes every emoji from a string — or replaces each one with a marker you choose — and gets multi-code-point emoji right: ZWJ sequences like the family 👩‍👩‍👧‍👦, skin-tone modifiers (👍🏽), country flags (🇩🇪), keycaps (1️⃣) and variation selectors all count as a single emoji, so nothing is left half-deleted. The extract endpoint lists every emoji it finds with its position in the text and returns per-emoji and unique counts, ideal for analytics and moderation. A bare ©, ® or ™ is deliberately left alone unless it carries an emoji variation selector, and plain digits are never touched. Perfect for cleaning user input before search indexing or storage, sanitising usernames and display names, moderation and analytics, and preparing text for systems that choke on emoji. Pure local computation — no key, no third-party service, instant. Live, nothing stored. 3 endpoints. This cleans and extracts emoji from text; to look an emoji up by name or shortcode use an emoji database API, and to count graphemes use a text-segmentation API.

api.oanor.com/emojistrip-api

Make untrusted HTML safe to display. Send any HTML — a comment, a rich-text submission, a snippet from an email or a scraped page — and get back a clean, XSS-free version: <script> tags, inline event handlers (onclick, onerror), javascript: URLs, <iframe>, <style> and anything not on the allowlist are removed. Override the allowed tags and attributes to fit your needs, or drop links entirely. A strip endpoint returns plain text with all markup removed. Pure local sanitization — no key, no third-party service, instant. Live. 3 endpoints. Built for user-generated content, comment systems, rich-text editors, email rendering and any place untrusted HTML reaches a browser. Distinct from a Markdown renderer or an HTML data extractor.

api.oanor.com/htmlsanitize-api

A fast, fully-local HTML toolkit: extract structured data from supplied HTML (title, meta description, canonical link, language, Open Graph and Twitter card tags, links, images, headings and word counts), convert HTML to readable plain text, list all links resolved against a base URL, and sanitize HTML with a strict allowlist (scripts, iframes, inline event handlers, javascript: URLs and unknown tags are stripped). It works on the HTML you send and never fetches URLs (for live link previews see the oanor URL Tools API). Input via the query string or the request body, up to 2 MB. Pure server-side compute, no third-party upstream, so responses are instant and always available. Ideal for scrapers and data pipelines, comment and email sanitization, RAG and content extraction, and CMS tooling.

api.oanor.com/html-api

A fast, fully-local Markdown toolkit: render GitHub-flavored Markdown to HTML that is sanitized by default (scripts, style/iframe tags, inline event handlers and javascript: URLs are stripped), strip Markdown down to clean plain text, and extract a heading table of contents with levels, text and URL slugs. Every endpoint accepts input via the query string or the request body (up to 1 MB). Pure server-side compute, no third-party upstream, so responses are instant and always available. Ideal for CMS and documentation tools, comment systems, static-site pipelines and content rendering.

api.oanor.com/markdown-api