or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

index.md
tile.json

tessl/npm-remark-html

remark plugin to compile Markdown to HTML

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/remark-html@16.0.x

To install, run

npx @tessl/cli install tessl/npm-remark-html@16.0.0

index.mddocs/

remark-html

remark-html is a unified (remark) plugin that compiles Markdown to HTML. It provides a shortcut for converting markdown documents into sanitized HTML output, serving as an alternative to using the full remark-rehype-rehype-stringify pipeline.

Package Information

  • Package Name: remark-html
  • Package Type: npm
  • Language: JavaScript with TypeScript definitions
  • Installation: npm install remark-html

Core Imports

import remarkHtml from 'remark-html';

For CommonJS:

const remarkHtml = require('remark-html');

With TypeScript types:

import remarkHtml from 'remark-html';
import type { Options } from 'remark-html';

For advanced type usage:

import type { Schema } from 'hast-util-sanitize';
import type { Handlers } from 'mdast-util-to-hast';
import type { Root } from 'mdast';

Basic Usage

import remarkHtml from 'remark-html';
import remarkParse from 'remark-parse';
import { unified } from 'unified';

// Basic usage with default sanitization
const file = await unified()
  .use(remarkParse)
  .use(remarkHtml)
  .process('# Hello\n\n**World**');

console.log(String(file));
// Output: <h1>Hello</h1>\n<p><strong>World</strong></p>\n

Architecture

remark-html works within the unified ecosystem by:

  • Plugin Integration: Functions as a unified plugin that can be added to any remark processor
  • Markdown to HTML Pipeline: Converts mdast (markdown AST) directly to HTML without exposing intermediate hast (HTML AST)
  • Built-in Sanitization: Uses hast-util-sanitize by default to prevent XSS attacks
  • Compiler Pattern: Sets a compiler function on the unified processor to handle the final output transformation

Capabilities

HTML Compilation

Compiles markdown to HTML with built-in sanitization.

/**
 * Add support for serializing to HTML.
 * 
 * @param options - Configuration options (optional)
 * @returns Nothing (modifies processor)
 */
declare const remarkHtml: Plugin<
  [(Readonly<Options> | null | undefined)?],
  Root,
  string
>;

interface Options {
  /** How to turn mdast nodes into hast nodes */
  handlers?: Readonly<Handlers> | null | undefined;
  /** Sanitize the output, and how (default: true) */
  sanitize?: Readonly<Schema> | boolean | null | undefined;
  /** Control dangerous HTML elements */
  allowDangerousHtml?: boolean | null | undefined;
  /** Close self-closing elements */
  closeSelfClosing?: boolean | null | undefined;
  /** Omit optional closing tags */
  omitOptionalTags?: boolean | null | undefined;
  /** Character reference options */
  characterReferences?: {
    useShortestReferences?: boolean;
    omitOptionalSemicolons?: boolean;
  } | null | undefined;
  /** Additional options from hast-util-to-html */
  [key: string]: any;
}

Usage Examples:

// Default usage with sanitization
const processor = unified()
  .use(remarkParse)
  .use(remarkHtml);

// Disable sanitization (DANGEROUS - allows XSS)
const unsafeProcessor = unified()
  .use(remarkParse)
  .use(remarkHtml, { sanitize: false });

// Custom sanitization schema
const customProcessor = unified()
  .use(remarkParse)
  .use(remarkHtml, { 
    sanitize: { tagNames: ['p', 'strong', 'em', 'a'] }
  });

// Custom handlers for mdast to hast conversion
const handlerProcessor = unified()
  .use(remarkParse)
  .use(remarkHtml, {
    handlers: {
      paragraph(state, node) {
        // Custom paragraph handling
        return {
          type: 'element',
          tagName: 'div',
          properties: { className: ['custom-paragraph'] },
          children: state.all(node)
        };
      }
    }
  });

Configuration Options

Sanitization Control

Controls HTML sanitization to prevent XSS attacks.

/** Sanitization options */
sanitize?: Readonly<Schema> | boolean | null | undefined;
  • true (default): Uses safe default schema from hast-util-sanitize
  • false: DANGEROUS - Disables sanitization, allows arbitrary HTML
  • Schema: Custom sanitization schema object

Examples:

// Safe default (recommended)
.use(remarkHtml, { sanitize: true })

// Disable sanitization (dangerous)
.use(remarkHtml, { sanitize: false })

// Custom schema allowing only specific tags
.use(remarkHtml, { 
  sanitize: {
    tagNames: ['p', 'strong', 'em', 'a', 'ul', 'ol', 'li'],
    attributes: {
      a: ['href'],
      '*': ['className']
    }
  }
})

Custom Handlers

Customize how specific markdown nodes are converted to HTML.

/** Custom node handlers */
handlers?: Readonly<Handlers> | null | undefined;

Example:

.use(remarkHtml, {
  handlers: {
    // Custom link handler
    link(state, node) {
      return {
        type: 'element',
        tagName: 'a',
        properties: {
          href: node.url,
          target: '_blank',
          rel: 'noopener noreferrer'
        },
        children: state.all(node)
      };
    },
    
    // Custom code block handler
    code(state, node) {
      return {
        type: 'element',
        tagName: 'pre',
        properties: {
          className: node.lang ? [`language-${node.lang}`] : undefined
        },
        children: [{
          type: 'element',
          tagName: 'code',
          properties: {},
          children: [{ type: 'text', value: node.value }]
        }]
      };
    }
  }
})

HTML Output Options

Additional options from hast-util-to-html for controlling HTML output formatting. These are automatically available through the Options interface.

/** HTML output configuration options (subset of hast-util-to-html options) */
interface HtmlOutputOptions {
  /** Allow dangerous HTML in output */
  allowDangerousHtml?: boolean | null | undefined;
  /** Close self-closing tags */
  closeSelfClosing?: boolean | null | undefined;
  /** Omit optional closing tags */
  omitOptionalTags?: boolean | null | undefined;
  /** Character encoding options */
  characterReferences?: {
    useShortestReferences?: boolean;
    omitOptionalSemicolons?: boolean;
  } | null | undefined;
  /** Control quote usage in attributes */
  quoteSmart?: boolean | null | undefined;
  /** Collapse empty attributes */
  collapseEmptyAttributes?: boolean | null | undefined;
  /** Prefer unquoted attribute values */
  preferUnquoted?: boolean | null | undefined;
}

Examples:

// Control HTML output formatting
.use(remarkHtml, {
  closeSelfClosing: true,        // <br /> instead of <br>
  omitOptionalTags: false,       // Always include closing tags
  characterReferences: {
    useShortestReferences: true,  // Use shortest HTML entities
    omitOptionalSemicolons: false // Always include semicolons
  }
})

Types

/** Unified plugin type */
type Plugin<PluginParameters, Input, Output> = (
  ...parameters: PluginParameters
) => void;

/** Markdown AST root node */
interface Root {
  type: 'root';
  children: any[];
}

/** Node handlers for mdast to hast conversion */
interface Handlers {
  [nodeType: string]: (state: any, node: any) => any;
}

/** Sanitization schema from hast-util-sanitize */
interface Schema {
  tagNames?: string[];
  attributes?: Record<string, string[]>;
  protocols?: Record<string, string[]>;
  ancestors?: Record<string, string[]>;
  clobber?: string[];
  clobberPrefix?: string;
  strip?: string[];
  required?: Record<string, Record<string, any>>;
  allowComments?: boolean;
  allowDoctypes?: boolean;
}

Security Considerations

  • Default Safety: remark-html is safe by default with sanitize: true
  • XSS Prevention: Built-in sanitization prevents cross-site scripting attacks
  • Dangerous Mode: Setting sanitize: false is dangerous and should only be used with trusted input
  • Custom Schemas: When using custom sanitization schemas, ensure they don't allow dangerous tags or attributes
// SAFE (recommended)
.use(remarkHtml) // sanitize: true by default

// DANGEROUS - only use with trusted input
.use(remarkHtml, { sanitize: false })

// SAFE with custom restrictions
.use(remarkHtml, { 
  sanitize: { tagNames: ['p', 'strong', 'em'] }
})

Compatibility

  • Node.js: Version 16+
  • unified: Version 6+
  • remark: Version 15+
  • Module System: ESM only
  • TypeScript: Full type definitions included
  • Browsers: Compatible via ESM CDNs like esm.sh

Advanced Features

Data Fields for HTML Customization

mdast nodes can include data fields to customize HTML output:

interface NodeData {
  /** Override the HTML tag name */
  hName?: string;
  /** Set HTML attributes/properties */
  hProperties?: Record<string, any>;
  /** Replace node children with custom HTML */
  hChildren?: any[];
}

Examples:

// Override tag name
node.data = { hName: 'section' }; // <p> becomes <section>

// Add attributes
node.data = { 
  hProperties: { 
    className: ['highlight'], 
    id: 'special' 
  } 
};

// Replace content
node.data = { 
  hChildren: [
    { type: 'text', value: 'Custom content' }
  ] 
};

Error Handling

  • Unknown Nodes: Unknown mdast nodes are converted to <div> elements
  • File Extensions: Automatically sets output file extension to .html
  • Newline Handling: Adds trailing newline to non-empty output for consistency