Google explains JavaScript execution on non-200 HTTP status codes

Google noted that if the HTTP status code is non-200 (for example, on error pages with 404 status code), rendering might be ...
GitHub

OWASP Java HTML Sanitizer

A fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS. The existing dependency is on ...