All projects · Go

Microcosm cc Bluemonday by microcosm-cc

Go BSD-3-Clause SECURITY.md

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

sanitizationhtmlsecurityxssgoowaspallowlistgolang
Verdict 71/100 health $4.13/mo cheapest, hetzner 2/5 setup difficulty Last release 2.6 years ago

Self-host Microcosm cc Bluemonday on hetzner CAX11 for $4.13/mo.

Deploy Microcosm cc Bluemonday on hetzner → View on GitHub
Health score
71 /100
6-dim composite
Self-hosts from
$4.13 /mo
hetzner · CAX11
Difficulty
2 /5
Docker + read README
GitHub stars
3.7k
193 forks

About Microcosm cc Bluemonday

From the project's README at github.com/microcosm-cc/bluemonday. Lightly cleaned for readability; for the full source see the upstream repo.

bluemonday is a HTML sanitizer implemented in Go. It is fast and highly configurable.

bluemonday takes untrusted user generated content as an input, and will return HTML that has been sanitised against an allowlist of approved HTML elements and attributes so that you can safely include the content in your web page.

If you accept user generated content, and your server uses Go, you need bluemonday.

The default policy for user generated content () turns this:

Health score breakdown

6-dimension composite. See methodology for formula and weights.

activity
80
maturity
100
community
81
security
85
sustainability
53
adoption
30

Adoption signals

Real-world usage data, pulled from each registry. The bigger the numbers, the more battle-tested the project.

SignalValueSource
GitHub stars 3.7k github.com/microcosm-cc/bluemonday
GitHub forks 193 github.com/microcosm-cc/bluemonday

Release & maintenance

Is this project actively maintained, or about to die? Check the recency of last commit and last release.

Project age12.5 yearssince Nov 2013
Last commit1.1 years agoApr 4, 2025
Releases shipped26last: 2.6 years ago
Security policySECURITY.mddeclared by maintainers

Self-hosting cost across providers

Detected requirements: 4GB RAM, 40GB disk minimum. Cheapest plan per provider that meets the requirement.

ProviderPlanSpecsMonthly
hetzner CAX11 2c · 4GB · 40GB $4.13 USD Deploy →
vultr VC2 1c · 1GB · 25GB $5 USD Deploy →
linode Nanode 1GB 1c · 1GB · 25GB $5.12 USD Deploy →
digitalocean Basic Regular 1GB 1c · 1GB · 25GB $6 USD Deploy →

Security advisories

2 known advisories tracked via OSV.dev. Most recent: CVE-2021-42576.

Ready to self-host Microcosm cc Bluemonday?

Spin up a hetzner CAX11 (4GB RAM, 40GB disk) for $4.13/mo and follow the project's official install docs.

Deploy on hetzner → $4.13/mo Read install docs on GitHub

Data last refreshed May 7, 2026.

Similar open-source projects

Projects in our directory that replace the same SaaS or share topics with Microcosm cc Bluemonday.

fiber
⚡️ Express inspired web framework written in Go
★ 39,684 $4.13/mo
gitea
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review,
★ 55,356 $4.13/mo
traefik
The Cloud Native Application Proxy
★ 62,977 $4.13/mo
traefik
The Cloud Native Application Proxy
★ 62,977 $4.13/mo
golangci-lint
Fast linters runner for Go
★ 18,885 $4.13/mo
caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
★ 72,090 $4.13/mo

Frequently asked questions

Last verified . Data refreshes every 30 minutes.