diff --git a/files/en-us/_redirects.txt b/files/en-us/_redirects.txt
index c577d7d08c0760e..512e44ab14ef9c4 100644
--- a/files/en-us/_redirects.txt
+++ b/files/en-us/_redirects.txt
@@ -3971,7 +3971,6 @@
 /en-US/docs/HTMLSpanElement	/en-US/docs/Web/API/HTMLSpanElement
 /en-US/docs/HTMLSpanElement_interface	/en-US/docs/Web/API/HTMLSpanElement
 /en-US/docs/HTML_Intro2	/en-US/docs/Learn/HTML/Introduction_to_HTML
-/en-US/docs/HTML_Santizer_API	/en-US/docs/Web/API/HTML_Sanitizer_API
 /en-US/docs/HTML_in_XMLHttpRequest	/en-US/docs/Web/API/XMLHttpRequest_API/HTML_in_XMLHttpRequest
 /en-US/docs/HTML_intro	/en-US/docs/Learn/HTML/Introduction_to_HTML
 /en-US/docs/HTTP	/en-US/docs/Web/HTTP
@@ -8620,7 +8619,6 @@
 /en-US/docs/Web/API/HTMLVideoElement/onleavepictureinpicture	/en-US/docs/Web/API/HTMLVideoElement/leavepictureinpicture_event
 /en-US/docs/Web/API/HTMLVideoElement/requestPictureInPicture()	/en-US/docs/Web/API/HTMLVideoElement/requestPictureInPicture
 /en-US/docs/Web/API/HTML_DOM	/en-US/docs/Web/API/HTML_DOM_API
-/en-US/docs/Web/API/HTML_Santizer_API	/en-US/docs/Web/API/HTML_Sanitizer_API
 /en-US/docs/Web/API/HashChangeEvent/HashChangeEvent.oldURL	/en-US/docs/Web/API/HashChangeEvent/oldURL
 /en-US/docs/Web/API/Headers/getAll	/en-US/docs/Web/API/Headers/get
 /en-US/docs/Web/API/History.length	/en-US/docs/Web/API/History/length
@@ -9641,7 +9639,6 @@
 /en-US/docs/Web/API/SVGPathElement/pathLength	/en-US/docs/Web/API/SVGGeometryElement/pathLength
 /en-US/docs/Web/API/SVGStylable	/en-US/docs/Web/API/SVGElement
 /en-US/docs/Web/API/SVGURIReference	/en-US/docs/Web/SVG/Attribute/href
-/en-US/docs/Web/API/Sanitizer/sanitizeFor	/en-US/docs/Web/API/Sanitizer
 /en-US/docs/Web/API/Screen.availHeight	/en-US/docs/Web/API/Screen/availHeight
 /en-US/docs/Web/API/Screen.availLeft	/en-US/docs/Web/API/ScreenDetailed/availLeft
 /en-US/docs/Web/API/Screen.availTop	/en-US/docs/Web/API/ScreenDetailed/availTop
diff --git a/files/en-us/_wikihistory.json b/files/en-us/_wikihistory.json
index e3102006de1b5ee..748312daf67bbb4 100644
--- a/files/en-us/_wikihistory.json
+++ b/files/en-us/_wikihistory.json
@@ -41897,10 +41897,6 @@
       "Enn"
     ]
   },
-  "Web/API/HTML_Sanitizer_API": {
-    "modified": "2020-12-13T12:18:13.088Z",
-    "contributors": ["Rumyra"]
-  },
   "Web/API/HashChangeEvent": {
     "modified": "2020-10-15T21:29:11.207Z",
     "contributors": [
@@ -57509,18 +57505,6 @@
       "Jeremie"
     ]
   },
-  "Web/API/Sanitizer": {
-    "modified": "2020-12-13T12:17:05.573Z",
-    "contributors": ["Rumyra"]
-  },
-  "Web/API/Sanitizer/Sanitizer": {
-    "modified": "2020-12-13T12:21:15.482Z",
-    "contributors": ["Rumyra"]
-  },
-  "Web/API/Sanitizer/sanitize": {
-    "modified": "2020-12-13T12:25:31.511Z",
-    "contributors": ["Rumyra"]
-  },
   "Web/API/Screen": {
     "modified": "2020-10-15T21:29:41.001Z",
     "contributors": [
diff --git a/files/en-us/web/api/element/index.md b/files/en-us/web/api/element/index.md
index b13c33a8bf9779a..3244101dd42e9bd 100644
--- a/files/en-us/web/api/element/index.md
+++ b/files/en-us/web/api/element/index.md
@@ -279,8 +279,6 @@ _`Element` inherits methods from its parents {{DOMxRef("Node")}}, and its own pa
   - : Sets the value of the attribute with the specified name and namespace, from the current node.
 - {{DOMxRef("Element.setCapture()")}} {{Non-standard_Inline}} {{Deprecated_Inline}}
   - : Sets up mouse event capture, redirecting all mouse events to this element.
-- {{DOMxRef("Element.setHTML()")}} {{Experimental_Inline}} {{SecureContext_Inline}}
-  - : Parses and [sanitizes](/en-US/docs/Web/API/HTML_Sanitizer_API) a string of HTML and inserts into the DOM as a subtree of the element.
 - {{DOMxRef("Element.setPointerCapture()")}}
   - : Designates a specific element as the capture target of future [pointer events](/en-US/docs/Web/API/Pointer_events).
 - {{DOMxRef("Element.toggleAttribute()")}}
diff --git a/files/en-us/web/api/element/innerhtml/index.md b/files/en-us/web/api/element/innerhtml/index.md
index d33199b23373a7b..8a259eaa8c490e6 100644
--- a/files/en-us/web/api/element/innerhtml/index.md
+++ b/files/en-us/web/api/element/innerhtml/index.md
@@ -53,7 +53,6 @@ This lets you look at the HTML markup of the element's content nodes.
 Setting the value of `innerHTML` lets you easily replace the existing contents of an element with new content.
 
 > **Note:** This is a [security risk](#security_considerations) if the string to be inserted might contain potentially malicious content.
-> When inserting user-supplied data you should always consider using {{domxref("Element.setHTML()")}} instead, in order to sanitize the content before it is inserted.
 
 For example, you can erase the entire contents of a document by clearing the contents of the document's {{domxref("Document.body", "body")}} attribute:
 
@@ -142,7 +141,6 @@ el.innerHTML = name; // shows the alert
 
 For that reason, it is recommended that instead of `innerHTML` you use:
 
-- {{domxref("Element.setHTML()")}} to sanitize the text before it is inserted into the DOM.
 - {{domxref("Node.textContent")}} when inserting plain text, as this inserts it as raw text rather than parsing it as HTML.
 
 > **Warning:** If your project is one that will undergo any form of security review, using `innerHTML` most likely will result in your code being rejected.
@@ -248,6 +246,5 @@ You can see output into the log by moving the mouse in and out of the box, click
 - {{domxref("Node.textContent")}} and {{domxref("HTMLElement.innerText")}}
 - {{domxref("Element.insertAdjacentHTML()")}}
 - {{domxref("Element.outerHTML")}}
-- {{domxref("Element.setHTML")}}
 - Parsing HTML or XML into a DOM tree: {{domxref("DOMParser")}}
 - Serializing a DOM tree into an XML string: {{domxref("XMLSerializer")}}
diff --git a/files/en-us/web/api/element/sethtml/index.md b/files/en-us/web/api/element/sethtml/index.md
deleted file mode 100644
index fa4e1ed28fd4022..000000000000000
--- a/files/en-us/web/api/element/sethtml/index.md
+++ /dev/null
@@ -1,71 +0,0 @@
----
-title: "Element: setHTML() method"
-short-title: setHTML()
-slug: Web/API/Element/setHTML
-page-type: web-api-instance-method
-status:
-  - experimental
-browser-compat: api.Element.setHTML
----
-
-{{APIRef("HTML Sanitizer API")}}{{SeeCompatTable}}{{SecureContext_Header}}
-
-The **`setHTML()`** method of the {{domxref("Element")}} interface is used to parse and sanitize a string of HTML and then insert it into the DOM as a subtree of the element.
-It should be used instead of {{domxref("Element.innerHTML")}} for inserting untrusted strings of HTML into an element.
-
-The parsing process drops any elements in the HTML string that are invalid in the context of the current element, while sanitizing removes any unsafe or otherwise unwanted elements, attributes or comments.
-The default `Sanitizer()` configuration strips out XSS-relevant input by default, including {{HTMLElement("script")}} tags, custom elements, and comments.
-The sanitizer configuration may be customized using {{domxref("Sanitizer.Sanitizer","Sanitizer()")}} constructor options.
-
-## Syntax
-
-```js-nolint
-setHTML(input, options)
-```
-
-### Parameters
-
-- `input`
-  - : A string defining HTML to be sanitized.
-- `options` {{optional_inline}}
-
-  - : An options object with the following optional parameters:
-
-    - `sanitizer`
-      - : A {{domxref("Sanitizer")}} object which defines what elements of the input will be sanitized.
-        If not specified, the default {{domxref("Sanitizer")}} object is used.
-
-### Return value
-
-None (`undefined`).
-
-### Exceptions
-
-None.
-
-## Examples
-
-The code below demonstrates how to sanitize a string of HTML and insert it into the `Element` with an id of `target`.
-
-```js
-const unsanitized_string = "abc <script>alert(1)<" + "/script> def"; // Unsanitized string of HTML
-const sanitizer1 = new Sanitizer(); // Default sanitizer;
-
-// Get the Element with id "target" and set it with the sanitized string.
-document
-  .getElementById("target")
-  .setHTML(unsanitized_string, { sanitizer: sanitizer1 });
-
-// Result (as a string): "abc  def"
-```
-
-> **Note:** This example uses the default sanitizer.
-> The {{domxref("Sanitizer/Sanitizer","Sanitizer")}} constructor is used to configure sanitizer options.
-
-## Specifications
-
-{{Specifications}}
-
-## Browser compatibility
-
-{{Compat}}
diff --git a/files/en-us/web/api/html_sanitizer_api/index.md b/files/en-us/web/api/html_sanitizer_api/index.md
deleted file mode 100644
index 631279669b46319..000000000000000
--- a/files/en-us/web/api/html_sanitizer_api/index.md
+++ /dev/null
@@ -1,110 +0,0 @@
----
-title: HTML Sanitizer API
-slug: Web/API/HTML_Sanitizer_API
-page-type: web-api-overview
-status:
-  - experimental
-browser-compat: api.Sanitizer
----
-
-{{DefaultAPISidebar("HTML Sanitizer API")}}{{SeeCompatTable}}
-
-{{securecontext_header}}
-
-> **Warning:** This documentation reflects stale browser implementations.
-> The specification has changed significantly since the docs were written, and they will need to be updated once browser implementations catch up.
-
-The **HTML Sanitizer API** allow developers to take untrusted strings of HTML and {{domxref('Document')}} or {{domxref('DocumentFragment')}} objects, and sanitize them for safe insertion into a document's DOM.
-
-## Concepts and usage
-
-Web applications often need to work with untrusted HTML on the client side, for example, as part of a client-side templating solution or for rendering user generated content, or when including data in a frame from another site.
-The Sanitizer API allows for rendering of this potentially untrusted HTML in a safe manner.
-
-To access the API you would use the {{domxref('Sanitizer.Sanitizer()','Sanitizer()')}} constructor to create and configure a {{domxref('Sanitizer')}} instance.
-The configuration options parameter allows you to specify the allowed and dis-allowed elements and attributes, and to enable custom elements and comments.
-
-The most common use-case - preventing XSS - is handled by the default configuration.
-Creating a {{domxref("Sanitizer.Sanitizer", "Sanitizer()")}} with a custom configuration is necessary only to handle additional, application-specific use cases.
-
-The API has two main methods for sanitizing data:
-
-1. {{domxref('Element.setHTML()')}} parses and sanitizes a string of HTML and immediately inserts it into the DOM as a child of the current element.
-   This is essentially a "safe" version of {{domxref('Element.innerHTML')}}, and should be used instead of `innerHTML` when inserting untrusted data.
-2. {{domxref('Sanitizer.sanitize()')}} sanitizes data that is in a {{domxref('Document')}} or {{domxref('DocumentFragment')}}. It might be used, for example, to sanitize a {{domxref('Document')}} instance in a frame.
-
-### Parsing and sanitizing strings
-
-The result of parsing a string of HTML depends on the context/the element into which it is inserted.
-
-For example, an HTML string containing {{HTMLElement("td")}} elements is valid if inserted under a {{HTMLElement("table")}} elements, but will be dropped if inserted in a {{HTMLElement("div")}} element.
-Similarly, an {{HTMLElement("em")}} element is a valid node in a {{HTMLElement("div")}} but the tag will be escaped if used in a {{HTMLElement("textarea")}}:
-
-```html
-<!-- "<em>bla</em>" inserted into <div> -->
-<div><em>bla</em></div>
-
-<!-- "<em>bla</em>" inserted into <textarea> -->
-<textarea>&lt;em&gt;bla</textarea>
-```
-
-The target element must therefore be known when the parser is run and the resulting subtree must be inserted into that same type of element in the DOM, or the result will be incorrect.
-This consideration does not matter for {{domxref('Element.setHTML()')}} as it is called on a particular element and the context is therefore implicit.
-
-The parser may also perform normalization operations on the input string.
-As a result, even if the HTML is valid and the sanitizer method does nothing, the sanitized output may not precisely match the unsanitized input.
-This applies to both methods.
-
-## Interfaces
-
-- {{domxref('Sanitizer')}} {{Experimental_Inline}}
-  - : Provides the functionality to define a sanitizer configuration, to sanitize untrusted strings of HTML for later insertion into the DOM, and to sanitize {{domxref('Document')}} and {{domxref('DocumentFragment')}} objects.
-- {{domxref('Element/setHTML','Element.setHTML()')}}
-  - : Parses a string of HTML into a subtree of nodes, sanitizes it using a `Sanitizer` object, then sets it as a child of the current element.
-
-## Examples
-
-The following examples show how to use the sanitizer API using the _default_ sanitizer (at time of writing configuration operations are not yet supported).
-
-### Sanitize a string immediately
-
-The code below demonstrates how {{domxref('Element/setHTML','Element.setHTML()')}} is used to sanitize a string of HTML and insert it into the `Element` with an id of `target`.
-
-The `script` element is disallowed by the default sanitizer so the alert is removed.
-
-```js
-const unsanitized_string = "abc <script>alert(1)<" + "/script> def"; // Unsanitized string of HTML
-
-const sanitizer = new Sanitizer(); // Default sanitizer;
-
-// Get the Element with id "target" and set it with the sanitized string.
-const target = document.getElementById("target");
-target.setHTML(unsanitized_string, { sanitizer });
-
-console.log(target.innerHTML);
-// "abc  def"
-```
-
-### Sanitize a frame
-
-To sanitize data from an {{HTMLElement("iframe")}} with id `userFrame`:
-
-```js
-const sanitizer = new Sanitizer(); // Default sanitizer;
-
-// Get the frame and its Document object
-const frame_element = document.getElementById("userFrame");
-const unsanitized_frame_tree = frame_element.contentWindow.document;
-
-// Sanitize the document tree and update the frame.
-const sanitized_frame_tree = sanitizer.sanitize(unsanitized_frame_tree);
-frame_element.replaceChildren(sanitized_frame_tree);
-```
-
-## Specifications
-
-{{Specifications}}
-
-## Browser compatibility
-
-{{Compat}}
diff --git a/files/en-us/web/api/sanitizer/index.md b/files/en-us/web/api/sanitizer/index.md
deleted file mode 100644
index b9f4b0e6e93015a..000000000000000
--- a/files/en-us/web/api/sanitizer/index.md
+++ /dev/null
@@ -1,41 +0,0 @@
----
-title: Sanitizer
-slug: Web/API/Sanitizer
-page-type: web-api-interface
-status:
-  - experimental
-browser-compat: api.Sanitizer
----
-
-{{APIRef("Sanitizer")}}{{SeeCompatTable}}{{SecureContext_Header}}
-
-The **`Sanitizer`** interface of the {{domxref('HTML Sanitizer API')}} is used to sanitize untrusted strings of HTML, {{domxref("Document")}} and {{domxref("DocumentFragment")}} objects.
-After sanitization, unwanted elements or attributes are removed, and the returned objects can safely be inserted into a document's DOM.
-
-A **`Sanitizer`** object is also used by the {{domxref('Element.setHTML()')}} method to parse and sanitize a string of HTML, and immediately insert it into an element.
-
-The default configuration strips out XSS-relevant input by default, including {{HTMLElement("script")}} tags, custom elements, and comments.
-This configuration may be customized using constructor options.
-
-## Constructors
-
-- {{domxref("Sanitizer.Sanitizer", "Sanitizer()")}} {{Experimental_Inline}}
-  - : Creates and returns a `Sanitizer` object, optionally with custom sanitization behavior.
-
-## Instance methods
-
-- {{domxref('Sanitizer.sanitize()')}} {{Experimental_Inline}}
-
-  - : Returns a sanitized {{domxref('DocumentFragment')}} from an input {{domxref('Document')}} or {{domxref('DocumentFragment')}}
-
-## Examples
-
-For examples see the {{domxref('HTML Sanitizer API')}} and the individual methods.
-
-## Specifications
-
-{{Specifications}}
-
-## Browser compatibility
-
-{{Compat}}
diff --git a/files/en-us/web/api/sanitizer/sanitize/index.md b/files/en-us/web/api/sanitizer/sanitize/index.md
deleted file mode 100644
index 49fa9510b91c308..000000000000000
--- a/files/en-us/web/api/sanitizer/sanitize/index.md
+++ /dev/null
@@ -1,70 +0,0 @@
----
-title: "Sanitizer: sanitize() method"
-short-title: sanitize()
-slug: Web/API/Sanitizer/sanitize
-page-type: web-api-instance-method
-status:
-  - experimental
-browser-compat: api.Sanitizer.sanitize
----
-
-{{APIRef("HTML Sanitizer API")}}{{SeeCompatTable}}{{SecureContext_Header}}
-
-The **`sanitize()`** method of the {{domxref("Sanitizer")}} interface is used to sanitize a tree of DOM nodes, removing any unwanted elements or attributes.
-
-It should be used when the data to be sanitized is already available as DOM nodes.
-For example when sanitizing a `Document` instance in a frame.
-
-The default `Sanitizer()` configuration strips out XSS-relevant input by default, including {{HTMLElement("script")}} tags, custom elements, and comments.
-The sanitizer configuration may be customized using {{domxref("Sanitizer.Sanitizer","Sanitizer()")}} constructor options.
-
-> **Note:** To sanitize strings, instead use {{domxref("Element.setHTML()")}}.
-> See {{domxref('HTML Sanitizer API')}} for more information.
-
-## Syntax
-
-```js-nolint
-sanitize(input)
-```
-
-### Parameters
-
-- `input`
-  - : A {{domxref('DocumentFragment')}} or {{domxref('Document')}} to be sanitized.
-
-### Return value
-
-A sanitized {{domxref('DocumentFragment')}}.
-
-### Exceptions
-
-None.
-
-## Examples
-
-To sanitize data from an iframe with id `userFrame`:
-
-```js
-const sanitizer = new Sanitizer(); // Default sanitizer;
-
-// Get the frame and its Document object
-const frame_element = document.getElementById("userFrame");
-const unsanitized_frame_tree = frame_element.contentWindow.document;
-
-// Sanitize the document tree and update the frame.
-const sanitized_frame_tree = sanitizer.sanitize(unsanitized_frame_tree);
-frame_element.replaceChildren(sanitized_frame_tree);
-```
-
-## Specifications
-
-{{Specifications}}
-
-## Browser compatibility
-
-{{Compat}}
-
-## See also
-
-- {{domxref('HTML Sanitizer API')}}
-- {{domxref("Element.setHTML()")}}
diff --git a/files/en-us/web/api/sanitizer/sanitizer/index.md b/files/en-us/web/api/sanitizer/sanitizer/index.md
deleted file mode 100644
index 73c721db44669dd..000000000000000
--- a/files/en-us/web/api/sanitizer/sanitizer/index.md
+++ /dev/null
@@ -1,86 +0,0 @@
----
-title: "Sanitizer: Sanitizer() constructor"
-short-title: Sanitizer()
-slug: Web/API/Sanitizer/Sanitizer
-page-type: web-api-constructor
-status:
-  - experimental
-browser-compat: api.Sanitizer.Sanitizer
----
-
-{{APIRef("HTML Sanitizer API")}}{{SeeCompatTable}}{{SecureContext_Header}}
-
-The **`Sanitizer()`** constructor creates a new {{domxref("Sanitizer")}} object, which can be used to sanitize untrusted strings of HTML, or untrusted {{domxref("Document")}} or {{domxref("DocumentFragment")}} objects, making them safe for insertion into a document's DOM.
-
-The default `Sanitizer()` configuration causes sanitizer operations to strip out XSS-relevant input by default, including {{HTMLElement("script")}} tags, custom elements, and comments.
-The constructor `config` option can be used to customize the sanitizer behavior.
-
-## Syntax
-
-```js-nolint
-new Sanitizer()
-new Sanitizer(config)
-```
-
-### Parameters
-
-- `config` {{optional_inline}}
-
-  - : A sanitizer configuration object with the following options (referred to as `SanitizerConfig` in the specification):
-
-    - `allowElements` {{optional_inline}}
-      - : An {{jsxref('Array')}} of {{jsxref('String','strings')}} indicating elements that the sanitizer should not remove.
-        All elements not in the array will be dropped.
-    - `blockElements` {{optional_inline}}
-      - : An {{jsxref('Array')}} of {{jsxref('String','strings')}} indicating elements that the sanitizer should remove, but keeping their child elements.
-    - `dropElements` {{optional_inline}}
-      - : An {{jsxref('Array')}} of {{jsxref('String','strings')}} indicating elements (including nested elements) that the sanitizer should remove.
-    - `allowAttributes` {{optional_inline}}
-      - : An {{jsxref("Object")}} where each key is the attribute name and the value is an {{jsxref("Array")}} of allowed tag names.
-        Matching attributes will not be removed.
-        All attributes that are not in the array will be dropped.
-    - `dropAttributes` {{optional_inline}}
-      - : An {{jsxref('Object')}} where each key is the attribute name and the value is an {{jsxref("Array")}} of dropped tag names.
-        Matching attributes will be removed.
-    - `allowCustomElements` {{optional_inline}}
-      - : A {{jsxref('Boolean')}} value set to `false` (default) to remove custom elements and their children.
-        If set to `true`, custom elements will be subject to built-in and custom configuration checks (and will be retained or dropped based on those checks).
-    - `allowComments` {{optional_inline}}
-      - : A {{jsxref('Boolean')}} value set to `false` (default) to remove HTML comments.
-        Set to `true` in order to keep comments.
-
-> **Note:** `allowElements` creates a sanitizer that will drop any elements that are not in `allowElements`, while `blockElements` and `dropElements` create a sanitizer that will allow all elements except those in these properties.
->
-> `blockElements` and `dropElements` are processed before `allowElements`.
-> If you specify both properties, the elements in `blockElements` or `dropElements` will be discarded first, followed by any elements not in `allowElements`.
-> So while it is possible to specify both types of properties at the same time, the intent can always be more clearly captured using just one type.
->
-> The same applies to `allowAttributes` and `dropAttributes`.
-
-## Examples
-
-The examples below show a sanitization operation using the {{domxref("Sanitizer.sanitize()")}} method.
-
-### Using the default sanitizer
-
-This example shows how to sanitize data from an iframe with id `userFrame`, using the {{domxref("Sanitizer.sanitize()")}} method:
-
-```js
-const sanitizer = new Sanitizer(); // Default sanitizer;
-
-// Get the frame and its Document object
-const frame_element = document.getElementById("userFrame");
-const unsanitized_frame_tree = frame_element.contentWindow.document;
-
-// Sanitize the document tree and update the frame.
-const sanitized_frame_tree = sanitizer.sanitize(unsanitized_frame_tree);
-frame_element.replaceChildren(sanitized_frame_tree);
-```
-
-## Specifications
-
-{{Specifications}}
-
-## Browser compatibility
-
-{{Compat}}
diff --git a/files/en-us/web/javascript/reference/regular_expressions/quantifier/index.md b/files/en-us/web/javascript/reference/regular_expressions/quantifier/index.md
index a8a2f51e1cecde9..83ab80b7f260234 100644
--- a/files/en-us/web/javascript/reference/regular_expressions/quantifier/index.md
+++ b/files/en-us/web/javascript/reference/regular_expressions/quantifier/index.md
@@ -143,7 +143,7 @@ function stripTags(str) {
 stripTags("<p><em>lorem</em> <strong>ipsum</strong></p>"); // 'lorem ipsum'
 ```
 
-> **Warning:** This is for demonstration only — it doesn't handle `>` in attribute values. Use a proper HTML sanitizer like the [HTML sanitizer API](/en-US/docs/Web/API/HTML_Sanitizer_API) instead.
+> **Warning:** This is for demonstration only — it doesn't handle `>` in attribute values. Use a proper HTML sanitizer instead.
 
 ### Locating Markdown paragraphs