/** Einfache HTML-Hilfen für Rich-Text (Trainer-Content, kein öffentliches CMS). */

export function stripHtmlToText(html) {
  if (!html || typeof html !== 'string') return ''
  const d = document.createElement('div')
  d.innerHTML = html
  return (d.textContent || '').replace(/\s+/g, ' ').trim()
}

/** Entfernt script/iframes und Event-Handler-Attribute grob. */
export function sanitizeTrainerHtml(html) {
  if (!html || typeof html !== 'string') return ''
  const d = document.createElement('div')
  d.innerHTML = html
  d.querySelectorAll('script, iframe, object, embed').forEach((n) => n.remove())
  d.querySelectorAll('*').forEach((el) => {
    for (const attr of [...el.attributes]) {
      const n = attr.name.toLowerCase()
      if (n.startsWith('on') || n === 'srcdoc') el.removeAttribute(attr.name)
    }
  })
  return d.innerHTML
}