v0.1.16
This commit is contained in:
Zongmin Lei
7
dist/xss.js
vendored
7
dist/xss.js
vendored
@@ -208,7 +208,7 @@ var REGEXP_DEFAULT_ON_TAG_ATTR_8 = /u\s*r\s*l\s*\(.*/ig;
|
||||
* @return {String} str
|
||||
*/
|
||||
function escapeQuote (str) {
|
||||
return str.replace(REGEXP_QUOTE, '"e;');
|
||||
return str.replace(REGEXP_QUOTE, '"');
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -696,6 +696,11 @@ function FilterXSS (options) {
|
||||
* @return {String}
|
||||
*/
|
||||
FilterXSS.prototype.process = function (html) {
|
||||
// 兼容各种奇葩输入
|
||||
html = html || '';
|
||||
html = html.toString();
|
||||
if (!html) return '';
|
||||
|
||||
var me = this;
|
||||
var options = me.options;
|
||||
var whiteList = options.whiteList;
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "xss",
|
||||
"main": "./lib/index.js",
|
||||
"version": "0.1.15",
|
||||
"version": "0.1.16",
|
||||
"description": "Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist. 根据白名单过滤HTML(防止XSS攻击)",
|
||||
"author": "leizongmin <leizongmin@gmail.com> (http://ucdok.com)",
|
||||
"contributors": [
|
||||
|
||||
Reference in New Issue
Block a user