chore: build v1.0.10
This commit is contained in:
老雷
24
dist/xss.js
vendored
24
dist/xss.js
vendored
@@ -235,10 +235,12 @@ var REGEXP_ATTR_VALUE_1 = /&#([a-zA-Z0-9]*);?/gim;
|
||||
var REGEXP_ATTR_VALUE_COLON = /:?/gim;
|
||||
var REGEXP_ATTR_VALUE_NEWLINE = /&newline;?/gim;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_3 = /\/\*|\*\//gm;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_4 = /((j\s*a\s*v\s*a|v\s*b|l\s*i\s*v\s*e)\s*s\s*c\s*r\s*i\s*p\s*t\s*|m\s*o\s*c\s*h\s*a)\:/gi;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_4 =
|
||||
/((j\s*a\s*v\s*a|v\s*b|l\s*i\s*v\s*e)\s*s\s*c\s*r\s*i\s*p\s*t\s*|m\s*o\s*c\s*h\s*a)\:/gi;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_5 = /^[\s"'`]*(d\s*a\s*t\s*a\s*)\:/gi;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_6 = /^[\s"'`]*(d\s*a\s*t\s*a\s*)\:\s*image\//gi;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_7 = /e\s*x\s*p\s*r\s*e\s*s\s*s\s*i\s*o\s*n\s*\(.*/gi;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_7 =
|
||||
/e\s*x\s*p\s*r\s*e\s*s\s*s\s*i\s*o\s*n\s*\(.*/gi;
|
||||
var REGEXP_DEFAULT_ON_TAG_ATTR_8 = /u\s*r\s*l\s*\(.*/gi;
|
||||
|
||||
/**
|
||||
@@ -397,9 +399,23 @@ function StripTagBody(tags, next) {
|
||||
* @return {String}
|
||||
*/
|
||||
function stripCommentTag(html) {
|
||||
return html.replace(STRIP_COMMENT_TAG_REGEXP, "");
|
||||
var retHtml = "";
|
||||
var lastPos = 0;
|
||||
while (lastPos < html.length) {
|
||||
var i = html.indexOf("<!--", lastPos);
|
||||
if (i === -1) {
|
||||
retHtml += html.slice(lastPos);
|
||||
break;
|
||||
}
|
||||
retHtml += html.slice(lastPos, i);
|
||||
var j = html.indexOf("-->", i);
|
||||
if (j === -1) {
|
||||
break;
|
||||
}
|
||||
lastPos = j + 3;
|
||||
}
|
||||
return retHtml;
|
||||
}
|
||||
var STRIP_COMMENT_TAG_REGEXP = /<!--[\s\S]*?-->/g;
|
||||
|
||||
/**
|
||||
* remove invisible characters
|
||||
|
||||
2
dist/xss.min.js
vendored
2
dist/xss.min.js
vendored
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user