支持AMD

README.md

@@ -9,10 +9,6 @@ Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whi
 
 --------------
 
-**NOTE: The format of custom configuration (except Whitelist) from version
-0.0.X was changed a lot since version 0.1.X. To use a newer version, it's
-suggested to read the following guidelines carefully.**
-
 **[中文版文档](https://github.com/leizongmin/js-xss/blob/master/README.zh.md)**
 
 `xss` is a module used to filter input from users to prevent XSS attacks.
@@ -61,17 +57,69 @@ For test code please refer to `benchmark` directory.
 Run `npm test` command in the source directary.
 
 
-## Active Test
+## Install
 
-Run the following command, them you can type HTML
-code in the command-line, and check the filtered output:
+### NPM
 
 ```bash
-$ xss -t
+$ npm install xss
 ```
 
+### Bower
+
+```bash
+$ bower install xss
+```
+
+Or
+
+```bash
+$ bower install https://github.com/leizongmin/js-xss.git
+```
+
+
+## Usages
+
+### On Node.js
+
+```JavaScript
+var xss = require('xss');
+var html = xss('<script>alert("xss");</script>');
+console.log(html);
+```
+
+### On Browser
+
+Shim mode (reference file `test/test.html`):
+
+```HTML
+<script src="https://raw.github.com/leizongmin/js-xss/master/dist/xss.js"></script>
+<script>
+// apply function filterXSS in the same way
+var html = filterXSS('<script>alert("xss");</scr' + 'ipt>');
+alert(html);
+</script>
+```
+
+AMD mode (reference file `test/test_amd.html`):
+
+```HTML
+<script>
+require.config({
+  baseUrl: './'
+})
+require(['xss'], function (xss) {
+  var html = xss('<script>alert("xss");</scr' + 'ipt>');
+  alert(html);
+});
+</script>
+```
+
+
 ## Command Line Tool
 
+### Process file
+
 You can use the xss command line tool to process a file. Usage:
 
 ```bash
@@ -84,45 +132,18 @@ Example:
 $ xss -i origin.html -o target.html
 ```
 
+### Active Test
+
+Run the following command, them you can type HTML
+code in the command-line, and check the filtered output:
+
+```bash
+$ xss -t
+```
+
 For more details, please run `$ xss -h` to see it.
 
 
-## Usages
-
-### In Node.js
-
-To install:
-
-```bash
-$ npm install xss
-```
-
-Simple usage:
-
-```JavaScript
-var xss = require('xss');
-var html = xss('<script>alert("xss");</script>');
-console.log(html);
-```
-
-### In browsers
-
-```HTML
-<script src="https://raw.github.com/leizongmin/js-xss/master/dist/xss.js"></script>
-<script>
-// apply function filterXSS in the same way
-var html = filterXSS('<script>alert("xss");</scr' + 'ipt>');
-alert(html);
-</script>
-```
-
-### Bower
-
-```bash
-$ bower install xss
-```
-
-
 ## Custom filter rules
 
 When using the `xss()` function, the second parameter could be used to specify

README.zh.md

@@ -9,10 +9,6 @@
 
 --------------
 
-**注意：0.1.x版本与0.0.x版本在自定义配置（除白名单配置外）格式上有较大改动，如果
-要使用新版本，请详细阅读下文的使用说明**
-
-
 `xss`是一个用于对用户输入的内容进行过滤，以避免遭受XSS攻击的模块
 （[什么是XSS攻击？](http://baike.baidu.com/view/2161269.htm)）。主要用于论坛、博客、网上商店等等一些可允许用户录入页面排版、
 格式控制相关的HTML的场景，`xss`模块通过白名单来控制允许的标签及相关的标签属性，
@@ -54,12 +50,24 @@
 在源码目录执行命令： `npm test`
 
 
-## 在线测试
+## 安装
 
-执行以下命令，可在命令行中输入HTML代码，并看到过滤后的代码：
+### NPM
 
 ```bash
-$ xss -t
+$ npm install xss
+```
+
+### Bower
+
+```bash
+$ bower install xss
+```
+
+或者
+
+```bash
+$ bower install https://github.com/leizongmin/js-xss.git
 ```
 
 
@@ -67,14 +75,6 @@ $ xss -t
 
 ### 在Node.js中使用
 
-安装：
-
-```bash
-$ npm install xss
-```
-
-简单使用方法：
-
 ```JavaScript
 var xss = require('xss');
 var html = xss('<script>alert("xss");</script>');
@@ -83,6 +83,8 @@ console.log(html);
 
 ### 在浏览器端使用
 
+Shim模式（参考文件 `test/test.html`）:
+
 ```HTML
 <script src="https://raw.github.com/leizongmin/js-xss/master/dist/xss.js"></script>
 <script>
@@ -92,15 +94,25 @@ alert(html);
 </script>
 ```
 
-### Bower
+AMD模式（参考文件 `test/test_amd.html`）:
 
-```bash
-$ bower install xss
+```HTML
+<script>
+require.config({
+  baseUrl: './'
+})
+require(['xss'], function (xss) {
+  var html = xss('<script>alert("xss");</scr' + 'ipt>');
+  alert(html);
+});
+</script>
 ```
 
 
 ### 使用命令行工具来对文件进行XSS处理
 
+### 处理文件
+
 可通过内置的 `xss` 命令来对输入的文件进行XSS处理。使用方法：
 
 ```bash
@@ -113,6 +125,14 @@ xss -i <源文件> -o <目标文件>
 $ xss -i origin.html -o target.html
 ```
 
+### 在线测试
+
+执行以下命令，可在命令行中输入HTML代码，并看到过滤后的代码：
+
+```bash
+$ xss -t
+```
+
 详细命令行参数说明，请输入 `$ xss -h` 来查看。
 
 

bower.json

@@ -1,6 +1,6 @@
 {
   "name": "xss",
-  "version": "0.1.13",
+  "version": "0.1.17",
   "homepage": "https://github.com/leizongmin/js-xss",
   "authors": [
     "Zongmin Lei <leizongmin@gmail.com>"
@@ -9,7 +9,8 @@
   "main": "dist/xss.js",
   "moduleType": [
     "globals",
-    "node"
+    "node",
+    "amd"
   ],
   "keywords": [
     "sanitization",

dist/test.html

@@ -5,11 +5,11 @@
   <meta charset="utf8">
 </head>
 <body>
-
+  <pre id="result"></pre>
 </body>
 </html>
 <script src="xss.js"></script>
 <script>
 var code = '<script>alert("xss");</' + 'script>';
-alert(code + '\n被转换成了\n' + filterXSS(code));
+document.querySelector('#result').innerText = code + '\n被转换成了\n' + filterXSS(code);
 </script>

dist/test_amd.html

@@ -0,0 +1,20 @@
+<!doctype html>
+<html>
+<head>
+  <title>测试</title>
+  <meta charset="utf8">
+</head>
+<body>
+  <pre id="result"></pre>
+</body>
+</html>
+<script type="text/javascript" src='http://cdn.staticfile.org/require.js/2.1.10/require.min.js'></script>
+<script>
+require.config({
+  baseUrl: './'
+})
+require(['xss'], function (xss) {
+  var code = '<script>alert("xss");</' + 'script>';
+  document.querySelector('#result').innerText = code + '\n被转换成了\n' + xss(code);
+});
+</script>

dist/xss.js

@@ -407,20 +407,20 @@ for (var i in DEFAULT) exports[i] = DEFAULT[i];
 for (var i in parser) exports[i] = parser[i];
 
 
-// 在浏览器端使用
-if (typeof window !== 'undefined') {
 // 低版本浏览器支持
 if (!Array.prototype.indexOf) {
   Array.prototype.indexOf = function (item) {
     for (var i = 0; i < this.length; i++) {
-        if(this[i] == item) return i;
+      if (this[i] === item) return i;
     }
     return -1;
   };
 }
 if (!Array.prototype.forEach) {
   Array.prototype.forEach = function (fn, scope) {
-      for (var i = 0; i < this.length; i++) fn.call(scope, this[i], i, this);
+    for (var i = 0; i < this.length; i++) {
+      fn.call(scope, this[i], i, this);
+    }
   };
 }
 if (!String.prototype.trim) {
@@ -428,7 +428,17 @@ if (typeof window !== 'undefined') {
     return this.replace(/(^\s*)|(\s*$)/g, '');
   };
 }
-  // 输出
+
+
+// 在AMD下使用
+if (typeof define === 'function' && define.amd) {
+  define(function () {
+    return module.exports;
+  });
+}
+
+// 在浏览器端使用
+if (typeof window !== 'undefined') {
   window.filterXSS = module.exports;
 }
 

lib/index.js

@@ -29,20 +29,20 @@ for (var i in DEFAULT) exports[i] = DEFAULT[i];
 for (var i in parser) exports[i] = parser[i];
 
 
-// 在浏览器端使用
-if (typeof window !== 'undefined') {
 // 低版本浏览器支持
 if (!Array.prototype.indexOf) {
   Array.prototype.indexOf = function (item) {
     for (var i = 0; i < this.length; i++) {
-        if(this[i] == item) return i;
+      if (this[i] === item) return i;
     }
     return -1;
   };
 }
 if (!Array.prototype.forEach) {
   Array.prototype.forEach = function (fn, scope) {
-      for (var i = 0; i < this.length; i++) fn.call(scope, this[i], i, this);
+    for (var i = 0; i < this.length; i++) {
+      fn.call(scope, this[i], i, this);
+    }
   };
 }
 if (!String.prototype.trim) {
@@ -50,6 +50,16 @@ if (typeof window !== 'undefined') {
     return this.replace(/(^\s*)|(\s*$)/g, '');
   };
 }
-  // 输出
+
+
+// 在AMD下使用
+if (typeof define === 'function' && define.amd) {
+  define(function () {
+    return module.exports;
+  });
+}
+
+// 在浏览器端使用
+if (typeof window !== 'undefined') {
   window.filterXSS = module.exports;
 }

package.json

@@ -1,7 +1,7 @@
 {
   "name": "xss",
   "main": "./lib/index.js",
-  "version": "0.1.16",
+  "version": "0.1.17",
   "description": "Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist. 根据白名单过滤HTML(防止XSS攻击)",
   "author": "leizongmin <leizongmin@gmail.com> (http://ucdok.com)",
   "contributors": [