leizongmin/js-xss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修正README错别字

Browse Source
This commit is contained in:
Zongmin Lei
2014-03-07 10:27:35 +08:00
parent 60c5903a33
commit 8b6fb51b95
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -138,7 +138,7 @@ Details of parameters in `options` would be described below.
### Whitelist
By specefing a `whiteList`, e.g. `{ 'tagName': [ 'attr-1', 'attr-2' ] }`. Tags
By specifying a `whiteList`, e.g. `{ 'tagName': [ 'attr-1', 'attr-2' ] }`. Tags
and attributes not in the whitelist would be filter out. For example:
```JavaScript
@@ -158,7 +158,7 @@ For the default whitelist, please refer `xss.whiteList`.
### Customize the handler function for matched tags
By specefing the handler function with `onTag`:
By specifying the handler function with `onTag`:
```JavaScript
function onTag (tag, html, options) {
@@ -178,7 +178,7 @@ function onTag (tag, html, options) {
### Customize the handler function for attributes of matched tags
By specefing the handler function with `onTagAttr`:
By specifying the handler function with `onTagAttr`:
```JavaScript
function onTagAttr (tag, name, value, isWhiteAttr) {
@@ -194,7 +194,7 @@ function onTagAttr (tag, name, value, isWhiteAttr) {
### Customize the handler function for tags not in the whitelist
By specefing the handler function with `onIgnoreTag`:
By specifying the handler function with `onIgnoreTag`:
```JavaScript
function onIgnoreTag (tag, html, options) {
@@ -207,7 +207,7 @@ function onIgnoreTag (tag, html, options) {
### Customize the handler function for attributes not in the whitelist
By specefing the handler function with `onIgnoreTagAttr`:
By specifying the handler function with `onIgnoreTagAttr`:
```JavaScript
function onIgnoreTagAttr (tag, name, value, isWhiteAttr) {
@@ -219,7 +219,7 @@ function onIgnoreTagAttr (tag, name, value, isWhiteAttr) {
### Customize escaping function for HTML
By specefing the handler function with `escapeHtml`. Following is the default
By specifying the handler function with `escapeHtml`. Following is the default
function **(Modification is not recommended)**:
```JavaScript
@@ -230,7 +230,7 @@ function escapeHtml (html) {
### Customize escaping function for value of attributes
By specefing the handler function with `safeAttrValue`:
By specifying the handler function with `safeAttrValue`:
```JavaScript
function safeAttrValue (tag, name, value) {

2
README.zh.md
View File

@@ -14,7 +14,7 @@
`xss`是一个用于对用户输入的内容进行过滤以避免遭受XSS攻击的模块
[什么是XSS攻击](http://baike.baidu.com/view/2161269.htm))。要用于论坛、博客、网上商店等等一些可允许用户录入页面排版、
[什么是XSS攻击](http://baike.baidu.com/view/2161269.htm))。要用于论坛、博客、网上商店等等一些可允许用户录入页面排版、
格式控制相关的HTML的场景`xss`模块通过白名单来控制允许的标签及相关的标签属性,
另外还提供了一系列的接口以便用户扩展,比其他同类模块更为灵活。