publish: v1.0.13
This commit is contained in:
LEI Zongmin
@@ -1,5 +1,9 @@
|
||||
# CHANGELOG
|
||||
|
||||
## v1.0.13 (2022-06-07)
|
||||
|
||||
- [revert: fix: comment has encoded](https://github.com/leizongmin/js-xss/pull/257)
|
||||
|
||||
## v1.0.12 (2022-06-04)
|
||||
|
||||
- [feat: add eslint:recommended check](https://github.com/leizongmin/js-xss/pull/252) by @lumburr
|
||||
|
||||
14
dist/xss.js
vendored
14
dist/xss.js
vendored
@@ -160,15 +160,6 @@ function escapeHtml(html) {
|
||||
return html.replace(REGEXP_LT, "<").replace(REGEXP_GT, ">");
|
||||
}
|
||||
|
||||
/**
|
||||
* default escapeHtml function but dont escape comment
|
||||
*
|
||||
* @param {String} html
|
||||
*/
|
||||
function escapeHtmlNotComment(html) {
|
||||
return html.replace(REGEXP_LT_NOT_COMMENT, "<").replace(REGEXP_RT_NOT_COMMENT, ">");
|
||||
}
|
||||
|
||||
/**
|
||||
* default safeAttrValue function
|
||||
*
|
||||
@@ -238,8 +229,6 @@ function safeAttrValue(tag, name, value, cssFilter) {
|
||||
// RegExp list
|
||||
var REGEXP_LT = /</g;
|
||||
var REGEXP_GT = />/g;
|
||||
var REGEXP_LT_NOT_COMMENT = /<(?!!--)/g;
|
||||
var REGEXP_RT_NOT_COMMENT = /(?<!--)>/g;
|
||||
var REGEXP_QUOTE = /"/g;
|
||||
var REGEXP_QUOTE_2 = /"/g;
|
||||
var REGEXP_ATTR_VALUE_1 = /&#([a-zA-Z0-9]*);?/gim;
|
||||
@@ -456,7 +445,6 @@ exports.onTagAttr = onTagAttr;
|
||||
exports.onIgnoreTagAttr = onIgnoreTagAttr;
|
||||
exports.safeAttrValue = safeAttrValue;
|
||||
exports.escapeHtml = escapeHtml;
|
||||
exports.escapeHtmlNotComment = escapeHtmlNotComment;
|
||||
exports.escapeQuote = escapeQuote;
|
||||
exports.unescapeQuote = unescapeQuote;
|
||||
exports.escapeHtmlEntities = escapeHtmlEntities;
|
||||
@@ -927,7 +915,7 @@ function FilterXSS(options) {
|
||||
options.onIgnoreTag = options.onIgnoreTag || DEFAULT.onIgnoreTag;
|
||||
options.onIgnoreTagAttr = options.onIgnoreTagAttr || DEFAULT.onIgnoreTagAttr;
|
||||
options.safeAttrValue = options.safeAttrValue || DEFAULT.safeAttrValue;
|
||||
options.escapeHtml = options.escapeHtml || (options.allowCommentTag ? DEFAULT.escapeHtmlNotComment : DEFAULT.escapeHtml);
|
||||
options.escapeHtml = options.escapeHtml || DEFAULT.escapeHtml;
|
||||
this.options = options;
|
||||
|
||||
if (options.css === false) {
|
||||
|
||||
2
dist/xss.min.js
vendored
2
dist/xss.min.js
vendored
File diff suppressed because one or more lines are too long
@@ -2,7 +2,7 @@
|
||||
"name": "xss",
|
||||
"main": "./lib/index.js",
|
||||
"typings": "./typings/xss.d.ts",
|
||||
"version": "1.0.12",
|
||||
"version": "1.0.13",
|
||||
"description": "Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist",
|
||||
"author": "Zongmin Lei <leizongmin@gmail.com> (http://ucdok.com)",
|
||||
"repository": {
|
||||
|
||||
Reference in New Issue
Block a user