leizongmin/js-xss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

publish: v1.0.8

Browse Source
This commit is contained in:
Zongmin Lei
2020-07-27 10:21:57 +08:00
parent b12fb387a6
commit ccff2e55c2
6 changed files with 23 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
dist/xss.js vendored
View File

@@ -519,7 +519,7 @@ function parseTag(html, onTag, escapeHtml) {
var currentTagName = "";
var currentHtml = "";
for (currentPos = 0; currentPos < len; currentPos++) {
chariterator: for (currentPos = 0; currentPos < len; currentPos++) {
var c = html.charAt(currentPos);
if (tagStart === false) {
if (c === "<") {
@@ -549,9 +549,17 @@ function parseTag(html, onTag, escapeHtml) {
tagStart = false;
continue;
}
if ((c === '"' || c === "'") && html.charAt(currentPos - 1) === "=") {
quoteStart = c;
continue;
if ((c === '"' || c === "'")) {
var i = 1;
var ic = html.charAt(currentPos - i);
while ((ic === " ") || (ic === "=")) {
if (ic === "=") {
quoteStart = c;
continue chariterator;
}
ic = html.charAt(currentPos - ++i);
}
}
} else {
if (c === quoteStart) {

2
dist/xss.min.js vendored
View File

File diff suppressed because one or more lines are too long