leizongmin/js-xss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
434 Commits 1 Branch 0 Tags
master
Commit Graph

27 Commits

Author SHA1 Message Date
mdk000
bedb0c09db feat: single-quoted attribute value syntax support (#287) 2024-03-03 10:21:40 +08:00
LEI Zongmin
352ae5331f Revert "fix: comment has encoded (#257)" 
This reverts commit 9f6a37b34d.
 2022-06-06 23:59:59 +08:00
lumburr
1e4446635f fix: whitelist match failure due to case ignoring (#256) 2022-05-27 23:01:33 +08:00
lumburr
9f6a37b34d fix: comment has encoded (#257) 2022-05-27 22:57:50 +08:00
lumburr
1e34b3de23 feat: add eslint:recommended check 2022-03-09 19:39:57 +08:00
Matthew Benjamin Schupack
6914bbaf93 feat: add support for allowList as an alias for whiteList 2021-12-13 13:29:29 -05:00
Zongmin Lei
901b771960 style: reformat all source code by prettier 2021-05-06 13:32:47 +08:00
Zongmin Lei
17f322fde2 fix issue #120, tag in whiteList should be replaced with whiteList.hasOwnProperty(tag) 2017-12-21 15:06:39 +08:00
Zongmin Lei
9b85b8f2d6 reformat by prettier 2017-12-21 14:22:34 +08:00
Zongmin Lei
32a4bece31 translate all comments to English 2017-12-21 14:19:10 +08:00
ztree
903769c37d passed test: 
assert.equal(xss('<a\ttarget="_blank"\ntitle="bbb">'), '<a target="_blank" title="bbb">');
    assert.equal(xss('<a\ntarget="_blank"\ttitle="bbb">'), '<a target="_blank" title="bbb">');
    assert.equal(xss('<a\n\n\n\ttarget="_blank"\t\t\t\ntitle="bbb">'), '<a target="_blank" title="bbb">');
 2017-08-31 16:41:44 +08:00
Zongmin Lei
3ecf8542a0 fix: issue #66 no options mutated 2016-12-20 09:13:35 +08:00
Zongmin Lei
857fa9de67 fix cssFilter, allow pass css=false to disable cssFilter 2016-11-06 11:06:02 +08:00
Zongmin Lei
0a18ac740b fix stripIgnoreTagBody on file xss.js 2015-12-23 12:22:39 +08:00
Zongmin Lei
994f1a7045 v0.2.0 使用cssfilter模块来过滤style属性 2015-05-05 22:50:56 +08:00
josephj
231458ea48 避免窜改 Array.prototype 2015-03-27 22:02:03 +11:00
Zongmin Lei
6249d4cf2a 过滤是通过设置stripBlankChar=true来过滤不可见字符 2015-01-22 14:20:55 +08:00
Zongmin Lei
89c6930b9e 取消自动清除不可见字符 2015-01-22 14:07:17 +08:00
Zongmin Lei
97d0bdf516 自动清除不可见字符 2015-01-20 13:06:54 +08:00
Zongmin Lei
c7bd9c0fc4 兼容各种奇葩输入 2015-01-12 14:04:29 +08:00
Zongmin Lei
a420d251f1 增加新的选项 allowCommentTag 来设置是否允许HTML备注标签,默认false 2014-04-03 11:47:21 +08:00
Zongmin Lei
3eba6dbf53 update README 2014-02-14 10:06:09 +08:00
Zongmin Lei
c63f87b61f test: stripIgnoreTagBody 2014-02-13 18:18:43 +08:00
Zongmin Lei
98dc24ab5a originPosition改名为sourcePosition 2014-02-13 16:33:35 +08:00
Zongmin Lei
054aab29a2 test: stripIgnoreTag 2014-02-13 16:27:49 +08:00
Zongmin Lei
7fc9d3df3a test: onTagAttr 2014-02-13 15:55:36 +08:00
Zongmin Lei
1a04d6d79e 通过基本的xss白名单测试 2014-02-13 14:58:36 +08:00