js-xss

leizongmin/js-xss

Fork 0

66df7c48d5 Update CHANGELOG.md master LEI Zongmin 2024-03-03 10:31:06 +08:00
9c92272047 publish: v1.0.15 LEI Zongmin 2024-03-03 10:28:40 +08:00
ae15483e9e feat: add <kbd> to default whitelist (#279) suji Kim 2024-03-03 11:24:26 +09:00
bedb0c09db feat: single-quoted attribute value syntax support (#287) mdk000 2024-03-03 03:21:40 +01:00
8884b21308 feat: Allow loading attribute on img (#278) Adam Zielinski 2023-03-23 03:19:18 +01:00
4c3c7587f0 chore: fix typo (#272) Shigma 2023-03-23 10:05:38 +08:00
c339c1f777 publish: v1.0.14 LEI Zongmin 2022-08-16 21:54:05 +08:00
71c3f25972 fix: add allowList to types (#261) metonym 2022-08-16 06:50:56 -07:00
72844ddc6f fix: problem with not closed tag (#262) Sviataslau Shchaurouski 2022-08-16 15:50:26 +02:00
c2419c4d14 publish: v1.0.13 LEI Zongmin 2022-06-07 00:05:03 +08:00
352ae5331f Revert "fix: comment has encoded (#257)" LEI Zongmin 2022-06-06 23:59:59 +08:00
76d87aa002 publish: v1.0.12 LEI Zongmin 2022-06-04 00:12:31 +08:00
2e8e8ce3e8 chore: update devDependencies LEI Zongmin 2022-06-04 00:05:58 +08:00
d7654e5f14 fix: use var instead of let LEI Zongmin 2022-06-03 23:50:24 +08:00
c536c0da30 fix: problem with backslash and space at the beginning of attribute value (#253) lumburr 2022-05-27 23:09:19 +08:00
1e4446635f fix: whitelist match failure due to case ignoring (#256) lumburr 2022-05-27 23:01:33 +08:00
5a7c216dbe add another site that extensively uses XSS (#258) William Stein 2022-05-27 07:58:18 -07:00
9f6a37b34d fix: comment has encoded (#257) lumburr 2022-05-27 22:57:50 +08:00
621b4c220e Merge pull request #252 from lumburr/feat/eslint 老雷 2022-03-11 09:22:58 +08:00
1e34b3de23 feat: add eslint:recommended check lumburr 2022-03-09 19:39:57 +08:00
ed295cae25 publish: v1.0.11 Zongmin Lei 2022-03-06 15:21:07 +08:00
daa471e560 Merge pull request #249 from schu34/ms/add-allowlist-support 老雷 2021-12-31 21:05:29 +08:00
6914bbaf93 feat: add support for allowList as an alias for whiteList Matthew Benjamin Schupack 2021-12-13 13:11:43 -05:00
3826e74155 chore: build v1.0.10 老雷 2021-10-08 09:01:02 +00:00
380a4bae2b publish: v1.0.10 Zongmin Lei 2021-10-08 16:50:33 +08:00
699acdea7d fix: #239 stripCommentTag DoS attack Zongmin Lei 2021-10-08 16:23:28 +08:00
9cbe2f1066 Create SECURITY.md 老雷 2021-09-19 12:04:35 +08:00
bdd1b03896 chore: fix nodejs.yml remove node-version 8.x Zongmin Lei 2021-05-07 00:10:01 +08:00
3be6a07fae chore: update devDependencies to latest version Zongmin Lei 2021-05-06 14:02:14 +08:00
948dfb19c1 docs: update CI badge Zongmin Lei 2021-05-06 13:55:18 +08:00
831a6a289d chore: github action nodejs.yml run test-cov instead of test Zongmin Lei 2021-05-06 13:48:53 +08:00
0ba3cdbc4b chore: remove .travis.yml Zongmin Lei 2021-05-06 13:47:04 +08:00
cdee88ee16 chore: fix github action nodejs.yml Zongmin Lei 2021-05-06 13:45:18 +08:00
624aba94dc chore: add github action nodejs.yml 老雷 2021-05-06 13:43:41 +08:00
901b771960 style: reformat all source code by prettier Zongmin Lei 2021-05-06 13:32:47 +08:00
0b15109107 docs: update changelog Zongmin Lei 2021-05-06 13:29:53 +08:00
3e153f585d fix: typings onTag options Zongmin Lei 2021-05-06 13:22:53 +08:00
82cb63f0fe docs: update changelog Zongmin Lei 2021-05-06 13:16:49 +08:00
a1d9b44c36 fix: typings IWhiteList allow any tag name Zongmin Lei 2021-05-06 13:15:50 +08:00
005098be59 feat: Add <strike> to default whitelist Zongmin Lei 2021-05-06 13:11:03 +08:00
dcf1486845 feat: Add <audio crossorigin muted>, <video crossorigin muted playsinline poster> to default whitelist Zongmin Lei 2021-05-06 13:08:35 +08:00
f4c0b29c3f Merge pull request #220 from daraz999/patch-1 老雷 2021-05-06 12:53:28 +08:00
2f5dd55ca0 fix: recover <summary> on the default whitelist Zongmin Lei 2021-05-06 12:47:47 +08:00
d94ac2a584 publish: v1.0.9 Zongmin Lei 2021-05-06 11:32:55 +08:00
4452638995 chore: add package-lock.json to .ignore Zongmin Lei 2021-05-06 11:29:51 +08:00
cff16d9ba1 chore: build dist Zongmin Lei 2021-05-06 11:29:23 +08:00
730a0b5eae Merge pull request #218 from TomAnthony/fix-whitespace-bypass 老雷 2021-05-06 11:22:53 +08:00
6586f4966e Merge pull request #216 from spacegaier/patch-1 老雷 2021-05-06 11:20:15 +08:00
20869bef8c Merge pull request #222 from aprilandjan/master 老雷 2021-05-06 11:19:04 +08:00
3860fe7cca docs: correct empty whiteList typing in examples aprilandjan 2021-02-26 19:22:01 +08:00
0024eefd42 Add <figure> and <figcaption> to default whitelist Darius Smaliukas 2021-02-19 17:08:18 +02:00
51de741f7b Update handling of quoteStart to prevent sanitization bypass using non-space whitespace. Tom Anthony 2021-01-25 21:17:00 +01:00
49a25b4d85 Merge pull request #1 from leizongmin/master Tom Anthony 2021-01-25 20:06:05 +00:00
cb35b4ca02 Add <summary> to default whitelist Philip Allgaier 2021-01-24 20:30:11 +01:00
be1d80c89d Merge pull request #204 from timgates42/bugfix_typo_double 老雷 2020-10-27 01:21:07 +08:00
48a3a323b6 Merge pull request #202 from swseverance/fix-documentation 老雷 2020-09-16 18:58:31 +08:00
cf5a36696a docs: Fix simple typo, doube -> double Tim Gates 2020-09-01 07:48:41 +10:00
1691814807 Fix Documentation Example Sam Severance 2020-08-03 09:06:31 -04:00
fa53e3929b Update CHANGELOG.md 老雷 2020-07-27 10:28:36 +08:00
39f6fce862 chore: update bower.json Zongmin Lei 2020-07-27 10:25:25 +08:00
ccff2e55c2 publish: v1.0.8 Zongmin Lei 2020-07-27 10:21:57 +08:00
b12fb387a6 test: add more test for parseAttr Zongmin Lei 2020-07-27 10:10:40 +08:00
353ffdc73a Merge pull request #201 from TomAnthony/fix-bypass-issue 老雷 2020-07-24 19:13:00 +08:00
379d181273 Make coding style project consistent. Tom Anthony 2020-07-24 10:41:06 +01:00
10d0099728 chore: remove node_js version 6.0 on .travis.yml Zongmin Lei 2020-07-23 17:33:11 +08:00
5f2bacf590 chore: remove node_js version 4.0 & 5.0 on .travis.yml Zongmin Lei 2020-07-23 17:28:05 +08:00
ad66b19834 Merge pull request #200 from danvk/typescript-default-import 老雷 2020-07-23 17:24:14 +08:00
f454fd76e6 Update handling of quoteStart to allow for whitespace after =. Add a new test case for this failure scenario. Tom Anthony 2020-07-22 23:40:13 +01:00
4d07aeaa8a Allow default imports in TS Dan Vanderkam 2020-07-21 17:04:23 -04:00
9a34334b99 Create codeql-analysis.yml 老雷 2020-07-16 14:24:38 +08:00
b61c373d66 chore: use nyc instead of istanbul Zongmin Lei 2020-06-08 14:46:12 +08:00
a8cbb0900b chore: remove package-lock.json Zongmin Lei 2020-06-08 14:44:34 +08:00
04516fcd53 chore: update bower.json Zongmin Lei 2020-06-08 11:01:16 +08:00
c03f924100 chore: .travis.yml add node_js version 12.0 & 14.0 Zongmin Lei 2020-06-08 11:00:42 +08:00
fbe45f6b93 publish: v1.0.7 Zongmin Lei 2020-06-08 10:58:18 +08:00
4f88322961 chore: update dependencies Zongmin Lei 2020-06-08 10:47:45 +08:00
b82a3270fa fix test for #189 Zongmin Lei 2020-06-08 10:46:47 +08:00
154174dd9e Merge pull request #189 from sijanec/patch-1 老雷 2020-06-08 10:40:44 +08:00
a48d842cbb Merge pull request #188 from jcfranco/patch-1 老雷 2020-06-08 10:37:17 +08:00
8efd6327ae fix, as suggested by Ronald J Kimball sijanec 2020-02-22 21:59:36 +01:00
07ac8b16c1 added support for src embedded image, ftp and relative urls sijanec 2020-02-09 00:24:43 +01:00
db897317c4 Fix typo. JC Franco 2020-01-29 20:46:43 -08:00
53ba52a599 Create FUNDING.yml 老雷 2019-05-26 10:35:56 +08:00
2eb4a21f12 chore: update devDependencies Zongmin Lei 2019-04-13 11:49:36 +08:00
bc516a1863 fix: turn on strict mode for xss.js Zongmin Lei 2019-04-13 11:43:18 +08:00
506e192329 chore: add package-lock.json & update dependencies Zongmin Lei 2019-04-13 11:40:41 +08:00
c3b242f25f Merge pull request #144 from leizongmin/greenkeeper/browserify-16.2.2 老雷 2019-04-13 11:34:43 +08:00
9a2832f477 Merge pull request #161 from sbertrang/patch-1 老雷 2019-04-13 11:34:16 +08:00
4c66d6e388 Update parser.js Simon Bertrang 2019-03-27 09:30:16 +01:00
38ef7482f9 publish: v1.0.6 Zongmin Lei 2019-03-21 11:00:21 +08:00
6032d2a314 feat(typings): add more test Zongmin Lei 2019-03-21 11:00:09 +08:00
1317bb05c6 feat(typings): add global XSS namespace Zongmin Lei 2019-03-21 10:58:56 +08:00
75c7868e3e publish: v1.0.5 Zongmin Lei 2019-03-20 14:09:01 +08:00
a605558986 refactor typings, not support xss(), use filterXSS() Zongmin Lei 2019-03-20 14:08:19 +08:00
e1cc74c649 export function filterXSS Zongmin Lei 2019-03-20 14:07:13 +08:00
8bfe969895 publish: v1.0.4 Zongmin Lei 2019-03-20 13:45:08 +08:00
2acd5202e1 Merge pull request #155 from GenaBitu/reorganised-typings 老雷 2019-03-20 13:44:20 +08:00
f93657a484 Reorganised typings to expose the filterXSS function GenaBitu 2019-01-27 16:11:53 +01:00
c503faf063 chore(package): update browserify to version 16.2.2 greenkeeper[bot] 2018-08-03 00:45:09 +00:00
6abc5b52da update build Zongmin Lei 2018-05-25 14:43:28 +08:00

Commit Graph Select branches Hide Pull Requests master Mono Color

Commit Graph

Select branches

Hide Pull Requests

master