@braintree/sanitize-url
Advanced tools
Comparing version 6.0.2 to 6.0.3
# CHANGELOG | ||
## 6.0.3 | ||
- Add null check to beginning of `sanitizeUrl` function ([#54](https://github.com/braintree/sanitize-url/issues/54)) | ||
## 6.0.2 | ||
@@ -4,0 +8,0 @@ |
@@ -0,1 +1,2 @@ | ||
export declare const BLANK_URL = "about:blank"; | ||
export declare function sanitizeUrl(url?: string): string; |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.sanitizeUrl = void 0; | ||
exports.sanitizeUrl = exports.BLANK_URL = void 0; | ||
var invalidProtocolRegex = /^([^\w]*)(javascript|data|vbscript)/im; | ||
@@ -10,2 +10,3 @@ var htmlEntitiesRegex = /&#(\w+)(^\w|;)?/g; | ||
var relativeFirstCharacters = [".", "/"]; | ||
exports.BLANK_URL = "about:blank"; | ||
function isRelativeUrlWithoutProtocol(url) { | ||
@@ -21,3 +22,6 @@ return relativeFirstCharacters.indexOf(url[0]) > -1; | ||
function sanitizeUrl(url) { | ||
var sanitizedUrl = decodeHtmlCharacters(url || "") | ||
if (!url) { | ||
return exports.BLANK_URL; | ||
} | ||
var sanitizedUrl = decodeHtmlCharacters(url) | ||
.replace(htmlCtrlEntityRegex, "") | ||
@@ -27,3 +31,3 @@ .replace(ctrlCharactersRegex, "") | ||
if (!sanitizedUrl) { | ||
return "about:blank"; | ||
return exports.BLANK_URL; | ||
} | ||
@@ -39,3 +43,3 @@ if (isRelativeUrlWithoutProtocol(sanitizedUrl)) { | ||
if (invalidProtocolRegex.test(urlScheme)) { | ||
return "about:blank"; | ||
return exports.BLANK_URL; | ||
} | ||
@@ -42,0 +46,0 @@ return sanitizedUrl; |
{ | ||
"name": "@braintree/sanitize-url", | ||
"version": "6.0.2", | ||
"version": "6.0.3", | ||
"description": "A url sanitizer", | ||
@@ -14,3 +14,4 @@ "main": "dist/index.js", | ||
"posttest": "npm run lint", | ||
"test": "jest" | ||
"test": "vitest", | ||
"coverage": "vitest run --coverage" | ||
}, | ||
@@ -28,22 +29,14 @@ "repository": { | ||
"devDependencies": { | ||
"@types/jest": "^27.4.1", | ||
"@typescript-eslint/eslint-plugin": "^5.19.0", | ||
"chai": "^4.3.6", | ||
"eslint": "^8.13.0", | ||
"@types/jest": "^29.4.0", | ||
"@typescript-eslint/eslint-plugin": "^5.54.1", | ||
"@vitest/coverage-v8": "^0.33.0", | ||
"chai": "^4.3.7", | ||
"eslint": "^8.36.0", | ||
"eslint-config-braintree": "^6.0.0-typescript-prep-rc.2", | ||
"eslint-plugin-prettier": "^4.0.0", | ||
"jest": "^27.5.1", | ||
"prettier": "^2.6.2", | ||
"ts-jest": "^27.1.4", | ||
"typescript": "^4.6.3" | ||
}, | ||
"jest": { | ||
"testEnvironment": "jsdom", | ||
"preset": "ts-jest", | ||
"globals": { | ||
"ts-jest": { | ||
"tsconfig": "src/__tests__/tsconfig.json" | ||
} | ||
} | ||
"eslint-plugin-prettier": "^4.2.1", | ||
"happy-dom": "^10.5.2", | ||
"prettier": "^2.8.4", | ||
"typescript": "^4.9.5", | ||
"vitest": "^0.33.0" | ||
} | ||
} |
@@ -30,1 +30,11 @@ # sanitize-url | ||
``` | ||
## Testing | ||
This library uses [Vitest](https://vitest.dev/). All testing dependencies | ||
will be installed upon `npm install` and the test suite can be executed with | ||
`npm test`. Running the test suite will also run lint checks upon exiting. | ||
npm test | ||
To generate a coverage report, use `npm run coverage`. |
@@ -9,2 +9,4 @@ const invalidProtocolRegex = /^([^\w]*)(javascript|data|vbscript)/im; | ||
export const BLANK_URL = "about:blank"; | ||
function isRelativeUrlWithoutProtocol(url: string): boolean { | ||
@@ -22,3 +24,7 @@ return relativeFirstCharacters.indexOf(url[0]) > -1; | ||
export function sanitizeUrl(url?: string): string { | ||
const sanitizedUrl = decodeHtmlCharacters(url || "") | ||
if (!url) { | ||
return BLANK_URL; | ||
} | ||
const sanitizedUrl = decodeHtmlCharacters(url) | ||
.replace(htmlCtrlEntityRegex, "") | ||
@@ -29,3 +35,3 @@ .replace(ctrlCharactersRegex, "") | ||
if (!sanitizedUrl) { | ||
return "about:blank"; | ||
return BLANK_URL; | ||
} | ||
@@ -46,3 +52,3 @@ | ||
if (invalidProtocolRegex.test(urlScheme)) { | ||
return "about:blank"; | ||
return BLANK_URL; | ||
} | ||
@@ -49,0 +55,0 @@ |
@@ -7,2 +7,3 @@ { | ||
"target": "es5", | ||
"resolveJsonModule": true, | ||
"lib": ["es2015", "dom"] | ||
@@ -9,0 +10,0 @@ }, |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
17303
290
40
11
1