New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@wpe-tkpd/xss
Advanced tools
@wpe-tkpd/xss - npm Package Compare versions
Comparing version 1.0.2 to 1.0.3
@@ -1,6 +0,31 @@ | ||
| import DOMPurify from 'dompurify'; | ||
| function sanitizeHtmlBrowser(dirtyHtml, options = {}, domPurifyInstance = DOMPurify) { | ||
| const sanitizedHtml = domPurifyInstance.sanitize(dirtyHtml, Object.assign(Object.assign({}, options), { RETURN_TRUSTED_TYPE: false, RETURN_DOM: false, RETURN_DOM_FRAGMENT: false })); | ||
| return sanitizedHtml; | ||
| "use strict"; | ||
| var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault"); | ||
| Object.defineProperty(exports, "__esModule", { | ||
| value: true | ||
| }); | ||
| exports.default = void 0; | ||
| var _defineProperty2 = _interopRequireDefault(require("@babel/runtime/helpers/esm/defineProperty")); | ||
| var _dompurify = _interopRequireDefault(require("dompurify")); | ||
| function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; } | ||
| function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; } | ||
| function sanitizeHtmlBrowser(dirtyHtml) { | ||
| var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {}; | ||
| var domPurifyInstance = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : _dompurify.default; | ||
| var sanitizedHtml = domPurifyInstance.sanitize(dirtyHtml, _objectSpread(_objectSpread({}, options), {}, { | ||
| RETURN_TRUSTED_TYPE: false, | ||
| RETURN_DOM: false, | ||
| RETURN_DOM_FRAGMENT: false | ||
| })); | ||
| return sanitizedHtml; | ||
| } | ||
| export default sanitizeHtmlBrowser; | ||
| var _default = sanitizeHtmlBrowser; | ||
| exports.default = _default; | ||
| //# sourceMappingURL=sanitizeHtmlBrowser.js.map |
@@ -1,10 +0,24 @@ | ||
| import createDOMPurify from 'dompurify'; | ||
| import jsdom from 'jsdom'; | ||
| import sanitizeHtmlBrowser from './sanitizeHtmlBrowser'; | ||
| const { JSDOM } = jsdom; | ||
| const dom = new JSDOM(); | ||
| // @ts-ignore: because JSDOM window is not plain JS window | ||
| const domPurifyInstance = createDOMPurify(dom.window); | ||
| export default function sanitizeHtmlServer(dirtyHtml, options) { | ||
| return sanitizeHtmlBrowser(dirtyHtml, options, domPurifyInstance); | ||
| "use strict"; | ||
| var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault"); | ||
| Object.defineProperty(exports, "__esModule", { | ||
| value: true | ||
| }); | ||
| exports.default = sanitizeHtmlServer; | ||
| var _dompurify = _interopRequireDefault(require("dompurify")); | ||
| var _jsdom = _interopRequireDefault(require("jsdom")); | ||
| var _sanitizeHtmlBrowser = _interopRequireDefault(require("./sanitizeHtmlBrowser")); | ||
| var JSDOM = _jsdom.default.JSDOM; | ||
| var dom = new JSDOM(); // @ts-ignore: because JSDOM window is not plain JS window | ||
| var domPurifyInstance = (0, _dompurify.default)(dom.window); | ||
| function sanitizeHtmlServer(dirtyHtml, options) { | ||
| return (0, _sanitizeHtmlBrowser.default)(dirtyHtml, options, domPurifyInstance); | ||
| } | ||
| //# sourceMappingURL=sanitizeHtmlServer.js.map |
@@ -1,8 +0,19 @@ | ||
| import { sanitizeUrl as origSanitizeUrl } from '@braintree/sanitize-url'; | ||
| export default function sanitizeUrl(url, fallback) { | ||
| const sanitizedUrl = origSanitizeUrl(url); | ||
| if (fallback && sanitizedUrl === 'about:blank') { | ||
| return origSanitizeUrl(fallback); | ||
| } | ||
| return sanitizedUrl; | ||
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { | ||
| value: true | ||
| }); | ||
| exports.default = sanitizeUrl; | ||
| var _sanitizeUrl = require("@braintree/sanitize-url"); | ||
| function sanitizeUrl(url, fallback) { | ||
| var sanitizedUrl = (0, _sanitizeUrl.sanitizeUrl)(url); | ||
| if (fallback && sanitizedUrl === 'about:blank') { | ||
| return (0, _sanitizeUrl.sanitizeUrl)(fallback); | ||
| } | ||
| return sanitizedUrl; | ||
| } | ||
| //# sourceMappingURL=sanitizeUrl.js.map |
| { | ||
| "name": "@wpe-tkpd/xss", | ||
| "version": "1.0.2", | ||
| "version": "1.0.3", | ||
| "description": "Various sanitizer, escaper, encoder, and utilities to prevent XSS", | ||
@@ -17,3 +17,3 @@ "sideEffects": false, | ||
| "dev": "babel -w src -d dist --extensions '.js,.jsx,.ts,.tsx' --ignore '**/*.(test).(j|t)sx?' --verbose --source-maps", | ||
| "build-package": "pnpm run babel:build && tsc --build", | ||
| "build-package": "pnpm run babel:build && tsc --emitDeclarationOnly", | ||
| "build": "rm -rf dist && pnpm run build-package", | ||
@@ -20,0 +20,0 @@ "prepare": "pnpm run tc && pnpm run test && pnpm run build" |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by21.23%
11169
- Lines of code
- increased by93.33%
58
No dependency changes