Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

bleach

Package Overview
Dependencies
Maintainers
1
Versions
9
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

bleach - npm Package Compare versions

Comparing version 0.1.4 to 0.2.0

filters/youtube.js

56

lib/bleach.js

@@ -7,2 +7,4 @@ /*

var fs = require('fs');
var bleach = {

@@ -42,2 +44,3 @@

};
if (!attr.value) delete attr.value;
if (attr.name) attrs.push(attr);

@@ -59,2 +62,3 @@ });

sanitize: function(html, options) {
html = String(html) || '';
options = options || {};

@@ -84,28 +88,36 @@

youtube: function(html) {
if (!html) throw Error('You must pass in HTML as an argument.');
if (typeof html != 'string') throw Error('HTML must be a string.');
filter: function(html, filters) {
html = String(html) || '';
var match,
matches = [],
regex = /<object(.*)src="(http:\/\/www.youtube.com)?\/(v\/([-|~_0-9A-Za-z]+)|watch\?v\=([-|~_0-9A-Za-z]+)&?.*?).*<\/object>/gi;
if (!filters) return;
while (match = regex.exec(html)) {
matches.push(match);
} delete match;
var available = fs.readdirSync(__dirname + '/../filters');
matches.forEach(function(match){
var full = match[0],
id = match[4];
if (Array.isArray(filters)) {
for (var i in filters) {
if (typeof filters[i] == 'function') {
html = filters[i](html);
} else {
var file = filters[i] + '.js';
for (var j in available) {
if (file == available[j]) {
html = require('../filters/' + file)(html);
}
}
}
}
return html;
} else if (typeof filters == 'string') {
var file = filters + '.js';
for (var i in available) {
if (file == available[i]) {
html = require('../filters/' + file)(html);
return html;
}
}
} else if (typeof filters == 'function') {
html = filters(html);
return html;
} else return html;
var rep = '<iframe type="text/html" '
+ 'frameborder="0" '
+ 'scrolling="no" '
+ 'allowfullscreen '
+ 'src="http://youtube.com/embed/' + id + '"></iframe>';
html = html.replace(full, rep);
});
return html;
}

@@ -112,0 +124,0 @@

@@ -5,3 +5,3 @@ {

"description": "A minimalistic HTML sanitizer",
"version": "0.1.4",
"version": "0.2.0",
"homepage": "https://github.com/ecto/bleach/issues",

@@ -8,0 +8,0 @@ "repository": {

@@ -84,10 +84,54 @@ # bleach

### bleach.youtube(html)
### bleach.filter(html, filters)
Convert valid YouTube flash embeds into HTML5-compliant iframe embeds.
SEXY FUN TIME
````javascript
var html = bleach.youtube(html);
var nyanFilter = function(input){
return input.replace('cats', 'nyannyannyan');
}
console.log(
bleach.filter('cats', nyanFilter)
);
// nyannyannyan
````
````javascript
var cutFilter = function(input){
return input.slice(0, 3);
}
console.log(
bleach.filter('cats', [
nyanFilter,
cutFilter
])
);
// nyan
````
You may also define longer filters and include them in the ./node_modules/bleach/filters directory.
A sample filter is included to convert YouTube flash embed objects to iDevice-compatible YouTube iframes.
````javascript
var html = '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="420" height="315" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><param name="src" value="http://www.youtube.com/v/aU079Mdkenw?version=3&amp;hl=en_US"><param name="allowfullscreen" value="true"><embed type="application/x-shockwave-flash" width="420" height="315" src="http://www.youtube.com/v/aU079Mdkenw?version=3&amp;hl=en_US" allowscriptaccess="always" allowfullscreen="true" id="s_media_1_0" name="s_media_1_0"></object>';
console.log(
bleach.filter(html, 'youtube')
);
// <iframe type="text/html" frameborder="0" scrolling="no" allowfullscreen src="http://youtube.com/embed/aU079Mdkenw"></iframe>
````
Refer to the filters directory for the template.
## license

@@ -94,0 +138,0 @@

@@ -12,12 +12,7 @@ var vows = require('vows'),

},
'requires input': function(analyze) {
assert.throws(function(){
analyze();
}, Error);
'returns blank array on invalid or missing input': function(analyze) {
assert.deepEqual(analyze({}), []);
assert.deepEqual(analyze([]), []);
assert.deepEqual(analyze(''), []);
},
'only accepts strings as HTML input': function(analyze) {
assert.throws(function(){
analyze(Object);
}, Error);
},
'finds self-closing tags': function(analyze){

@@ -39,7 +34,2 @@ assert.ok(analyze('<input type="text" />').length > 0);

},
'requires html to be passed in': function(sanitize){
assert.throws(function(){
sanitize();
}, Error);
},
'does not require options to be passed in': function(sanitize){

@@ -53,6 +43,6 @@ assert.doesNotThrow(function(){

},
'only accepts strings as HTML input': function(sanitize) {
assert.throws(function(){
sanitize(Object);
}, Error);
'returns blank string on invalid or missing input': function(analyze) {
assert.isString(analyze({}));
assert.isString(analyze([]));
assert.isString(analyze(''));
},

@@ -82,30 +72,47 @@ 'whitelist is respected': function(sanitize){

'bleach.youtube(html)': {
topic: function(){ return bleach.youtube; },
'is a function': function(sanitize) {
assert.equal(typeof sanitize, 'function');
'bleach.filter(html)': {
topic: function(){ return bleach.filter; },
'is a function': function(filter) {
assert.equal(typeof filter, 'function');
},
'requires html to be passed in': function(youtube){
assert.throws(function(){
youtube();
'allows array or string to be passed in': function(filter){
assert.doesNotThrow(function(){
filter([]);
filter('');
}, Error);
},
'returns a string': function(youtube) {
assert.isString(youtube(' '));
'returns a string': function(filter) {
assert.isString(filter(' ', 'youtube'));
},
'only accepts strings as HTML input': function(youtube) {
assert.throws(function(){
youtube(Object);
}, Error);
'allow function to be passed in': function(filter){
var nyanFilter = function(html){
return 'nyan';
}
assert.equal(filter('nyannyannyan', nyanFilter), 'nyan');
},
'converts a youtube flash object to an iframe': function(youtube){
'allow array of functions to be passed in': function(filter){
var filters = [
function(html){
return 'nyan';
},
function(html){
return html + html;
}
];
assert.equal(filter('nyannyannyan', filters), 'nyannyan');
},
},
'included youtube filter': {
topic: function(){ return bleach.filter; },
'converts a youtube flash object to an iframe': function(filter){
var input = '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="420" height="315" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><param name="src" value="http://www.youtube.com/v/aU079Mdkenw?version=3&amp;hl=en_US"><param name="allowfullscreen" value="true"><embed type="application/x-shockwave-flash" width="420" height="315" src="http://www.youtube.com/v/aU079Mdkenw?version=3&amp;hl=en_US" allowscriptaccess="always" allowfullscreen="true" id="s_media_1_0" name="s_media_1_0"></object>',
output = '<iframe type="text/html" frameborder="0" scrolling="no" allowfullscreen src="http://youtube.com/embed/aU079Mdkenw"></iframe>';
assert.equal(youtube(input), output);
assert.equal(filter(input, 'youtube'), output);
},
'ignores non-youtube flash objects': function(youtube){
'ignores non-youtube flash objects': function(filter){
var input = '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="420" height="315" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><param name="src" value="http://www.youtube.com/v/aU079Mdkenw?version=3&amp;hl=en_US"><param name="allowfullscreen" value="true"><embed type="application/x-shockwave-flash" width="420" height="315" src="http://google.com/asdf" allowscriptaccess="always" allowfullscreen="true" id="s_media_1_0" name="s_media_1_0"></object>';
assert.equal(youtube(input), input);
assert.equal(filter(input, 'youtube'), input);
},

@@ -112,0 +119,0 @@ }

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc