bleach - npm Package Compare versions
Comparing version 0.2.0 to 0.2.1
@@ -7,3 +7,4 @@ /* | ||
| var fs = require('fs'); | ||
| var fs = require('fs'), | ||
| ent = require('ent'); | ||
@@ -37,8 +38,10 @@ var bleach = { | ||
| attr = attr.split('='); | ||
| var attr_name = attr[0], | ||
| attr_val = attr.length > 1 ? attr.slice(1).join('=') : null; | ||
| // remove quotes from attributes | ||
| if (attr[1] && attr[1].charAt(0).match(/'|"/)) attr[1] = attr[1].slice(1); | ||
| if (attr[1] && attr[1].charAt(attr[1].length-1).match(/'|"/)) attr[1] = attr[1].slice(0, -1); | ||
| if (attr_val && attr_val.charAt(0).match(/'|"/)) attr_val = attr_val.slice(1); | ||
| if (attr_val && attr_val.charAt(attr_val.length-1).match(/'|"/)) attr_val = attr_val.slice(0, -1); | ||
| attr = { | ||
| name: attr[0], | ||
| value: attr[1] | ||
| name: attr_name, | ||
| value: attr_val | ||
| }; | ||
@@ -70,2 +73,13 @@ if (!attr.value) delete attr.value; | ||
| if ((mode == 'white' && list.indexOf('script') == -1) | ||
| || (mode == 'black' && list.indexOf('script') != -1)) { | ||
| html = html.replace(/<script(.*?)>(.*?[\r\n])*?(.*?)(.*?[\r\n])*?<\/script>/gim, ''); | ||
| } | ||
| if ((mode == 'white' && list.indexOf('style') == -1) | ||
| || (mode == 'black' && list.indexOf('style') != -1)) { | ||
| html = html.replace(/<style(.*?)>(.*?[\r\n])*?(.*?)(.*?[\r\n])*?<\/style>/gim, ''); | ||
| } | ||
| matches.forEach(function(tag){ | ||
@@ -85,2 +99,4 @@ if (mode == 'white') { | ||
| if ( options.encode_entities ) html = ent.encode( html ); | ||
| return html; | ||
@@ -87,0 +103,0 @@ }, |
@@ -5,3 +5,3 @@ { | ||
| "description": "A minimalistic HTML sanitizer", | ||
| "version": "0.2.0", | ||
| "version": "0.2.1", | ||
| "homepage": "https://github.com/ecto/bleach/issues", | ||
@@ -16,4 +16,8 @@ "repository": { | ||
| }, | ||
| "dependencies": {}, | ||
| "devDependencies": {} | ||
| "dependencies": { | ||
| "ent": "0.0.x" | ||
| }, | ||
| "devDependencies": { | ||
| "vows": "0.5.x" | ||
| } | ||
| } |
@@ -136,2 +136,6 @@ # bleach | ||
| ## disclaimer | ||
| This is not a port of the Python **bleach** library - in fact their implementations are very different. | ||
| ## license | ||
@@ -138,0 +142,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Non-existent author
Supply chain riskThe package was published by an npm account that no longer exists.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by25.66%
16026
- Number of package files
- increased by66.67%
10
- Lines of code
- increased by29.66%
306
- Number of lines in readme file
- increased by2.72%
151
- Number of high supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Dependency count
- increased byInfinity%
1
- Dev dependency count
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedent@0.0.x
+ Addedent@0.0.8(transitive)
+ Addedpunycode@1.4.1(transitive)