		@@ -1,217 +0,223 @@
		// cockblock.js 1.0.1
		// cockblock.js v1.1.0
		// Copyright (c) 2015 Ryan Mohr
		// Released under the MIT license
		(function($) {
		function cockblock(html, options) {
		return sanitizeHtml(html, options \|\| cockblock.defaults);
		}
		require=(function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({"/Volumes/Ext1/devel/kumu/lib/cockblock/index.js":[function(require,module,exports){
		module.exports = require("./lib/cockblock");

		cockblock.url = function(url, options) {
		return sanitizeResource(url, options \|\| cockblock.defaults);
		};
		},{"./lib/cockblock":1}],1:[function(require,module,exports){
		(function (global){
		var $ = (typeof window !== "undefined" ? window.$ : typeof global !== "undefined" ? global.$ : null);

		// Exposed for testing
		// TODO: expose these under cockblock.utils instead
		cockblock._sanitizeAttributes = sanitizeAttributes;
		cockblock._getAttributeName = getAttributeName;
		function cockblock(html, options) {
		return sanitizeHtml(html, options \|\| cockblock.defaults);
		}

		cockblock.defaults = {
		elements: [
		"a",
		"aside",
		"b",
		"blockquote",
		"br",
		"caption",
		"code",
		"del",
		"dd",
		"dfn",
		"div",
		"dl",
		"dt",
		"em",
		"h1",
		"h2",
		"h3",
		"h4",
		"h5",
		"h6",
		"hr",
		"i",
		"img",
		"ins",
		"kbd",
		"li",
		"ol",
		"p",
		"pre",
		"q",
		"samp",
		"strike",
		"strong",
		"sub",
		"sup",
		"table",
		"tbody",
		"td",
		"tfoot",
		"th",
		"thead",
		"tr",
		"tt",
		"ul",
		"var"
		],
		cockblock.url = function(url, options) {
		return sanitizeResource(url, options \|\| cockblock.defaults);
		};

		attributes: {
		"a": ["href"],
		"img": ["src"],
		"div": ["itemscope", "itemtype"],
		"all": [
		"abbr",
		"accept",
		"accept-charset",
		"accesskey",
		"action",
		"align",
		"alt",
		"axis",
		"border",
		"cellpadding",
		"cellspacing",
		"char",
		"charoff",
		"charset",
		"checked",
		"cite",
		"clear",
		"cols",
		"colspan",
		"color",
		"compact",
		"coords",
		// "data-[a-z0-9-]+",
		"datetime",
		"dir",
		"disabled",
		"enctype",
		"for",
		"frame",
		"headers",
		"height",
		"hreflang",
		"hspace",
		"ismap",
		"label",
		"lang",
		"longdesc",
		"maxlength",
		"media",
		"method",
		"multiple",
		"name",
		"nohref",
		"noshade",
		"nowrap",
		"prompt",
		"readonly",
		"rel",
		"rev",
		"rows",
		"rowspan",
		"rules",
		"scope",
		"selected",
		"shape",
		"size",
		"span",
		"start",
		"summary",
		"tabindex",
		"target",
		"title",
		"type",
		"usemap",
		"valign",
		"value",
		"vspace",
		"width",
		"itemprop"
		]
		},
		// Exposed for testing
		// TODO: expose these under cockblock.utils instead
		cockblock._sanitizeAttributes = sanitizeAttributes;
		cockblock._getAttributeName = getAttributeName;

		// Default protocol support includes http(s), mailto, and relative.
		// TODO: Support protocol resolution too? //example.com
		protocols: /^(http\|https\|mailto\|#\|\/)/i
		};
		cockblock.defaults = {
		elements: [
		"a",
		"aside",
		"b",
		"blockquote",
		"br",
		"caption",
		"code",
		"del",
		"dd",
		"dfn",
		"div",
		"dl",
		"dt",
		"em",
		"h1",
		"h2",
		"h3",
		"h4",
		"h5",
		"h6",
		"hr",
		"i",
		"img",
		"ins",
		"kbd",
		"li",
		"ol",
		"p",
		"pre",
		"q",
		"samp",
		"span",
		"strike",
		"strong",
		"sub",
		"sup",
		"table",
		"tbody",
		"td",
		"tfoot",
		"th",
		"thead",
		"tr",
		"tt",
		"ul",
		"var"
		],

		var CONTAINED = {};
		CONTAINED.thead = CONTAINED.tbody = CONTAINED.tfoot = /^table$/i;
		CONTAINED.tr = /^(table\|thead\|tbody\|tfoot)$/i;
		CONTAINED.th = CONTAINED.td = /^tr$/i;
		CONTAINED.li = /^(ul\|ol)$/i;
		attributes: {
		"a": ["href"],
		"img": ["src"],
		"div": ["itemscope", "itemtype"],
		"all": [
		"abbr",
		"accept",
		"accept-charset",
		"accesskey",
		"action",
		"align",
		"alt",
		"axis",
		"border",
		"cellpadding",
		"cellspacing",
		"char",
		"charoff",
		"charset",
		"checked",
		"cite",
		"clear",
		"cols",
		"colspan",
		"color",
		"compact",
		"coords",
		// "data-[a-z0-9-]+",
		"datetime",
		"dir",
		"disabled",
		"enctype",
		"for",
		"frame",
		"headers",
		"height",
		"hreflang",
		"hspace",
		"ismap",
		"label",
		"lang",
		"longdesc",
		"maxlength",
		"media",
		"method",
		"multiple",
		"name",
		"nohref",
		"noshade",
		"nowrap",
		"prompt",
		"readonly",
		"rel",
		"rev",
		"rows",
		"rowspan",
		"rules",
		"scope",
		"selected",
		"shape",
		"size",
		"span",
		"start",
		"summary",
		"tabindex",
		"target",
		"title",
		"type",
		"usemap",
		"valign",
		"value",
		"vspace",
		"width",
		"itemprop"
		]
		},

		// src: img, iframe
		// href: a
		var RESOURCEFUL = /^(src\|href)$/;
		// Default protocol support includes http(s), mailto, and relative.
		// TODO: Support protocol resolution too? //example.com
		protocols: /^(http\|https\|mailto\|#\|\/)/i
		};

		function sanitizeHtml(html, options) {
		var $wrapper = $("<body>").html(html);
		sanitizeChildren($wrapper, initializeOptions(options));
		return $wrapper.html();
		}
		var CONTAINED = {};
		CONTAINED.thead = CONTAINED.tbody = CONTAINED.tfoot = /^table$/i;
		CONTAINED.tr = /^(table\|thead\|tbody\|tfoot)$/i;
		CONTAINED.th = CONTAINED.td = /^tr$/i;
		CONTAINED.li = /^(ul\|ol)$/i;

		function initializeOptions(options) {
		var opts = {};
		opts.protocols = options.protocols;
		opts.elements = arrayToRegExp(options.elements);
		opts.attributes = {};
		for (var tagName in options.attributes) {
		var attributes = options.attributes[tagName];
		if (tagName != "all") attributes = attributes.concat(options.attributes.all);
		opts.attributes[tagName] = arrayToRegExp(attributes);
		}
		return opts;
		}
		// src: img, iframe
		// href: a
		var RESOURCEFUL = /^(src\|href)$/;

		function arrayToRegExp(array) {
		return new RegExp("^(" + array.join("\|") + ")$", "i");
		}
		function sanitizeHtml(html, options) {
		var $wrapper = $("<body>").html(html);
		sanitizeChildren($wrapper, initializeOptions(options));
		return $wrapper.html();
		}

		function sanitizeElement($el, options) {
		if (options.elements.test(getTagName($el)) && isContained($el)) {
		sanitizeAttributes($el, options);
		sanitizeChildren($el, options);
		return $el;
		} else {
		$el.remove();
		}
		function initializeOptions(options) {
		var opts = {};
		opts.protocols = options.protocols;
		opts.elements = arrayToRegExp(options.elements);
		opts.attributes = {};
		for (var tagName in options.attributes) {
		var attributes = options.attributes[tagName];
		if (tagName != "all") attributes = attributes.concat(options.attributes.all);
		opts.attributes[tagName] = arrayToRegExp(attributes);
		}
		return opts;
		}

		function sanitizeChildren($el, options) {
		$el.children().each(function() {
		sanitizeElement($(this), options);
		});
		}
		function arrayToRegExp(array) {
		return new RegExp("^(" + array.join("\|") + ")$", "i");
		}

		// List and table items must be contained or they can break out.
		function isContained($el) {
		var requiredParent = CONTAINED[getTagNameLower($el)];
		return !requiredParent \|\| requiredParent.test(getTagName($el.parent()));
		function sanitizeElement($el, options) {
		if (options.elements.test(getTagName($el)) && isContained($el)) {
		sanitizeAttributes($el, options);
		sanitizeChildren($el, options);
		return $el;
		} else {
		$el.remove();
		}
		}

		function sanitizeAttributes($el, options) {
		var tagName = getTagNameLower($el);
		var attribute, attributes = getAttributes($el);
		var whitelist = options.attributes[tagName] \|\| options.attributes.all;
		function sanitizeChildren($el, options) {
		$el.children().each(function() {
		sanitizeElement($(this), options);
		});
		}

		for (var index in attributes) {
		if (attributes.hasOwnProperty(index)) {
		if ((attribute = getAttributeName(attributes, index))) {
		if (whitelist.test(attribute)) {
		sanitizeAttribute($el, attribute, options);
		} else {
		$el.removeAttr(attribute);
		}
		// List and table items must be contained or they can break out.
		function isContained($el) {
		var requiredParent = CONTAINED[getTagNameLower($el)];
		return !requiredParent \|\| requiredParent.test(getTagName($el.parent()));
		}

		function sanitizeAttributes($el, options) {
		var tagName = getTagNameLower($el);
		var attribute, attributes = getAttributes($el);
		var whitelist = options.attributes[tagName] \|\| options.attributes.all;

		for (var index in attributes) {
		if (attributes.hasOwnProperty(index)) {
		if ((attribute = getAttributeName(attributes, index))) {
		if (whitelist.test(attribute)) {
		sanitizeAttribute($el, attribute, options);
		} else {
		$el.removeAttr(attribute);
		}
		@@ -221,47 +227,46 @@ }
		}
		}

		function sanitizeAttribute($el, attribute, options) {
		if (RESOURCEFUL.test(attribute)) {
		$el.attr(attribute, sanitizeResource($el.attr(attribute), options));
		}
		function sanitizeAttribute($el, attribute, options) {
		if (RESOURCEFUL.test(attribute)) {
		$el.attr(attribute, sanitizeResource($el.attr(attribute), options));
		}
		}

		function sanitizeResource(value, options) {
		return (value && options.protocols.test(value)) ? value : '';
		}
		function sanitizeResource(value, options) {
		return (value && options.protocols.test(value)) ? value : '';
		}

		// Conformity helpers since cheerio couldn't go the easy route and just
		// use the same variable names browsers do.
		function getTagName($el) {
		return $el[0].tagName \|\| $el[0].name;
		}
		// Conformity helpers since cheerio couldn't go the easy route and just
		// use the same variable names browsers do.
		function getTagName($el) {
		return $el[0].tagName \|\| $el[0].name;
		}

		function getTagNameLower($el) {
		return getTagName($el).toLowerCase();
		}
		function getTagNameLower($el) {
		return getTagName($el).toLowerCase();
		}

		function getAttributes($el) {
		return $el[0].attributes \|\| $el[0].attribs;
		}
		function getAttributes($el) {
		return $el[0].attributes \|\| $el[0].attribs;
		}

		// In the browser the attributes object looks like:
		// {"0": {"name": "class"}, "1": ...}
		//
		// In node / cheerio the attributes are keyed by name instead.
		//
		// - in IE9 it's possible for attribute to be undefined (issue #1)
		function getAttributeName(attributes, index) {
		if (Number(index) == index) {
		var attribute = attributes[String(index)];
		return attribute && attribute.name;
		} else {
		return index;
		}
		// In the browser the attributes object looks like:
		// {"0": {"name": "class"}, "1": ...}
		//
		// In node / cheerio the attributes are keyed by name instead.
		//
		// - in IE9 it's possible for attribute to be undefined (issue #1)
		function getAttributeName(attributes, index) {
		if (Number(index) == index) {
		var attribute = attributes[String(index)];
		return attribute && attribute.name;
		} else {
		return index;
		}
		}

		if (typeof window == "undefined") {
		module.exports = cockblock;
		} else {
		window.cockblock = cockblock;
		}
		})(typeof window == "undefined" ? require("cheerio") : $);
		module.exports = cockblock;

		}).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
		},{}]},{},[]);

dist/cockblock.min.js

		@@ -1,1 +0,1 @@
		!function(t){function e(t,a){return r(t,a\|\|e.defaults)}function r(e,r){var n=t("<body>").html(e);return i(n,a(r)),n.html()}function a(t){var e={};e.protocols=t.protocols,e.elements=n(t.elements),e.attributes={};for(var r in t.attributes){var a=t.attributes[r];"all"!=r&&(a=a.concat(t.attributes.all)),e.attributes[r]=n(a)}return e}function n(t){return new RegExp("^("+t.join("\|")+")$","i")}function o(t,e){return e.elements.test(d(t))&&s(t)?(c(t,e),i(t,e),t):void t.remove()}function i(e,r){e.children().each(function(){o(t(this),r)})}function s(t){var e=m[p(t)];return!e\|\|e.test(d(t.parent()))}function c(t,e){var r,a=p(t),n=f(t),o=e.attributes[a]\|\|e.attributes.all;for(var i in n)n.hasOwnProperty(i)&&(r=h(n,i))&&(o.test(r)?l(t,r,e):t.removeAttr(r))}function l(t,e,r){b.test(e)&&t.attr(e,u(t.attr(e),r))}function u(t,e){return t&&e.protocols.test(t)?t:""}function d(t){return t[0].tagName\|\|t[0].name}function p(t){return d(t).toLowerCase()}function f(t){return t[0].attributes\|\|t[0].attribs}function h(t,e){if(Number(e)==e){var r=t[String(e)];return r&&r.name}return e}e.url=function(t,r){return u(t,r\|\|e.defaults)},e._sanitizeAttributes=c,e._getAttributeName=h,e.defaults={elements:["a","aside","b","blockquote","br","caption","code","del","dd","dfn","div","dl","dt","em","h1","h2","h3","h4","h5","h6","hr","i","img","ins","kbd","li","ol","p","pre","q","samp","strike","strong","sub","sup","table","tbody","td","tfoot","th","thead","tr","tt","ul","var"],attributes:{a:["href"],img:["src"],div:["itemscope","itemtype"],all:["abbr","accept","accept-charset","accesskey","action","align","alt","axis","border","cellpadding","cellspacing","char","charoff","charset","checked","cite","clear","cols","colspan","color","compact","coords","datetime","dir","disabled","enctype","for","frame","headers","height","hreflang","hspace","ismap","label","lang","longdesc","maxlength","media","method","multiple","name","nohref","noshade","nowrap","prompt","readonly","rel","rev","rows","rowspan","rules","scope","selected","shape","size","span","start","summary","tabindex","target","title","type","usemap","valign","value","vspace","width","itemprop"]},protocols:/^(http\|https\|mailto\|#\|\/)/i};var m={};m.thead=m.tbody=m.tfoot=/^table$/i,m.tr=/^(table\|thead\|tbody\|tfoot)$/i,m.th=m.td=/^tr$/i,m.li=/^(ul\|ol)$/i;var b=/^(src\|href)$/;"undefined"==typeof window?module.exports=e:window.cockblock=e}("undefined"==typeof window?require("cheerio"):$);
		require=function t(e,r,n){function o(a,l){if(!r[a]){if(!e[a]){var u="function"==typeof require&&require;if(!l&&u)return u(a,!0);if(i)return i(a,!0);var s=new Error("Cannot find module '"+a+"'");throw s.code="MODULE_NOT_FOUND",s}var c=r[a]={exports:{}};e[a][0].call(c.exports,function(t){var r=e[a][1][t];return o(r?r:t)},c,c.exports,t,e,r,n)}return r[a].exports}for(var i="function"==typeof require&&require,a=0;a<n.length;a++)o(n[a]);return o}({"/Volumes/Ext1/devel/kumu/lib/cockblock/index.js":[function(t,e){e.exports=t("./lib/cockblock")},{"./lib/cockblock":1}],1:[function(t,e){(function(t){function r(t,e){return n(t,e\|\|r.defaults)}function n(t,e){var r=m("<body>").html(t);return l(r,o(e)),r.html()}function o(t){var e={};e.protocols=t.protocols,e.elements=i(t.elements),e.attributes={};for(var r in t.attributes){var n=t.attributes[r];"all"!=r&&(n=n.concat(t.attributes.all)),e.attributes[r]=i(n)}return e}function i(t){return new RegExp("^("+t.join("\|")+")$","i")}function a(t,e){return e.elements.test(f(t))&&u(t)?(s(t,e),l(t,e),t):void t.remove()}function l(t,e){t.children().each(function(){a(m(this),e)})}function u(t){var e=v[p(t)];return!e\|\|e.test(f(t.parent()))}function s(t,e){var r,n=p(t),o=h(t),i=e.attributes[n]\|\|e.attributes.all;for(var a in o)o.hasOwnProperty(a)&&(r=b(o,a))&&(i.test(r)?c(t,r,e):t.removeAttr(r))}function c(t,e,r){g.test(e)&&t.attr(e,d(t.attr(e),r))}function d(t,e){return t&&e.protocols.test(t)?t:""}function f(t){return t[0].tagName\|\|t[0].name}function p(t){return f(t).toLowerCase()}function h(t){return t[0].attributes\|\|t[0].attribs}function b(t,e){if(Number(e)==e){var r=t[String(e)];return r&&r.name}return e}var m="undefined"!=typeof window?window.$:"undefined"!=typeof t?t.$:null;r.url=function(t,e){return d(t,e\|\|r.defaults)},r._sanitizeAttributes=s,r._getAttributeName=b,r.defaults={elements:["a","aside","b","blockquote","br","caption","code","del","dd","dfn","div","dl","dt","em","h1","h2","h3","h4","h5","h6","hr","i","img","ins","kbd","li","ol","p","pre","q","samp","span","strike","strong","sub","sup","table","tbody","td","tfoot","th","thead","tr","tt","ul","var"],attributes:{a:["href"],img:["src"],div:["itemscope","itemtype"],all:["abbr","accept","accept-charset","accesskey","action","align","alt","axis","border","cellpadding","cellspacing","char","charoff","charset","checked","cite","clear","cols","colspan","color","compact","coords","datetime","dir","disabled","enctype","for","frame","headers","height","hreflang","hspace","ismap","label","lang","longdesc","maxlength","media","method","multiple","name","nohref","noshade","nowrap","prompt","readonly","rel","rev","rows","rowspan","rules","scope","selected","shape","size","span","start","summary","tabindex","target","title","type","usemap","valign","value","vspace","width","itemprop"]},protocols:/^(http\|https\|mailto\|#\|\/)/i};var v={};v.thead=v.tbody=v.tfoot=/^table$/i,v.tr=/^(table\|thead\|tbody\|tfoot)$/i,v.th=v.td=/^tr$/i,v.li=/^(ul\|ol)$/i;var g=/^(src\|href)$/;e.exports=r}).call(this,"undefined"!=typeof global?global:"undefined"!=typeof self?self:"undefined"!=typeof window?window:{})},{}]},{},[]);

Gulpfile.js

		var gulp = require("gulp");
		var header = require("gulp-header");
		var rename = require("gulp-rename");
		@@ -6,7 +7,22 @@ var replace = require("gulp-replace");
		var jshint = require("gulp-jshint");
		var project = require("./package.json");
		var transform = require("vinyl-transform");
		var browserify = require("browserify");
		var pkg = require("./package.json");

		var banner = [
		"// cockblock.js v<%= pkg.version %>",
		"// Copyright (c) 2015 Ryan Mohr",
		"// Released under the MIT license",
		""].join("\n");

		gulp.task("build", function() {
		gulp.src("./cockblock.js")
		.pipe(replace("VERSION", project.version))
		var browserified = transform(function(filename) {
		var b = browserify().require(filename);
		return b.bundle();
		});

		gulp.src("./index.js")
		.pipe(browserified)
		.pipe(rename("cockblock.js"))
		.pipe(header(banner, {pkg: pkg}))
		.pipe(gulp.dest("dist"))
		@@ -19,3 +35,3 @@ .pipe(rename("cockblock.min.js"))
		gulp.task("lint", function() {
		gulp.src(["./cockblock.js"])
		gulp.src(["./index.js"])
		.pipe(jshint())
		@@ -22,0 +38,0 @@ .pipe(jshint.reporter());

package.json

		{
		"name": "cockblock",
		"version": "1.0.1",
		"version": "1.1.0",
		"homepage": "http://github.com/rymohr/cockblock",
		@@ -24,3 +24,3 @@ "repository": "http://github.com/rymohr/cockblock",
		"license": "MIT",
		"main": "cockblock.js",
		"main": "index.js",
		"dependencies": {
		@@ -35,6 +35,8 @@ "cheerio": "*"
		"gulp-jshint": "~1.3.4",
		"browserify": "~3.32.0",
		"browserify-shim": "~3.3.1",
		"browserify": "~9.0.3",
		"browserify-shim": "~3.8.3",
		"gulp-replace": "~0.2.0",
		"gulp-uglify": "~0.2.1"
		"gulp-uglify": "~0.2.1",
		"gulp-header": "~1.2.2",
		"vinyl-transform": "~1.0.0"
		},
		@@ -47,5 +49,4 @@ "browserify": {
		"browserify-shim": {
		"cheerio": "global:$",
		"../cockblock": "global:cockblock"
		"cheerio": "global:$"
		}
		}

README.md

		@@ -46,3 +46,3 @@ cockblock

		See [cockblock.js][source] for the default set of allowed elements, attributes, and
		See [lib/cockblock.js][source] for the default set of allowed elements, attributes, and
		supported protocols.
		@@ -63,6 +63,3 @@

		Now that you're up and running go ahead and hack away. The full library
		is defined in `cockblock.js`.

		[source]: https://github.com/kumu/cockblock.js/blob/master/cockblock.js
		[source]: https://github.com/kumu/cockblock.js/blob/master/lib/cockblock.js
		[dist]: https://github.com/kumu/cockblock.js/blob/master/dist/cockblock.js
		@@ -69,0 +66,0 @@ [html-pipeline]: https://github.com/jch/html-pipeline

test/index.js

		var expect = require("chai").expect;
		var cockblock = require("../cockblock");
		var cockblock = require("..");

		@@ -4,0 +4,0 @@ describe("cockblock()", function() {

cockblock.js

test/browser/index.html

Sorry, the diff of this file is not supported yet

test/browser/index.js

Sorry, the diff of this file is too big to display

cockblock - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics