dompurify - npm Package Compare versions

Comparing version 0.7.0 to 0.7.1

bower.json

		{
		"name": "DOMPurify",
		"version": "0.7.0",
		"version": "0.7.1",
		"homepage": "https://github.com/cure53/DOMPurify",
		@@ -5,0 +5,0 @@ "author": "Cure53 <info@cure53.de>",

dist/purify.min.js

		@@ -1,2 +0,2 @@
		(function(e){"use strict";var t=typeof window==="undefined"?null:window;if(typeof define==="function"&&define.amd){define(function(){return e(t)})}else if(typeof module!=="undefined"){module.exports=e(t)}else{t.DOMPurify=e(t)}})(function e(t){"use strict";var r=function(t){return e(t)};r.version="0.6.7";if(!t\|\|!t.document\|\|t.document.nodeType!==9){r.isSupported=false;return r}var n=t.document;var a=n;var i=n.implementation;var o=t.DocumentFragment;var l=t.HTMLTemplateElement;var s=t.NodeFilter;var c=t.NamedNodeMap\|\|t.MozNamedAttrMap;var u=t.Text;var f=t.Comment;var d=t.DOMParser;if(typeof l==="function"){n=n.createElement("template").content.ownerDocument}var m=n.createNodeIterator;var p=n.getElementsByTagName;var v=n.createDocumentFragment;var h=a.importNode;var y={};r.isSupported=typeof d!=="undefined"&&n.documentMode!==9;var g=function(e,t){var r=t.length;while(r--){e[t[r]]=true}return e};var b=function(e){var t={};var r;for(r in e){if(e.hasOwnProperty(r)){t[r]=e[r]}}return t};var T=null;var A=g({},["a","abbr","acronym","address","area","article","aside","audio","b","bdi","bdo","big","blink","blockquote","body","br","button","canvas","caption","center","cite","code","col","colgroup","content","data","datalist","dd","decorator","del","details","dfn","dir","div","dl","dt","element","em","fieldset","figcaption","figure","font","footer","form","h1","h2","h3","h4","h5","h6","head","header","hgroup","hr","html","i","img","input","ins","kbd","label","legend","li","main","map","mark","marquee","menu","menuitem","meter","nav","nobr","ol","optgroup","option","output","p","pre","progress","q","rp","rt","ruby","s","samp","section","select","shadow","small","source","spacer","span","strike","strong","style","sub","summary","sup","table","tbody","td","template","textarea","tfoot","th","thead","time","tr","track","tt","u","ul","var","video","wbr","svg","altglyph","altglyphdef","altglyphitem","animatecolor","animatemotion","animatetransform","circle","clippath","defs","desc","ellipse","font","g","glyph","glyphref","hkern","image","line","lineargradient","marker","mask","metadata","mpath","path","pattern","polygon","polyline","radialgradient","rect","stop","switch","symbol","text","textpath","title","tref","tspan","view","vkern","math","menclose","merror","mfenced","mfrac","mglyph","mi","mlabeledtr","mmuliscripts","mn","mo","mover","mpadded","mphantom","mroot","mrow","ms","mpspace","msqrt","mystyle","msub","msup","msubsup","mtable","mtd","mtext","mtr","munder","munderover","#text"]);var w=null;var k=g({},["accept","action","align","alt","autocomplete","background","bgcolor","border","cellpadding","cellspacing","checked","cite","class","clear","color","cols","colspan","coords","datetime","default","dir","disabled","download","enctype","face","for","headers","height","hidden","high","href","hreflang","id","ismap","label","lang","list","loop","low","max","maxlength","media","method","min","multiple","name","noshade","novalidate","nowrap","open","optimum","pattern","placeholder","poster","preload","pubdate","radiogroup","readonly","rel","required","rev","reversed","rows","rowspan","spellcheck","scope","selected","shape","size","span","srclang","start","src","step","style","summary","tabindex","title","type","usemap","valign","value","width","xmlns","accent-height","accumulate","additivive","alignment-baseline","ascent","azimuth","baseline-shift","bias","clip","clip-path","clip-rule","color","color-interpolation","color-interpolation-filters","color-profile","color-rendering","cx","cy","d","dy","dy","direction","display","divisor","dur","elevation","end","fill","fill-opacity","fill-rule","filter","flood-color","flood-opacity","font-family","font-size","font-size-adjust","font-stretch","font-style","font-variant","font-weight","image-rendering","in","in2","k1","k2","k3","k4","kerning","letter-spacing","lighting-color","local","marker-end","marker-mid","marker-start","max","mask","mode","min","offset","operator","opacity","order","overflow","paint-order","path","points","r","rx","ry","radius","restart","scale","seed","shape-rendering","stop-color","stop-opacity","stroke-dasharray","stroke-dashoffset","stroke-linecap","stroke-linejoin","stroke-miterlimit","stroke-opacity","stroke","stroke-width","transform","text-anchor","text-decoration","text-rendering","u1","u2","viewbox","visibility","word-spacing","wrap","writing-mode","x","x1","x2","y","y1","y2","z","accent","accentunder","bevelled","close","columnsalign","columnlines","columnspan","denomalign","depth","display","displaystyle","fence","frame","largeop","length","linethickness","lspace","lquote","mathbackground","mathcolor","mathsize","mathvariant","maxsize","minsize","movablelimits","notation","numalign","open","rowalign","rowlines","rowspacing","rowspan","rspace","rquote","scriptlevel","scriptminsize","scriptsizemultiplier","selection","separator","separators","stretchy","subscriptshift","supscriptshift","symmetric","voffset","xlink:href","xml:id","xlink:title","xml:space"]);var x=null;var E=null;var O=true;var D=false;var M=false;var N=false;var S=false;var _=false;var L=true;var z=true;var R=g({},["audio","head","math","script","style","svg","video"]);var H=null;var C=n.createElement("form");var F=function(e){if(typeof e!=="object"){e={}}T="ALLOWED_TAGS"in e?g({},e.ALLOWED_TAGS):A;w="ALLOWED_ATTR"in e?g({},e.ALLOWED_ATTR):k;x="FORBID_TAGS"in e?g({},e.FORBID_TAGS):{};E="FORBID_ATTR"in e?g({},e.FORBID_ATTR):{};O=e.ALLOW_DATA_ATTR!==false;D=e.SAFE_FOR_JQUERY\|\|false;M=e.WHOLE_DOCUMENT\|\|false;N=e.RETURN_DOM\|\|false;S=e.RETURN_DOM_FRAGMENT\|\|false;_=e.RETURN_DOM_IMPORT\|\|false;L=e.SANITIZE_DOM!==false;z=e.KEEP_CONTENT!==false;if(S){N=true}if(e.ADD_TAGS){if(T===A){T=b(T)}g(T,e.ADD_TAGS)}if(e.ADD_ATTR){if(w===k){w=b(w)}g(w,e.ADD_ATTR)}if(z){T["#text"]=true}if(Object&&"freeze"in Object){Object.freeze(e)}H=e};var I=function(e){try{e.parentNode.removeChild(e)}catch(t){e.outerHTML=""}};var G=function(e){var t;try{t=(new d).parseFromString(e,"text/html")}catch(r){}if(!t){t=i.createHTMLDocument("");var n=t.body;n.parentNode.removeChild(n.parentNode.firstElementChild);n.outerHTML=e}if(typeof t.getElementsByTagName==="function"){return t.getElementsByTagName(M?"html":"body")[0]}else{return p.call(t,M?"html":"body")[0]}};var W=function(e){return m.call(e.ownerDocument\|\|e,e,s.SHOW_ELEMENT\|s.SHOW_COMMENT\|s.SHOW_TEXT,function(){return s.FILTER_ACCEPT},false)};var j=function(e){if(e instanceof u\|\|e instanceof f){return false}if(typeof e.nodeName!=="string"\|\|typeof e.textContent!=="string"\|\|typeof e.removeChild!=="function"\|\|!(e.attributes instanceof c)\|\|typeof e.removeAttribute!=="function"\|\|typeof e.setAttribute!=="function"){return true}return false};var B=function(e){K("beforeSanitizeElements",e,null);if(j(e)){I(e);return true}var t=e.nodeName.toLowerCase();K("uponSanitizeElement",e,{tagName:t});if(!T[t]\|\|x[t]){if(z&&!R[t]&&typeof e.insertAdjacentHTML==="function"){try{e.insertAdjacentHTML("AfterEnd",e.innerHTML)}catch(r){}}I(e);return true}if(D&&!e.firstElementChild){e.innerHTML=e.textContent.replace(/</g,"<")}K("afterSanitizeElements",e,null);return false};var q=function(e){K("beforeSanitizeAttributes",e,null);var r=e.attributes;if(!r){return}var a={attrName:"",attrValue:"",keepAttr:true},i=r.length,o,l,s,c,u;while(i--){o=r[i];l=o.name;s=o.value;c=l.toLowerCase();a.attrName=c;a.attrValue=s;a.keepAttr=true;K("uponSanitizeAttribute",e,a);s=a.attrValue;if(c==="name"&&e.nodeName==="IMG"&&r.id){u=r.id;r=Array.prototype.slice.apply(r);e.removeAttribute("id");e.removeAttribute(l);if(r.indexOf(u)>i){e.setAttribute("id",u.value)}}else{e.removeAttribute(l)}if(!a.keepAttr){continue}if(L&&(c==="id"\|\|c==="name")&&(s in t\|\|s in n\|\|s in C)){continue}if((w[c]&&!E[c]\|\|O&&P.test(c))&&(!U.test(s.replace(V,""))\|\|c==="src"&&s.indexOf("data:")===0&&e.nodeName==="IMG")){try{e.setAttribute(l,s)}catch(f){}}}K("afterSanitizeAttributes",e,null)};var P=/^data-[\w.\u00B7-\uFFFF-]/;var U=/^(?:\w+script\|data):/i;var V=/[\x00-\x20\xA0\u1680\u180E\u2000-\u2029\u205f\u3000]/g;var J=function(e){var t;var r=W(e);K("beforeSanitizeShadowDOM",e,null);while(t=r.nextNode()){K("uponSanitizeShadowNode",t,null);if(B(t)){continue}if(t.content instanceof o){J(t.content)}q(t)}K("afterSanitizeShadowDOM",e,null)};var K=function(e,t,n){if(!y[e]){return}y[e].forEach(function(e){e.call(r,t,n,H)})};r.sanitize=function(e,n){if(!e){return""}if(!r.isSupported){if(typeof t.toStaticHTML==="function"&&typeof e==="string"){return t.toStaticHTML(e)}return e}F(n);if(!N&&!M&&e.indexOf("<")===-1){return e}var i=G(e);if(!i){return N?null:""}var l;var s;var c=W(i);while(l=c.nextNode()){if(l.nodeType===3&&l===s){continue}if(B(l)){continue}if(l.content instanceof o){J(l.content)}q(l);s=l}var u;if(N){if(S){u=v.call(i.ownerDocument);while(i.firstChild){u.appendChild(i.firstChild)}}else{u=i}if(_){u=h.call(a,u,true)}return u}return M?i.outerHTML:i.innerHTML};r.addHook=function(e,t){if(typeof t!=="function"){return}y[e]=y[e]\|\|[];y[e].push(t)};r.removeHook=function(e){if(y[e]){y[e].pop()}};r.removeHooks=function(e){if(y[e]){y[e]=[]}};r.removeAllHooks=function(){y=[]};return r});
		(function(e){"use strict";var t=typeof window==="undefined"?null:window;if(typeof define==="function"&&define.amd){define(function(){return e(t)})}else if(typeof module!=="undefined"){module.exports=e(t)}else{t.DOMPurify=e(t)}})(function e(t){"use strict";var r=function(t){return e(t)};r.version="0.7.0";if(!t\|\|!t.document\|\|t.document.nodeType!==9){r.isSupported=false;return r}var n=t.document;var a=n;var i=t.DocumentFragment;var o=t.HTMLTemplateElement;var l=t.NodeFilter;var s=t.NamedNodeMap\|\|t.MozNamedAttrMap;var c=t.Text;var u=t.Comment;var f=t.DOMParser;if(typeof o==="function"){n=n.createElement("template").content.ownerDocument}var d=n.implementation;var m=n.createNodeIterator;var p=n.getElementsByTagName;var v=n.createDocumentFragment;var h=a.importNode;var y={};r.isSupported=typeof d.createHTMLDocument!=="undefined"&&n.documentMode!==9;var g=function(e,t){var r=t.length;while(r--){e[t[r]]=true}return e};var b=function(e){var t={};var r;for(r in e){if(e.hasOwnProperty(r)){t[r]=e[r]}}return t};var T=null;var A=g({},["a","abbr","acronym","address","area","article","aside","audio","b","bdi","bdo","big","blink","blockquote","body","br","button","canvas","caption","center","cite","code","col","colgroup","content","data","datalist","dd","decorator","del","details","dfn","dir","div","dl","dt","element","em","fieldset","figcaption","figure","font","footer","form","h1","h2","h3","h4","h5","h6","head","header","hgroup","hr","html","i","img","input","ins","kbd","label","legend","li","main","map","mark","marquee","menu","menuitem","meter","nav","nobr","ol","optgroup","option","output","p","pre","progress","q","rp","rt","ruby","s","samp","section","select","shadow","small","source","spacer","span","strike","strong","style","sub","summary","sup","table","tbody","td","template","textarea","tfoot","th","thead","time","tr","track","tt","u","ul","var","video","wbr","svg","altglyph","altglyphdef","altglyphitem","animatecolor","animatemotion","animatetransform","circle","clippath","defs","desc","ellipse","font","g","glyph","glyphref","hkern","image","line","lineargradient","marker","mask","metadata","mpath","path","pattern","polygon","polyline","radialgradient","rect","stop","switch","symbol","text","textpath","title","tref","tspan","view","vkern","math","menclose","merror","mfenced","mfrac","mglyph","mi","mlabeledtr","mmuliscripts","mn","mo","mover","mpadded","mphantom","mroot","mrow","ms","mpspace","msqrt","mystyle","msub","msup","msubsup","mtable","mtd","mtext","mtr","munder","munderover","#text"]);var w=null;var k=g({},["accept","action","align","alt","autocomplete","background","bgcolor","border","cellpadding","cellspacing","checked","cite","class","clear","color","cols","colspan","coords","datetime","default","dir","disabled","download","enctype","face","for","headers","height","hidden","high","href","hreflang","id","ismap","label","lang","list","loop","low","max","maxlength","media","method","min","multiple","name","noshade","novalidate","nowrap","open","optimum","pattern","placeholder","poster","preload","pubdate","radiogroup","readonly","rel","required","rev","reversed","rows","rowspan","spellcheck","scope","selected","shape","size","span","srclang","start","src","step","style","summary","tabindex","title","type","usemap","valign","value","width","xmlns","accent-height","accumulate","additivive","alignment-baseline","ascent","azimuth","baseline-shift","bias","clip","clip-path","clip-rule","color","color-interpolation","color-interpolation-filters","color-profile","color-rendering","cx","cy","d","dy","dy","direction","display","divisor","dur","elevation","end","fill","fill-opacity","fill-rule","filter","flood-color","flood-opacity","font-family","font-size","font-size-adjust","font-stretch","font-style","font-variant","font-weight","image-rendering","in","in2","k1","k2","k3","k4","kerning","letter-spacing","lighting-color","local","marker-end","marker-mid","marker-start","max","mask","mode","min","offset","operator","opacity","order","overflow","paint-order","path","points","r","rx","ry","radius","restart","scale","seed","shape-rendering","stop-color","stop-opacity","stroke-dasharray","stroke-dashoffset","stroke-linecap","stroke-linejoin","stroke-miterlimit","stroke-opacity","stroke","stroke-width","transform","text-anchor","text-decoration","text-rendering","u1","u2","viewbox","visibility","word-spacing","wrap","writing-mode","x","x1","x2","y","y1","y2","z","accent","accentunder","bevelled","close","columnsalign","columnlines","columnspan","denomalign","depth","display","displaystyle","fence","frame","largeop","length","linethickness","lspace","lquote","mathbackground","mathcolor","mathsize","mathvariant","maxsize","minsize","movablelimits","notation","numalign","open","rowalign","rowlines","rowspacing","rowspan","rspace","rquote","scriptlevel","scriptminsize","scriptsizemultiplier","selection","separator","separators","stretchy","subscriptshift","supscriptshift","symmetric","voffset","xlink:href","xml:id","xlink:title","xml:space"]);var x=null;var E=null;var D=true;var M=false;var O=false;var N=false;var S=false;var L=false;var _=true;var z=true;var R=g({},["audio","head","math","script","style","svg","video"]);var H=null;var C=n.createElement("form");var F=function(e){if(typeof e!=="object"){e={}}T="ALLOWED_TAGS"in e?g({},e.ALLOWED_TAGS):A;w="ALLOWED_ATTR"in e?g({},e.ALLOWED_ATTR):k;x="FORBID_TAGS"in e?g({},e.FORBID_TAGS):{};E="FORBID_ATTR"in e?g({},e.FORBID_ATTR):{};D=e.ALLOW_DATA_ATTR!==false;M=e.SAFE_FOR_JQUERY\|\|false;O=e.WHOLE_DOCUMENT\|\|false;N=e.RETURN_DOM\|\|false;S=e.RETURN_DOM_FRAGMENT\|\|false;L=e.RETURN_DOM_IMPORT\|\|false;_=e.SANITIZE_DOM!==false;z=e.KEEP_CONTENT!==false;if(S){N=true}if(e.ADD_TAGS){if(T===A){T=b(T)}g(T,e.ADD_TAGS)}if(e.ADD_ATTR){if(w===k){w=b(w)}g(w,e.ADD_ATTR)}if(z){T["#text"]=true}if(Object&&"freeze"in Object){Object.freeze(e)}H=e};var I=function(e){try{e.parentNode.removeChild(e)}catch(t){e.outerHTML=""}};var G=function(e){var t,r;try{t=(new f).parseFromString(e,"text/html")}catch(n){}if(!t){t=d.createHTMLDocument("");r=t.body;r.parentNode.removeChild(r.parentNode.firstElementChild);r.outerHTML=e}if(typeof t.getElementsByTagName==="function"){return t.getElementsByTagName(O?"html":"body")[0]}else{return p.call(t,O?"html":"body")[0]}};var W=function(e){return m.call(e.ownerDocument\|\|e,e,l.SHOW_ELEMENT\|l.SHOW_COMMENT\|l.SHOW_TEXT,function(){return l.FILTER_ACCEPT},false)};var j=function(e){if(e instanceof c\|\|e instanceof u){return false}if(typeof e.nodeName!=="string"\|\|typeof e.textContent!=="string"\|\|typeof e.removeChild!=="function"\|\|!(e.attributes instanceof s)\|\|typeof e.removeAttribute!=="function"\|\|typeof e.setAttribute!=="function"){return true}return false};var B=function(e){K("beforeSanitizeElements",e,null);if(j(e)){I(e);return true}var t=e.nodeName.toLowerCase();K("uponSanitizeElement",e,{tagName:t});if(!T[t]\|\|x[t]){if(z&&!R[t]&&typeof e.insertAdjacentHTML==="function"){try{e.insertAdjacentHTML("AfterEnd",e.innerHTML)}catch(r){}}I(e);return true}if(M&&!e.firstElementChild){e.innerHTML=e.textContent.replace(/</g,"<")}K("afterSanitizeElements",e,null);return false};var q=function(e){K("beforeSanitizeAttributes",e,null);var r=e.attributes;if(!r){return}var a={attrName:"",attrValue:"",keepAttr:true};var i=r.length;var o,l,s,c,u;while(i--){o=r[i];l=o.name;s=o.value;c=l.toLowerCase();a.attrName=c;a.attrValue=s;a.keepAttr=true;K("uponSanitizeAttribute",e,a);s=a.attrValue;if(c==="name"&&e.nodeName==="IMG"&&r.id){u=r.id;r=Array.prototype.slice.apply(r);e.removeAttribute("id");e.removeAttribute(l);if(r.indexOf(u)>i){e.setAttribute("id",u.value)}}else{e.removeAttribute(l)}if(!a.keepAttr){continue}if(_&&(c==="id"\|\|c==="name")&&(s in t\|\|s in n\|\|s in C)){continue}if((w[c]&&!E[c]\|\|D&&P.test(c))&&(!U.test(s.replace(V,""))\|\|c==="src"&&s.indexOf("data:")===0&&e.nodeName==="IMG")){try{e.setAttribute(l,s)}catch(f){}}}K("afterSanitizeAttributes",e,null)};var P=/^data-[\w.\u00B7-\uFFFF-]/;var U=/^(?:\w+script\|data):/i;var V=/[\x00-\x20\xA0\u1680\u180E\u2000-\u2029\u205f\u3000]/g;var J=function(e){var t;var r=W(e);K("beforeSanitizeShadowDOM",e,null);while(t=r.nextNode()){K("uponSanitizeShadowNode",t,null);if(B(t)){continue}if(t.content instanceof i){J(t.content)}q(t)}K("afterSanitizeShadowDOM",e,null)};var K=function(e,t,n){if(!y[e]){return}y[e].forEach(function(e){e.call(r,t,n,H)})};r.sanitize=function(e,n){if(!e){e=""}if(!r.isSupported){if(typeof t.toStaticHTML==="function"&&typeof e==="string"){return t.toStaticHTML(e)}return e}F(n);if(!N&&!O&&e.indexOf("<")===-1){return e}var o=G(e);if(!o){return N?null:""}var l;var s;var c=W(o);while(l=c.nextNode()){if(l.nodeType===3&&l===s){continue}if(B(l)){continue}if(l.content instanceof i){J(l.content)}q(l);s=l}var u;if(N){if(S){u=v.call(o.ownerDocument);while(o.firstChild){u.appendChild(o.firstChild)}}else{u=o}if(L){u=h.call(a,u,true)}return u}return O?o.outerHTML:o.innerHTML};r.addHook=function(e,t){if(typeof t!=="function"){return}y[e]=y[e]\|\|[];y[e].push(t)};r.removeHook=function(e){if(y[e]){y[e].pop()}};r.removeHooks=function(e){if(y[e]){y[e]=[]}};r.removeAllHooks=function(){y=[]};return r});
		//# sourceMappingURL=./dist/purify.min.js.map

package.json

		@@ -8,4 +8,6 @@ {
		"amend-minified": "scripts/amend-minified.sh",
		"test": "npm run jshint;./node_modules/.bin/karma start test/karma.conf.js --single-run",
		"local-test": "npm run jshint;./node_modules/.bin/karma start test/karma.conf.js --browsers Chrome --single-run"
		"test": "npm run jshint && npm run-script travis-ci",
		"travis-ci": "[ \"${TRAVIS_PULL_REQUEST}\" = \"false\" ] && ./node_modules/.bin/karma start test/karma.conf.js --log-level warn --reporters dots --single-run \|\| false",
		"ci-test": "./node_modules/.bin/karma start test/karma.conf.js --single-run",
		"local-test": "npm run jshint;./node_modules/.bin/karma start test/karma.conf.js --browsers Firefox,Chrome --single-run"
		},
		@@ -15,3 +17,2 @@ "pre-commit": [
		"minify",
		"local-test",
		"amend-minified"
		@@ -29,3 +30,2 @@ ],
		"karma-json-fixtures-preprocessor": "0.0.5",
		"karma-mocha-reporter": "^1.1.1",
		"karma-qunit": "^0.1.5",
		@@ -41,3 +41,3 @@ "karma-webpack": "^1.7.0",
		"description": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It's written in JavaScript and works in all modern browsers (Safari, Opera (15+), Internet Explorer (10+), Firefox and Chrome - as well as almost anything else using Blink or WebKit). DOMPurify is written by security people who have vast background in web attacks and XSS. Fear not.",
		"version": "0.7.0",
		"version": "0.7.1",
		"main": "src/purify.js",
		@@ -44,0 +44,0 @@ "directories": {

README.md

		@@ -166,2 +166,3 @@ # DOMPurify [![Bower version](https://badge.fury.io/bo/dompurify.svg)](http://badge.fury.io/bo/dompurify) · [![npm version](https://badge.fury.io/js/dompurify.svg)](http://badge.fury.io/js/dompurify) · [![Build Status](https://travis-ci.org/cure53/DOMPurify.svg?branch=master)](https://travis-ci.org/cure53/DOMPurify)

		You can further run local tests by executing `npm run-script local-test` or, in case you have a BrowserStack account with automation available, run the tests using `npm run-script ci-test`.

		@@ -168,0 +169,0 @@ ## Security Mailing List

src/purify.js

		@@ -24,3 +24,3 @@ ;(function(factory) {
		*/
		DOMPurify.version = '0.7.0';
		DOMPurify.version = '0.7.1';

		@@ -179,3 +179,3 @@ if (!window \|\| !window.document \|\| window.document.nodeType !== 9) {
		// XML
		'xlink:href','xml:id','xlink:title','xml:space'
		'xlink:href','xml:id','xlink:title','xml:space','xmlns:xlink'
		]);
		@@ -182,0 +182,0 @@

test/karma.conf.js

		@@ -18,3 +18,3 @@ module.exports = function(config) {

		reporters: ['mocha'],
		reporters: ['progress'],

		@@ -129,5 +129,9 @@ exclude: [],

		browserDisconnectTimeout: 10000,
		browserDisconnectTolerance: 1,
		browserNoActivityTimeout: 240000,
		captureTimeout: 240000,

		plugins: [
		'karma-webpack',
		'karma-mocha-reporter',
		'karma-chrome-launcher',
		@@ -134,0 +138,0 @@ 'karma-browserstack-launcher',

test/test-suite.js

		@@ -7,2 +7,3 @@ module.exports = function(DOMPurify, tests, xssTests) {
		});

		// Config-Flag Tests
		@@ -156,2 +157,32 @@ QUnit.test( 'Config-Flag tests: KEEP_CONTENT + ALLOWED_TAGS / ALLOWED_ATTR', function(assert) {
		});
		// document.write tests to handle FF's strange behavior
		QUnit
		.cases(xssTests)
		.asyncTest('XSS test: document.write() into iframe', function(params, assert) {
		var iframe = document.createElement('iframe');
		iframe.src='about:blank';
		iframe.onload=function(){
		QUnit.start();
		iframe.contentDocument.write('<script>window.alert=function(){top.xssed=true;}</script>' + DOMPurify.sanitize( params.payload ));
		assert.notEqual( window.xssed, true, 'alert() was called from document.write()' );
		window.xssed = false;
		iframe.parentNode.removeChild(iframe);
		}
		document.body.appendChild(iframe);
		});
		// cross-check that document.write into iframe works properly
		QUnit
		.asyncTest('XSS test: document.write() into iframe', function(assert) {
		window.xssed = false;
		var iframe = document.createElement('iframe');
		iframe.src='about:blank';
		iframe.onload=function(){
		QUnit.start();
		iframe.contentDocument.write('<script>window.alert=function(){parent.xssed=true;}</script><script>alert(1);</script>' );
		assert.equal( window.xssed, true, 'alert() was called but not detected' );
		window.xssed = false;
		iframe.parentNode.removeChild(iframe);
		}
		document.body.appendChild(iframe);
		});
		// Check for isSupported property
		@@ -158,0 +189,0 @@ QUnit.test( 'DOMPurify property tests', function(assert) {

.npmignore

Sorry, the diff of this file is not supported yet

dist/purify.min.js.map

Sorry, the diff of this file is not supported yet

scripts/amend-minified.sh

Sorry, the diff of this file is not supported yet

test/fixtures/expect.js

Sorry, the diff of this file is too big to display

website/index.tpl

Sorry, the diff of this file is not supported yet

dompurify - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics