html-janitor - npm Package Compare versions

Comparing version 0.3.2 to 1.0.0

CHANGELOG.md

		# HTML Janitor

		Sanitises HTML to a subset
		Sanitises HTML to a whitelist that you can control

		## 1.0.0

		Changes the definition of what constitutes a block tag and also the code will now strip out incorrectly nested block and inline tags.

		Thanks to [Ankit Ahuja](https://github.com/ankit) for this contribution.

		## 0.3.2
		@@ -6,0 +12,0 @@

karma.conf.js

		@@ -47,3 +47,3 @@ module.exports = function (config) {
		// - IE (only Windows)
		browsers: [ 'Chrome' ],
		browsers: [ 'Chrome', 'Firefox' ],

		@@ -50,0 +50,0 @@ // If browser does not capture in given timeout [ms], kill it

package.json

		{
		"name": "html-janitor",
		"version": "0.3.2",
		"version": "1.0.0",
		"main": "src/html-janitor.js",
		@@ -13,2 +13,3 @@ "scripts": {
		"karma-phantomjs-launcher": "~0.1.0",
		"karma-firefox-launcher": "~0.1",
		"karma-requirejs": "~0.2.0",
		@@ -15,0 +16,0 @@ "plumber": "~0.4.0",

README.md

		@@ -16,1 +16,10 @@ # html-janitor
		```

		## Development

		To run unit tests:

		```
		npm install
		npm run test
		```

src/html-janitor.js

		@@ -20,3 +20,3 @@ (function (root, factory) {
		// TODO: not exhaustive?
		var blockElementNames = ['P', 'LI', 'DIV'];
		var blockElementNames = ['P', 'LI', 'TD', 'TH', 'DIV', 'H1', 'H2', 'H3', 'H4', 'H5', 'H6'];
		function isBlockElement(node) {
		@@ -26,2 +26,7 @@ return blockElementNames.indexOf(node.nodeName) !== -1;

		var inlineElementNames = ['A', 'B', 'STRONG', 'I', 'EM', 'SUB', 'SUP', 'U', 'STRIKE'];
		function isInlineElement(node) {
		return inlineElementNames.indexOf(node.nodeName) !== -1;
		}

		HTMLJanitor.prototype.clean = function (html) {
		@@ -74,9 +79,9 @@ var sandbox = document.createElement('div');

		var isInlineElement = nodeName === 'b';
		var isInline = isInlineElement(node);
		var containsBlockElement;
		if (isInlineElement) {
		if (isInline) {
		containsBlockElement = Array.prototype.some.call(node.childNodes, isBlockElement);
		}

		var isInvalid = isInlineElement && containsBlockElement;
		var isInvalid = isInline && containsBlockElement;

		@@ -83,0 +88,0 @@ // Block elements should not be nested (e.g. <li><p>...); if

test/janitor.spec.js

		@@ -7,3 +7,14 @@ define([ 'html-janitor' ], function (HTMLJanitor) {
		tags: {
		a: {
		href: true
		},
		b: {},
		i: {},
		strong: {},
		em: {},
		sub: {},
		sup: {},
		u: {},
		strike: {},

		p: { foo: true, bar: 'baz' },
		@@ -33,3 +44,5 @@ ul: {},
		p.setAttribute('bar', 'baz');
		expect(janitor.clean(p.outerHTML)).toBe('<p foo="true" bar="baz"></p>');
		var cleanP = janitor.clean(p.outerHTML);
		expect(cleanP).toMatch(/foo="true"/);
		expect(cleanP).toMatch(/bar="baz"/);
		});
		@@ -99,2 +112,36 @@

		it('should not allow nested block elements inside inline elements', function() {
		var html = '<strong><p>Hello world</p></strong>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<b><p>Hello world</p></b>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<em><p>Hello world</p></em>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<i><p>Hello world</p></i>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<sub><p>Hello world</p></sub>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<sup><p>Hello world</p></sup>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<u><p>Hello world</p></u>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<strike><p>Hello world</p></strike>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');

		html = '<a href="test"><p>Hello world</p></a>';
		expect(janitor.clean(html)).toBe('<p>Hello world</p>');
		});

		it('should allow inline elements inside block elements', function() {
		var html = '<p>Hello <strong>world</strong></p>';
		expect(janitor.clean(html)).toBe('<p>Hello <strong>world</strong></p>');
		});

		});
		@@ -101,0 +148,0 @@

html-janitor - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics