🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more
Sign In

rebas

Package Overview
Dependencies
Maintainers
2
Versions
8
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

rebas - npm Package Compare versions

Comparing version
0.4.0
 to
0.4.1
+9
test/mock/index.html
<!DOCTYPE>
<html>
<head>
<meta charset="utf-8">
<title>Test</title>
</head>
<body>
</body>
</html>
+32
test/renderHTML.spec.js
/**
* @file renderHTML spec
* @author treelite(c.xinle@gmail.com)
*/
var path = require('path');
var renderHTML = require('../lib/middleware/renderHTML');
describe('renderHTML', function () {
it('Encoding data', function () {
var options = {
indexFile: path.resolve(__dirname, 'mock/index.html')
};
var res = {
syncData: {
id: '<script>alert("w");</script>'
},
html: true,
send: function (html) {
var res = html.match(/<\/script>/g);
expect(res.length).toBe(1);
}
};
var handler = renderHTML(options);
handler({}, res, function () {});
});
});
+5
-0
History.md

@@ -0,3 +1,8 @@

# 0.4.1 / 2015-08-24
* 修复配置项 `indexFile` 不能使用的问题
* 数据同步进行编码处理,防止 XSS
# 0.4.0 / 2015-06-18
* 与 [saber-firework](https://github.com/ecomfe/saber-firework) 配合提供全新的同构体验~
+4
-1
lib/middleware/renderHTML.js

@@ -38,3 +38,3 @@ /**

module.exports = function (options) {
var render = compile();
var render = compile(options);
return function (req, res, next) {

@@ -56,2 +56,5 @@ if (res.hasOwnProperty('html')) {

);
// 转义危险字符
// " ' \ 已经被JSON.stringify 处理了,还剩下一个 /
data.rebas = data.rebas.replace(/\//g, '\\/');
// 附加全局的模版数据

@@ -58,0 +61,0 @@ data = extend({}, options.templateData, data);

+1
-1
package.json
{
"name": "rebas",
"version": "0.4.0",
"version": "0.4.1",
"description": "Node runtime for Saber",

@@ -5,0 +5,0 @@ "main": "index.js",

+1
-1
README.md

@@ -20,3 +20,3 @@ Rebas

/**
* @fila app.js 应用启动脚本
* @file app.js 应用启动脚本
*/

@@ -23,0 +23,0 @@ var app = require('rebas');