New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

url-sanitizer

Package Overview
Dependencies
Maintainers
1
Versions
76
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

url-sanitizer - npm Package Compare versions

Comparing version 0.2.2 to 0.2.3

src/lib/file/text-chars.json

246

dist/url-sanitizer.js

@@ -7,2 +7,237 @@ // src/mjs/common.js

// src/lib/file/text-chars.json
var text_chars_default = [
7,
8,
9,
10,
11,
12,
13,
27,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100,
101,
102,
103,
104,
105,
106,
107,
108,
109,
110,
111,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
124,
125,
126,
128,
129,
130,
131,
132,
133,
134,
135,
136,
137,
138,
139,
140,
141,
142,
143,
144,
145,
146,
147,
148,
149,
150,
151,
152,
153,
154,
155,
156,
157,
158,
159,
160,
161,
162,
163,
164,
165,
166,
167,
168,
169,
170,
171,
172,
173,
174,
175,
176,
177,
178,
179,
180,
181,
182,
183,
184,
185,
186,
187,
188,
189,
190,
191,
192,
193,
194,
195,
196,
197,
198,
199,
200,
201,
202,
203,
204,
205,
206,
207,
208,
209,
210,
211,
212,
213,
214,
215,
216,
217,
218,
219,
220,
221,
222,
223,
224,
225,
226,
227,
228,
229,
230,
231,
232,
233,
234,
235,
236,
237,
238,
239,
240,
241,
242,
243,
244,
245,
246,
247,
248,
249,
250,
251,
252,
253,
254,
255
];
// src/lib/iana/uri-schemes.json

@@ -403,9 +638,3 @@ var uri_schemes_default = [

const uint8arr = Uint8Array.from([...bin].map((c) => c.charCodeAt(0)));
const textChars = /* @__PURE__ */ new Set([7, 8, 9, 10, 11, 12, 13, 27]);
for (let i = 32; i < 127; i++) {
textChars.add(i);
}
for (let i = 128; i <= 255; i++) {
textChars.add(i);
}
const textChars = new Set(text_chars_default);
let parsedData;

@@ -578,4 +807,4 @@ if (uint8arr.every((c) => textChars.has(c))) {

}
type = 0;
}
type = 0;
}

@@ -619,2 +848,3 @@ } else if (/data:[^,]*,/.test(parsedData) && !(escapeTags ?? true)) {

break;
case 0:
default:

@@ -621,0 +851,0 @@ sanitizedUrl = urlToSanitize.replace(regChars, getUrlEncodedString);

2

dist/url-sanitizer.min.js

@@ -1,2 +0,2 @@

var w=e=>Object.prototype.toString.call(e).slice(8,-1),d=e=>typeof e=="string"||e instanceof String;var L=["aaa","aaas","about","acap","acct","acd","acr","adiumxtra","adt","afp","afs","aim","amss","android","appdata","apt","ar","ark","attachment","aw","barion","beshare","bitcoin","bitcoincash","blob","bolo","browserext","cabal","calculator","callto","cap","cast","casts","chrome","chrome-extension","cid","coap","coaps","com-eventbrite-attendee","content","content-type","crid","cstr","cvs","dab","dat","data","dav","diaspora","dict","did","dis","dlna-playcontainer","dlna-playsingle","dns","dntp","doi","dpp","drm","dtmi","dtn","dvb","dvx","dweb","ed2k","eid","elsi","embedded","ens","ethereum","example","facetime","feed","feedready","fido","file","finger","first-run-pen-experience","fish","fm","ftp","fuchsia-pkg","geo","gg","git","gitoid","gizmoproject","go","gopher","graph","gtalk","h323","ham","hcap","hcp","http","https","hxxp","hxxps","hydrazone","hyper","iax","icap","icon","im","imap","info","iotdisco","ipfs","ipn","ipns","ipp","ipps","irc","irc6","ircs","iris","iris.beep","iris.lwz","iris.xpc","iris.xpcs","isostore","itms","jabber","jar","jms","keyparc","lastfm","lbry","ldap","ldaps","leaptofrogans","lorawan","lpa","lvlt","magnet","mailto","maps","market","matrix","message","microsoft.windows.camera","microsoft.windows.camera.multipicker","microsoft.windows.camera.picker","mid","mms","mongodb","moz","moz-extension","ms-access","ms-appinstaller","ms-browser-extension","ms-calculator","ms-drive-to","ms-enrollment","ms-excel","ms-eyecontrolspeech","ms-gamebarservices","ms-gamingoverlay","ms-getoffice","ms-help","ms-infopath","ms-inputapp","ms-lockscreencomponent-config","ms-media-stream-id","ms-meetnow","ms-mixedrealitycapture","ms-mobileplans","ms-newsandinterests","ms-officeapp","ms-people","ms-powerpoint","ms-project","ms-publisher","ms-remotedesktop-launch","ms-restoretabcompanion","ms-screenclip","ms-screensketch","ms-search","ms-search-repair","ms-secondary-screen-controller","ms-secondary-screen-setup","ms-settings","ms-settings-airplanemode","ms-settings-bluetooth","ms-settings-camera","ms-settings-cellular","ms-settings-cloudstorage","ms-settings-connectabledevices","ms-settings-displays-topology","ms-settings-emailandaccounts","ms-settings-language","ms-settings-location","ms-settings-lock","ms-settings-nfctransactions","ms-settings-notifications","ms-settings-power","ms-settings-privacy","ms-settings-proximity","ms-settings-screenrotation","ms-settings-wifi","ms-settings-workplace","ms-spd","ms-stickers","ms-sttoverlay","ms-transit-to","ms-useractivityset","ms-virtualtouchpad","ms-visio","ms-walk-to","ms-whiteboard","ms-whiteboard-cmd","ms-word","msnim","msrp","msrps","mss","mt","mtqp","mumble","mupdate","mvn","news","nfs","ni","nih","nntp","notes","num","ocf","oid","onenote","onenote-cmd","opaquelocktoken","openpgp4fpr","otpauth","palm","paparazzi","payment","payto","pkcs11","platform","pop","pres","proxy","psyc","pttp","pwid","qb","query","quic-transport","redis","rediss","reload","res","resource","rmi","rsync","rtmfp","rtmp","rtsp","rtsps","rtspu","sarif","secondlife","secret-token","service","session","sftp","sgn","shc","sieve","simpleledger","simplex","sip","sips","skype","smb","smp","sms","smtp","snmp","soap.beep","soap.beeps","soldat","spiffe","spotify","ssb","ssh","starknet","steam","stun","stuns","submit","svn","swh","swid","swidpath","tag","taler","teamspeak","tel","teliaeid","telnet","tftp","things","thismessage","tip","tn3270","tool","turn","turns","tv","udp","unreal","urn","ut2004","uuid-in-package","v-event","vemmi","ventrilo","ves","view-source","vnc","vscode","vscode-insiders","vsls","w3","wcr","web3","webcal","wifi","ws","wss","wtai","wyciwyg","xcon","xcon-userid","xfire","xmlrpc.beep","xmlrpc.beeps","xmpp","xri","ymsgr","z39.50r","z39.50s"];var N=16,u=e=>{if(!d(e))throw new TypeError(`Expected String but got ${w(e)}.`);let s=[];for(let i of e)s.push(`%${i.charCodeAt(0).toString(N).toUpperCase()}`);return s.join("")},v=e=>{if(d(e))if(/^%[\dA-F]{2}$/i.test(e))e=e.toUpperCase();else throw new Error(`${e} is not a URL encoded character.`);else throw new TypeError(`Expected String but got ${w(e)}.`);let[s,i,r,o,t,l]=["&","#","<",">",'"',"'"].map(u),c;return e===s?c=`${s}amp;`:e===r?c=`${s}lt;`:e===o?c=`${s}gt;`:e===t?c=`${s}quot;`:e===l?c=`${s}${i}39;`:c=e,c},X=e=>{if(!d(e))throw new TypeError(`Expected String but got ${w(e)}.`);let s=atob(e),i=Uint8Array.from([...s].map(t=>t.charCodeAt(0))),r=new Set([7,8,9,10,11,12,13,27]);for(let t=32;t<127;t++)r.add(t);for(let t=128;t<=255;t++)r.add(t);let o;return i.every(t=>r.has(t))?o=s.replace(/\s/g,u):o=e,o},S=class{#e;constructor(){this.#e=new Set(L)}get(){return[...this.#e]}has(s){return this.#e.has(s)}add(s){if(d(s)){if(/(?:java|vb)script/.test(s)||!/^[a-z][a-z0-9+\-.]*$/.test(s))throw new Error(`Invalid scheme: ${s}`)}else throw new TypeError(`Expected String but got ${w(s)}.`);return this.#e.add(s),[...this.#e]}remove(s){return this.#e.delete(s)}isURI(s){let i;if(d(s))try{let{protocol:r}=new URL(s),o=r.replace(/:$/,""),t=o.split("+");i=/^(?:ext|web)\+[a-z]+$/.test(o)||t.every(l=>this.#e.has(l))}catch{i=!1}return!!i}},T=class extends S{sanitize(s,i={allow:[],deny:[],escapeTags:!0}){let r;if(super.isURI(s)){let{allow:o,deny:t,escapeTags:l}=i??{},{href:c,pathname:D,protocol:M}=new URL(s),k=M.replace(/:$/,""),j=k.split("+"),x=new Map([["data",!1],["file",!1]]);if(Array.isArray(o)&&o.length){let m=Object.values(o);for(let a of m)d(a)&&(a=a.trim(),/(?:java|vb)script/.test(a)?x.set(a,!1):a&&x.set(a,!0))}if(Array.isArray(t)&&t.length){let m=Object.values(t);for(let a of m)d(a)&&(a=a.trim(),a&&x.set(a,!1))}let $;for(let[m,a]of x.entries())if($=a||k!==m&&j.every(U=>U!==m),!$)break;if($){let[m,a,U,Y,B]=["&","<",">",'"',"'"].map(u),z=/[<>"']/g,A=new RegExp(m,"g"),C=new RegExp(`(${a}|${U}|${Y}|${B})`,"g"),n,b=c;if(j.includes("data")){let[F,I]=D.split(","),q=F.split(";");if(q.pop()==="base64"){let p=X(I);if(p!==I){let E=/data:[^,]*;?base64,[\dA-Za-z+/\-_=]+/g;if(E.test(p)){let f=[],h=E.exec(p);do h&&f.push(h);while(h=E.exec(p));if(f.length)for(let g of f){let[y]=g,O=this.sanitize(y,{allow:["data"]});O&&(p=p.replace(y,O)),n=0}}else if(/data:[^,]*,/.test(p)&&!(l??!0)){let f=p.split(/data:[^,]*,/),h=f.length,g=1;for(;g<h;){let y=f[g].replace(C,v);p=p.replace(f[g],y),g++}n=0}b=`${k}:${q.join(";")},${p}`,l??!0?n=1:Number.isInteger(n)||(n=2)}else l??!0?n=1:n=2}else l??!0?n=1:n=2}else n=1;switch(n){case 1:r=b.replace(z,u).replace(A,v).replace(C,v);break;case 2:r=b.replace(z,u).replace(A,v);break;default:r=b.replace(z,u)}}}return r||null}},R=new T,P=e=>R.isURI(e),Z=async e=>await P(e),_=(e,s)=>R.sanitize(e,s??{allow:[],deny:[],escapeTags:!0}),G=async(e,s)=>await _(e,s);export{R as default,Z as isURI,P as isURISync,G as sanitizeURL,_ as sanitizeURLSync};
var w=e=>Object.prototype.toString.call(e).slice(8,-1),d=e=>typeof e=="string"||e instanceof String;var L=[7,8,9,10,11,12,13,27,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255];var P=["aaa","aaas","about","acap","acct","acd","acr","adiumxtra","adt","afp","afs","aim","amss","android","appdata","apt","ar","ark","attachment","aw","barion","beshare","bitcoin","bitcoincash","blob","bolo","browserext","cabal","calculator","callto","cap","cast","casts","chrome","chrome-extension","cid","coap","coaps","com-eventbrite-attendee","content","content-type","crid","cstr","cvs","dab","dat","data","dav","diaspora","dict","did","dis","dlna-playcontainer","dlna-playsingle","dns","dntp","doi","dpp","drm","dtmi","dtn","dvb","dvx","dweb","ed2k","eid","elsi","embedded","ens","ethereum","example","facetime","feed","feedready","fido","file","finger","first-run-pen-experience","fish","fm","ftp","fuchsia-pkg","geo","gg","git","gitoid","gizmoproject","go","gopher","graph","gtalk","h323","ham","hcap","hcp","http","https","hxxp","hxxps","hydrazone","hyper","iax","icap","icon","im","imap","info","iotdisco","ipfs","ipn","ipns","ipp","ipps","irc","irc6","ircs","iris","iris.beep","iris.lwz","iris.xpc","iris.xpcs","isostore","itms","jabber","jar","jms","keyparc","lastfm","lbry","ldap","ldaps","leaptofrogans","lorawan","lpa","lvlt","magnet","mailto","maps","market","matrix","message","microsoft.windows.camera","microsoft.windows.camera.multipicker","microsoft.windows.camera.picker","mid","mms","mongodb","moz","moz-extension","ms-access","ms-appinstaller","ms-browser-extension","ms-calculator","ms-drive-to","ms-enrollment","ms-excel","ms-eyecontrolspeech","ms-gamebarservices","ms-gamingoverlay","ms-getoffice","ms-help","ms-infopath","ms-inputapp","ms-lockscreencomponent-config","ms-media-stream-id","ms-meetnow","ms-mixedrealitycapture","ms-mobileplans","ms-newsandinterests","ms-officeapp","ms-people","ms-powerpoint","ms-project","ms-publisher","ms-remotedesktop-launch","ms-restoretabcompanion","ms-screenclip","ms-screensketch","ms-search","ms-search-repair","ms-secondary-screen-controller","ms-secondary-screen-setup","ms-settings","ms-settings-airplanemode","ms-settings-bluetooth","ms-settings-camera","ms-settings-cellular","ms-settings-cloudstorage","ms-settings-connectabledevices","ms-settings-displays-topology","ms-settings-emailandaccounts","ms-settings-language","ms-settings-location","ms-settings-lock","ms-settings-nfctransactions","ms-settings-notifications","ms-settings-power","ms-settings-privacy","ms-settings-proximity","ms-settings-screenrotation","ms-settings-wifi","ms-settings-workplace","ms-spd","ms-stickers","ms-sttoverlay","ms-transit-to","ms-useractivityset","ms-virtualtouchpad","ms-visio","ms-walk-to","ms-whiteboard","ms-whiteboard-cmd","ms-word","msnim","msrp","msrps","mss","mt","mtqp","mumble","mupdate","mvn","news","nfs","ni","nih","nntp","notes","num","ocf","oid","onenote","onenote-cmd","opaquelocktoken","openpgp4fpr","otpauth","palm","paparazzi","payment","payto","pkcs11","platform","pop","pres","proxy","psyc","pttp","pwid","qb","query","quic-transport","redis","rediss","reload","res","resource","rmi","rsync","rtmfp","rtmp","rtsp","rtsps","rtspu","sarif","secondlife","secret-token","service","session","sftp","sgn","shc","sieve","simpleledger","simplex","sip","sips","skype","smb","smp","sms","smtp","snmp","soap.beep","soap.beeps","soldat","spiffe","spotify","ssb","ssh","starknet","steam","stun","stuns","submit","svn","swh","swid","swidpath","tag","taler","teamspeak","tel","teliaeid","telnet","tftp","things","thismessage","tip","tn3270","tool","turn","turns","tv","udp","unreal","urn","ut2004","uuid-in-package","v-event","vemmi","ventrilo","ves","view-source","vnc","vscode","vscode-insiders","vsls","w3","wcr","web3","webcal","wifi","ws","wss","wtai","wyciwyg","xcon","xcon-userid","xfire","xmlrpc.beep","xmlrpc.beeps","xmpp","xri","ymsgr","z39.50r","z39.50s"];var Z=16,u=e=>{if(!d(e))throw new TypeError(`Expected String but got ${w(e)}.`);let s=[];for(let r of e)s.push(`%${r.charCodeAt(0).toString(Z).toUpperCase()}`);return s.join("")},v=e=>{if(d(e))if(/^%[\dA-F]{2}$/i.test(e))e=e.toUpperCase();else throw new Error(`${e} is not a URL encoded character.`);else throw new TypeError(`Expected String but got ${w(e)}.`);let[s,r,i,a,o,l]=["&","#","<",">",'"',"'"].map(u),c;return e===s?c=`${s}amp;`:e===i?c=`${s}lt;`:e===a?c=`${s}gt;`:e===o?c=`${s}quot;`:e===l?c=`${s}${r}39;`:c=e,c},G=e=>{if(!d(e))throw new TypeError(`Expected String but got ${w(e)}.`);let s=atob(e),r=Uint8Array.from([...s].map(o=>o.charCodeAt(0))),i=new Set(L),a;return r.every(o=>i.has(o))?a=s.replace(/\s/g,u):a=e,a},T=class{#e;constructor(){this.#e=new Set(P)}get(){return[...this.#e]}has(s){return this.#e.has(s)}add(s){if(d(s)){if(/(?:java|vb)script/.test(s)||!/^[a-z][a-z0-9+\-.]*$/.test(s))throw new Error(`Invalid scheme: ${s}`)}else throw new TypeError(`Expected String but got ${w(s)}.`);return this.#e.add(s),[...this.#e]}remove(s){return this.#e.delete(s)}isURI(s){let r;if(d(s))try{let{protocol:i}=new URL(s),a=i.replace(/:$/,""),o=a.split("+");r=/^(?:ext|web)\+[a-z]+$/.test(a)||o.every(l=>this.#e.has(l))}catch{r=!1}return!!r}},S=class extends T{sanitize(s,r={allow:[],deny:[],escapeTags:!0}){let i;if(super.isURI(s)){let{allow:a,deny:o,escapeTags:l}=r??{},{href:c,pathname:M,protocol:Y}=new URL(s),k=Y.replace(/:$/,""),j=k.split("+"),y=new Map([["data",!1],["file",!1]]);if(Array.isArray(a)&&a.length){let m=Object.values(a);for(let t of m)d(t)&&(t=t.trim(),/(?:java|vb)script/.test(t)?y.set(t,!1):t&&y.set(t,!0))}if(Array.isArray(o)&&o.length){let m=Object.values(o);for(let t of m)d(t)&&(t=t.trim(),t&&y.set(t,!1))}let $;for(let[m,t]of y.entries())if($=t||k!==m&&j.every(U=>U!==m),!$)break;if($){let[m,t,U,B,F]=["&","<",">",'"',"'"].map(u),z=/[<>"']/g,A=new RegExp(m,"g"),C=new RegExp(`(${t}|${U}|${B}|${F})`,"g"),n,b=c;if(j.includes("data")){let[H,I]=M.split(","),q=H.split(";");if(q.pop()==="base64"){let p=G(I);if(p!==I){let E=/data:[^,]*;?base64,[\dA-Za-z+/\-_=]+/g;if(E.test(p)){let f=[],h=E.exec(p);do h&&f.push(h);while(h=E.exec(p));if(f.length){for(let g of f){let[x]=g,O=this.sanitize(x,{allow:["data"]});O&&(p=p.replace(x,O))}n=0}}else if(/data:[^,]*,/.test(p)&&!(l??!0)){let f=p.split(/data:[^,]*,/),h=f.length,g=1;for(;g<h;){let x=f[g].replace(C,v);p=p.replace(f[g],x),g++}n=0}b=`${k}:${q.join(";")},${p}`,l??!0?n=1:Number.isInteger(n)||(n=2)}else l??!0?n=1:n=2}else l??!0?n=1:n=2}else n=1;switch(n){case 1:i=b.replace(z,u).replace(A,v).replace(C,v);break;case 2:i=b.replace(z,u).replace(A,v);break;case 0:default:i=b.replace(z,u)}}}return i||null}},R=new S,_=e=>R.isURI(e),J=async e=>await _(e),D=(e,s)=>R.sanitize(e,s??{allow:[],deny:[],escapeTags:!0}),K=async(e,s)=>await D(e,s);export{R as default,J as isURI,_ as isURISync,K as sanitizeURL,D as sanitizeURLSync};
//# sourceMappingURL=url-sanitizer.min.js.map

8

package.json

@@ -27,3 +27,3 @@ {

"bundle-min": "esbuild --format=esm --platform=browser --outfile=./dist/url-sanitizer.min.js --bundle --minify --sourcemap ./index.js",
"doc": "documentation build src/mjs/uri-util.js -f md -o doc.md",
"char": "node ./modules/index char -i",
"include": "node ./modules/index include --dir=iana -i",

@@ -40,3 +40,2 @@ "lint": "eslint --fix .",

"csvtojson": "^2.0.10",
"documentation": "^14.0.1",
"esbuild": "^0.17.4",

@@ -51,9 +50,8 @@ "eslint": "^8.32.0",

"eslint-plugin-unicorn": "^45.0.2",
"jsdoc-to-markdown": "^8.0.0",
"mocha": "^10.2.0",
"npm-run-all": "^4.1.5",
"sinon": "^15.0.1",
"undici": "^5.15.1"
"undici": "^5.15.2"
},
"version": "0.2.2"
"version": "0.2.3"
}

43

README.md

@@ -20,3 +20,3 @@ # urlSanitizer

Or, download the source code from [Releases](https://github.com/asamuzaK/urlSanitizer/releases).
Or, download them from [Releases](https://github.com/asamuzaK/urlSanitizer/releases).

@@ -34,4 +34,4 @@ ## Usage

Sanitize the given URL.
* `data` and/or `file` schemes must be explicitly allowed.
* `javascript` and/or `vbscript` schemes can not be allowed.
* `data` and `file` schemes must be explicitly allowed.
* `javascript` and `vbscript` schemes can not be allowed.

@@ -41,3 +41,6 @@ ### Parameters

* `url` **[string][1]** URL input
* `opt` **[object][4]** options
* `opt` **[object][3]** options
* `opt.allow` **[Array][4]<[string][1]>** array of allowed schemes
* `opt.deny` **[Array][4]<[string][1]>** array of denied schemes
* `opt.escapeTags` **[boolean][2]** escape tags and quotes in data URL

@@ -91,4 +94,4 @@ Returns **[Promise][5]<[string][1]?>** sanitized URL, `null`able

Returns **[Promise][5]<[boolean][3]>** result
* Always `true` for `web+*` and/or `ext+*` schemes
Returns **[Promise][5]<[boolean][2]>** result
* Always `true` for `web+*` and `ext+*` schemes

@@ -121,3 +124,3 @@ ```javascript

Returns **[Array][2]<[string][1]>** array of registered URI schemes
Returns **[Array][4]<[string][1]>** array of registered URI schemes

@@ -137,3 +140,3 @@ ```javascript

Returns **[boolean][3]** result
Returns **[boolean][2]** result

@@ -151,3 +154,3 @@ ```javascript

Add a scheme to the list of URI schemes.
* `javascript` and/or `vbscript` schemes can not be registered. It throws.
* `javascript` and `vbscript` schemes can not be registered. It throws.

@@ -158,7 +161,13 @@ #### Parameters

Returns **[Array][2]<[string][1]>** array of registered URI schemes
Returns **[Array][4]<[string][1]>** array of registered URI schemes
```javascript
console.log(isURISync('foo'));
// -> false;
const res = urlSanitizer.add('foo');
// -> ['aaa', 'aaas', 'about', 'acap', 'acct', 'acd', ... 'foo', ...];
console.log(isURISync('foo'));
// -> true;
```

@@ -174,9 +183,15 @@

Returns **[boolean][3]** result
Returns **[boolean][2]** result
* `true` if the scheme is successfully removed, `false` otherwise.
```javascript
console.log(isURISync('aaa'));
// -> true;
const res1 = urlSanitizer.remove('aaa');
// -> true
console.log(isURISync('aaa'));
// -> false;
const res2 = urlSanitizer.remove('foo');

@@ -188,8 +203,8 @@ // -> false

[2]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Array
[2]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Boolean
[3]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Boolean
[3]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object
[4]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object
[4]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Array
[5]: https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Promise

13

src/mjs/uri-util.js

@@ -7,2 +7,3 @@ /**

import { getType, isString } from './common.js';
import textCharTable from '../lib/file/text-chars.json' assert { type: 'json' };
import uriSchemes from '../lib/iana/uri-schemes.json' assert { type: 'json' };

@@ -68,3 +69,2 @@

*
* @see {@link https://github.com/file/file/blob/master/src/encoding.c}
* @param {string} data - base64 data

@@ -79,9 +79,3 @@ * @returns {string} - parsed data / base64 data

const uint8arr = Uint8Array.from([...bin].map(c => c.charCodeAt(0)));
const textChars = new Set([0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x1b]);
for (let i = 0x20; i < 0x7f; i++) {
textChars.add(i);
}
for (let i = 0x80; i <= 0xff; i++) {
textChars.add(i);
}
const textChars = new Set(textCharTable);
let parsedData;

@@ -271,4 +265,4 @@ if (uint8arr.every(c => textChars.has(c))) {

}
type = 0;
}
type = 0;
}

@@ -317,2 +311,3 @@ } else if (/data:[^,]*,/.test(parsedData) &&

break;
case 0:
default:

@@ -319,0 +314,0 @@ sanitizedUrl = urlToSanitize.replace(regChars, getUrlEncodedString);

dist/url-sanitizer.js.map

Sorry, the diff of this file is not supported yet

dist/url-sanitizer.min.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc