validator - npm Package Compare versions

Comparing version 0.4.5 to 0.4.6-1

lib/xss.js

@@ -191,11 +191,12 @@ //This module is adapted from the CodeIgniter framework
 
-//Filter Attributes - filters tag attributes for consistency and safety
 function filter_attributes(str) {
-    out = '';
-
-    str.replace(/\s*[a-z\-]+\s*=\s*(?:\042|\047)(?:[^\1]*?)\1/gi, function(m) {
-        $out += m.replace(/\/\*.*?\*\//g, '');
+    var comments = /\/\*.*?\*\//g;
+    return str.replace(/\s*[a-z-]+\s*=\s*'[^']*'/gi, function (m) {
+        return m.replace(comments, '');
+    }).replace(/\s*[a-z-]+\s*=\s*"[^"]*"/gi, function (m) {
+        return m.replace(comments, '');
+    }).replace(/\s*[a-z-]+\s*=\s*[^\s]+/gi, function (m) {
+        return m.replace(comments, '');
     });
+}
 
-    return out;
-}

package.json

 { "name"          : "validator",
   "description"   : "Data validation, filtering and sanitization for node.js",
-  "version"       : "0.4.5",
+  "version"       : "0.4.6-1",
   "homepage"      : "http://github.com/chriso/node-validator",
@@ -5,0 +5,0 @@ "keywords"      : ["validator", "validation", "assert", "params", "sanitization", "xss", "entities", "sanitize", "sanitisation", "input"],

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

107764

increased by0.11%

Lines of code

2206

increased by0.09%

No dependency changes