xss - npm Package Compare versions

Comparing version 0.1.5 to 0.1.6

bin/xss

lib/default.js

		@@ -281,3 +281,3 @@ /**
		if (isRemoveAllTag) return true;
		return tags.indexOf(tag) !== -1;
		return (tags.indexOf(tag) !== -1);
		}
		@@ -294,3 +294,3 @@
		var end = options.position + ret.length;
		removeList.push([posStart \|\| options.position, end]);
		removeList.push([posStart !== false ? posStart : options.position, end]);
		posStart = false;
		@@ -297,0 +297,0 @@ return ret;

package.json

		{
		"name": "xss",
		"main": "./lib/index.js",
		"version": "0.1.5",
		"version": "0.1.6",
		"description": "Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist. 根据白名单过滤HTML(防止XSS攻击)",
		@@ -20,2 +20,5 @@ "author": "leizongmin <leizongmin@gmail.com> (http://ucdok.com)",
		},
		"dependencies": {
		"commander": "2.1.x"
		},
		"devDependencies": {
		@@ -27,2 +30,5 @@ "mocha": "1.8.2",
		},
		"bin": {
		"xss": "./bin/xss"
		},
		"scripts": {
		@@ -29,0 +35,0 @@ "blanket": {

README.md

		@@ -16,2 +16,4 @@ [![NPM version](https://badge.fury.io/js/xss.png)](http://badge.fury.io/js/xss)

		[中文版文档](https://github.com/leizongmin/js-xss/blob/master/README.zh.md)

		`xss` is a module used to filter input from users to prevent XSS attacks.
		@@ -62,6 +64,26 @@ ([What is XSS attack?](http://en.wikipedia.org/wiki/Cross-site_scripting))

		Run `node lib/cli.js` command in the source directary, them you can type HTML
		code in the command-line, and check the filtered output.
		Run the following command, them you can type HTML
		code in the command-line, and check the filtered output:

		```bash
		$ xss -t
		```

		## Command Line Tool

		You can use the xss command line tool to process a file. Usage:

		```bash
		xss -i <input_file> -o <output_file>
		```

		Example:

		```bash
		$ xss -i origin.html -o target.html
		```

		For more details, please run `$ xss -h` to see it.


		## Usages
		@@ -68,0 +90,0 @@

README.zh.md

		@@ -56,5 +56,9 @@ [![NPM version](https://badge.fury.io/js/xss.png)](http://badge.fury.io/js/xss)

		在源码目录执行命令： `node lib/cli.js` ，可在命令行中输入HTML代码，并看到过滤后的代码
		执行以下命令，可在命令行中输入HTML代码，并看到过滤后的代码：

		```bash
		$ xss -t
		```


		## 使用方法
		@@ -89,3 +93,19 @@

		### 使用命令行工具来对文件进行XSS处理

		可通过内置的 `xss` 命令来对输入的文件进行XSS处理。使用方法：

		```bash
		xss -i <源文件> -o <目标文件>
		```

		例：

		```bash
		$ xss -i origin.html -o target.html
		```

		详细命令行参数说明，请输入 `$ xss -h` 来查看。


		## 自定义过滤规则
		@@ -92,0 +112,0 @@

test/test_custom_method.js

		@@ -305,3 +305,22 @@ /**

		it('#stripIgnoreTag & stripIgnoreTagBody', function () {
		var source = '<script>alert(/xss/);</script>';
		var html = xss(source, {
		stripIgnoreTag: true,
		stripIgnoreTagBody: ['script']
		});
		console.log(html);
		assert.equal(html, '');
		});

		it('#stripIgnoreTag & stripIgnoreTagBody - 2', function () {
		var source = 'ooxx<script>alert(/xss/);</script>';
		var html = xss(source, {
		stripIgnoreTag: true,
		stripIgnoreTagBody: ['script']
		});
		console.log(html);
		assert.equal(html, 'ooxx');
		});

		});

Improved metrics