xss - npm Package Compare versions

Comparing version 0.1.6 to 0.1.7

lib/default.js

@@ -10,2 +10,30 @@ /**
 var whiteList = {
+  a:      ['target', 'href', 'title'],
+  abbr:   ['title'],
+  address: [],
+  area:   ['shape', 'coords', 'href', 'alt'],
+  article: [],
+  aside:  [],
+  audio:  ['autoplay', 'controls', 'loop', 'preload', 'src'],
+  b:      [],
+  bdi:    ['dir'],
+  bdo:    ['dir'],
+  big:    [],
+  blockquote: ['cite'],
+  br:     [],
+  caption: [],
+  center: [],
+  cite:   [],
+  code:   [],
+  col:    ['align', 'valign', 'span', 'width'],
+  colgroup: ['align', 'valign', 'span', 'width'],
+  dd:     [],
+  del:    ['datetime'],
+  details: ['open'],
+  div:    [],
+  dl:     [],
+  dt:     [],
+  em:     [],
+  font:   ['color', 'size', 'face'],
+  footer: [],
   h1:     [],
@@ -17,32 +45,28 @@ h2:     [],
   h6:     [],
+  header: [],
   hr:     [],
-  span:   [],
-  strong: [],
-  b:      [],
   i:      [],
-  br:     [],
-  p:      [],
-  pre:    [],
-  code:   [],
-  a:      ['target', 'href', 'title'],
   img:    ['src', 'alt', 'title', 'width', 'height'],
-  div:    [],
-  table:  ['width', 'border'],
-  tr:     ['rowspan'],
-  td:     ['width', 'colspan'],
-  th:     ['width', 'colspan'],
-  tbody:  [],
-  thead:  [],
-  ul:     [],
+  ins:    ['datetime'],
   li:     [],
+  mark:   [],
+  nav:    [],
   ol:     [],
-  dl:     [],
-  dt:     [],
-  em:     [],
-  cite:   [],
+  p:      [],
+  pre:    [],
+  s:      [],
   section:[],
-  header: [],
-  footer: [],
-  blockquote: [],
-  audio:  ['autoplay', 'controls', 'loop', 'preload', 'src'],
+  small:  [],
+  span:   [],
+  strong: [],
+  table:  ['width', 'border', 'align', 'valign'],
+  tbody:  ['align', 'valign'],
+  td:     ['width', 'colspan', 'align', 'valign'],
+  tfoot:  ['align', 'valign'],
+  th:     ['width', 'colspan', 'align', 'valign'],
+  thead:  ['align', 'valign'],
+  tr:     ['rowspan', 'align', 'valign'],
+  tt:     [],
+  u:      [],
+  ul:     [],
   video:  ['autoplay', 'controls', 'loop', 'preload', 'src', 'height', 'width']
@@ -49,0 +73,0 @@ };

package.json

 {
   "name": "xss",
   "main": "./lib/index.js",
-  "version": "0.1.6",
+  "version": "0.1.7",
   "description": "Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist. 根据白名单过滤HTML(防止XSS攻击)",
@@ -6,0 +6,0 @@ "author": "leizongmin <leizongmin@gmail.com> (http://ucdok.com)",

README.md

@@ -141,3 +141,3 @@ [![NPM version](https://badge.fury.io/js/xss.png)](http://badge.fury.io/js/xss)
 
-By specefing a `whiteList`, e.g. `{ 'tagName': [ 'attr-1', 'attr-2' ] }`. Tags
+By specifying a `whiteList`, e.g. `{ 'tagName': [ 'attr-1', 'attr-2' ] }`. Tags
 and attributes not in the whitelist would be filter out. For example:
@@ -162,3 +162,3 @@
 
-By specefing the handler function with `onTag`:
+By specifying the handler function with `onTag`:
 
@@ -183,3 +183,3 @@ ```JavaScript
 
-By specefing the handler function with `onTagAttr`:
+By specifying the handler function with `onTagAttr`:
 
@@ -200,3 +200,3 @@ ```JavaScript
 
-By specefing the handler function with `onIgnoreTag`:
+By specifying the handler function with `onIgnoreTag`:
 
@@ -214,3 +214,3 @@ ```JavaScript
 
-By specefing the handler function with `onIgnoreTagAttr`:
+By specifying the handler function with `onIgnoreTagAttr`:
 
@@ -227,3 +227,3 @@ ```JavaScript
 
-By specefing the handler function with `escapeHtml`. Following is the default
+By specifying the handler function with `escapeHtml`. Following is the default
 function **(Modification is not recommended)**:
@@ -239,3 +239,3 @@
 
-By specefing the handler function with `safeAttrValue`:
+By specifying the handler function with `safeAttrValue`:
 
@@ -400,4 +400,9 @@ ```JavaScript
 
-If you love the xss module, please send me a cup of coffee :)
+We made xss in our spare time because it's fun to build things. We hope you find it useful.
 
-[![Donate xss package](https://img.alipay.com/sys/personalprod/style/mc/btn-index.png)](https://me.alipay.com/leizongmin)
+If you like this package and want to support future development—or just say thank you, **please consider making a donation of $5, $10 or $20** (or whatever you can afford) to help us continue to improve it.
+
+[![Donate xss package by PayPal](https://raw.github.com/deweyapp/deweyapp/master/docs/images/donate.png)]
+(https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=leizongmin%40qq%2ecom&lc=US&no_note=0&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHostedGuest)
+
+[![Donate xss package by Alipay](https://img.alipay.com/sys/personalprod/style/mc/btn-index.png)](https://me.alipay.com/leizongmin)

README.zh.md

@@ -17,3 +17,3 @@ [![NPM version](https://badge.fury.io/js/xss.png)](http://badge.fury.io/js/xss)
 `xss`是一个用于对用户输入的内容进行过滤，以避免遭受XSS攻击的模块
-（[什么是XSS攻击？](http://baike.baidu.com/view/2161269.htm)）。只要用于论坛、博客、网上商店等等一些可允许用户录入页面排版、
+（[什么是XSS攻击？](http://baike.baidu.com/view/2161269.htm)）。主要用于论坛、博客、网上商店等等一些可允许用户录入页面排版、
 格式控制相关的HTML的场景，`xss`模块通过白名单来控制允许的标签及相关的标签属性，
@@ -384,1 +384,4 @@ 另外还提供了一系列的接口以便用户扩展，比其他同类模块更为灵活。
 [![捐赠xss模块](https://img.alipay.com/sys/personalprod/style/mc/btn-index.png)](https://me.alipay.com/leizongmin)
+
+[![Donate xss package by PayPal](https://raw.github.com/deweyapp/deweyapp/master/docs/images/donate.png)]
+(https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=leizongmin%40qq%2ecom&lc=US&no_note=0&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHostedGuest)

No alert changes

Improved metrics

Total package byte prevSize

202408

increased by0.73%

Lines of code

2088

increased by1.16%

Number of lines in readme file

401

increased by1.26%

No dependency changes