-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The xss() function was originally a port of the XSS filter from CodeIgniter. I added it to the library because there wasn't an alternative at the time. Unfortunately I don't have the time or expertise to maintain the XSS filter or keep merging upstream changes. If you need one for your app, I suggest looking at Caja sanitisation engine maintained by Google. (https://code.google.com/p/google-caja/ source/browse/trunk/src/com/google/caja/plugin/html-sanitizer.js) Closes #123, #138, #181, #206, #210, #221, #223, #226, #227, #231, #232
- Loading branch information
Showing
7 changed files
with
3 additions
and
482 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,7 +2,7 @@ | |
"description" : "Data validation, filtering and sanitization for node.js", | ||
"version" : "1.5.1", | ||
"homepage" : "http://github.com/chriso/node-validator", | ||
"keywords" : ["validator", "validation", "assert", "params", "sanitization", "xss", "entities", "sanitize", "sanitisation", "input"], | ||
"keywords" : ["validator", "validation", "assert", "params", "sanitization", "entities", "sanitize", "sanitisation", "input"], | ||
"author" : "Chris O'Hara <[email protected]>", | ||
"main" : "./lib", | ||
"directories" : { "lib" : "./lib" }, | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
2d5d699
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow, talk about a breaking change!
2d5d699
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you need this xss filter then you are doing it wrong. Good grief, glad this was removed.
2d5d699
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://github.com/theSmaw/Caja-HTML-Sanitizer this is an option for node