diff options
author | Christoph (Sheogorath) Kern | 2018-11-11 19:01:44 +0100 |
---|---|---|
committer | GitHub | 2018-11-11 19:01:44 +0100 |
commit | 2a8b56e14b482faa38e9661ad0aa8d208085c50e (patch) | |
tree | e911a754979092b1d820393d2fb9e6ea20509da3 /public/js/render.js | |
parent | a1211abd322746210904a52cf01f390621df723d (diff) | |
parent | c59b94a37b9d44f6c56b12f61cbfb80ff5f0db50 (diff) |
Merge pull request #1046 from SISheogorath/feature/optimizeXSS
Remove the xss library from webpack
Diffstat (limited to 'public/js/render.js')
-rw-r--r-- | public/js/render.js | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/public/js/render.js b/public/js/render.js index 23b8934e..ff5e2bf2 100644 --- a/public/js/render.js +++ b/public/js/render.js @@ -1,6 +1,8 @@ /* eslint-env browser, jquery */ -/* global filterXSS */ // allow some attributes + +var filterXSS = require('xss') + var whiteListAttr = ['id', 'class', 'style'] window.whiteListAttr = whiteListAttr // allow link starts with '.', '/' and custom protocol with '://', exclude link starts with javascript:// @@ -71,5 +73,6 @@ function preventXSS (html) { window.preventXSS = preventXSS module.exports = { - preventXSS: preventXSS + preventXSS: preventXSS, + escapeAttrValue: filterXSS.escapeAttrValue } |