search

cure53 / DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
https://cure53.de/purify
Other
13.67k stars 698 forks source link

fix(purify): Remove unnecessary conditional expressions #848

Closed ssi02014 closed 1 year ago

ssi02014 commented 1 year ago

Summary

Hello 👋, @cure53

Node property "content" is not currently available. There's no need to conditionally check it, as it always returns undefined.

currentNode.content; // Always undefined
currentNode.content.firstElementChild; // Always undefined
(!_isNode(currentNode.content) || !_isNode(currentNode.content.firstElementChild)) // Always true

I went through all the NodeType listed in the documentation below. https://developer.mozilla.org/en-US/docs/Web/API/Node/nodeType

After fixing the code, the tests all passed, and I think it's safe to remove it from 3.x.

Tasks

Remove unnecessary conditional expressions

cure53 commented 1 year ago

This should be safe, let me do some checks and merge, thanks :slightly_smiling_face: