search

cure53 / DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
https://cure53.de/purify
Other
13.67k stars 698 forks source link

fix(purify): fix _createIterator #850

Closed ssi02014 closed 1 year ago

ssi02014 commented 1 year ago

Summary

Hello 👋, @cure53 I was looking at the _createIterator function and realized it had an unnecessary argument (false), so I did a fix-and-refactor.

https://developer.mozilla.org/en-US/docs/Web/API/Document/createNodeIterator https://dom.spec.whatwg.org/#dom-document-createnodeiterator

Even if you refer to the documentation above, the createNodeIterator function only requires 3 arguments: root, whatToShow, and filter.

스크린샷 2023-08-11 오전 3 52 40 https://github.com/microsoft/TypeScript/blob/main/src/lib/dom.generated.d.ts#L7160

Tasks

cure53 commented 1 year ago

This looks good me thinks, but let me do some manual testing - high risk change :sweat_smile:

ssi02014 commented 1 year ago

@cure53 Based on the specification, I don't think the last argument, "false", will make any difference in behavior, but it's worth checking.

Thanks!!!