Refused to execute scrip

leizongmin / js-xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist

http://jsxss.com

Other

5.21k stars 628 forks source link

Refused to execute scrip #110

Closed GZWZC closed 7 years ago

GZWZC commented 7 years ago

i import xss.js in my html,

<script  src="https://raw.github.com/leizongmin/js-xss/master/dist/xss.js"></script>
<script>
// 使用函数名 filterXSS，用法一样
console.log(filterXSS('<a href="#" onclick="alert(/xss/)">click me</a>'));
</script>

chrome console Refused to execute script from 'https://raw.github.com/leizongmin/js-xss/master/dist/xss.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.

how sholud i do?

leizongmin commented 7 years ago

Please download the https://raw.github.com/leizongmin/js-xss/master/dist/xss.js on your local, and use <script src="xss.js"></script> to load the xss.js file.