Open Joshuaweiss opened 5 years ago
Would also appreciate it if iframe
could be added as a valid key
It means iframe
is not in the default whitelist, you can try this way:
interface ICustomWhiteList extends XSS.IWhiteList {
iframe?: string[];
}
@leizongmin but it is defined as the type for the whiteList prop in IFilterXSSOptions so if you don't want to have the entire list of html tags there you should just have the whiteList prop as Record<string, string> and only have IWhiteList as the type for the defaultList only.
I have published a new version xss@1.0.9
including the following changes:
<summary>
to default whitelist #216 by @spacegaier<figure>
and <figcaption>
to default whitelist by @daraz999<audio crossorigin muted>
, <video crossorigin muted playsinline poster>
to default whitelist<strike>
to default whitelistonTag
options
It seems the TypeScript type IWhiteList is missing
iframe
as a valid key. Is this intentional?