search

leizongmin / js-xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
http://jsxss.com
Other
5.19k stars 630 forks source link

TypeScript error when using plain text example #208

Open jthomerson opened 3 years ago

jthomerson commented 3 years ago

When I use this code from your examples, I get the error "Type 'never[]' has no properties in common with type 'IWhiteList'.ts(2559)". It seems that the type of whiteList is actually IWhiteList.

Does the example need to be updated? Or the types?

import xss from 'xss';

export default function xssPlainTextOnly(input: string): string {
   // https://jsxss.com/en/examples/no_tag.html
   return xss(input, {
      whiteList: [], // do not allow any tags through
      stripIgnoreTag: true, // filter out all HTML not in the whilelist
      stripIgnoreTagBody: [ 'script' ], // filter out contents (body) of script tags
   });
}
cy6581 commented 3 years ago

Used whiteList: {} instead and it worked. It conforms to the expected type definition, and also the way the declare a whitelist as shown in the docs.

Seems like the example needs updating.