search

leizongmin / js-xss

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
http://jsxss.com
Other
5.19k stars 630 forks source link

improve safeAttrValue function #236

Closed madneal closed 2 years ago

leizongmin commented 2 years ago

Hello, @madneal ,thanks for your pull request. For historical reasons, most of this module early days were run in ES5 environments, so new changes will try not to break this rule. Although this pull request makes the code more readable, I'm sorry it won't be accepted.

madneal commented 2 years ago

what if I remove const. It seems no problem with the usage of some and startsWith.

leizongmin commented 2 years ago

According to the MDN docs https://developer.mozilla.org/zh-CN/docs/Web/JavaScript/Reference/Global_Objects/String/startsWith Node.js was supported String.startsWith since v4.0.0, I think we cannot use this method.