issues
search
leizongmin
/
js-xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
http://jsxss.com
Other
5.19k
stars
630
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
How to use this packages in typescript project.
#288
sheikharifulislam
opened
4 months ago
1
feat: single-quoted attribute value syntax support
#287
mdk000
closed
6 months ago
4
Is it possible to preserve case on attributes when filtering XSS?
#286
ok-martin
opened
6 months ago
0
Merge master
#285
robikosir
closed
10 months ago
0
How to see what tags are removed?
#284
Thomas-1985
opened
11 months ago
0
Doesn't sanitize "<p>abc<iframe//src=jAva	script:alert(3)>def</p>"
#283
LeanKhan
opened
1 year ago
0
How to whitelist cookies
#282
ashuorg
opened
1 year ago
0
a标签已经被加入到了白名a: ['class', 'href', 'target'],但是href里面放入自定义协议,比如baidu360://efwefwfwe给过滤了,怎么办
#281
daweiyong
opened
1 year ago
1
img src processed to empty
#280
wcnjeusr
opened
1 year ago
2
feat: add <kbd> to default whitelist
#279
rayrny
closed
6 months ago
1
feat: Allow loading attribute on img
#278
maosmurf
closed
1 year ago
0
feat: Allow loading attribute on img
#277
maosmurf
closed
1 year ago
1
Support being imported by Node
#276
amjmhs
opened
1 year ago
0
The href content in a tag is 'data: image', which is not processed
#275
qsy0213
opened
1 year ago
0
Cannot create xss instance with options ^1.0.14
#274
quoctienkt
opened
1 year ago
0
Links in href/src needs a protocol, but not in url(), why ?
#273
sky0matic
opened
1 year ago
0
chore: fix typo
#272
shigma
closed
1 year ago
0
Ignore greater or less than symbol?
#271
iamsarthakjoshi
opened
1 year ago
1
feat: Add <kbd> tag to default whitelist
#270
rayrny
closed
1 year ago
3
Fix slashes as separators.
#269
hensleysecurity
opened
1 year ago
2
whiteList fails when using slashes to separate tag attributes (PR included)
#268
hensleysecurity
opened
1 year ago
0
Escaping attribute does not work sufficient
#267
djschilling
opened
1 year ago
1
I would like to know why all styles need to be whitelisted by configuration before they are not filtered?
#266
XiaoRIGE
opened
1 year ago
0
At v1.0.14 stripIgnoreTag behavior changed
#265
BlakeStearman
opened
1 year ago
1
src with blob:... is removed
#264
tungnat97
opened
2 years ago
1
video标签过滤后source标签丢失
#263
wangkemin
opened
2 years ago
2
fix: problem with not closed tag
#262
slawiko
closed
2 years ago
2
fix: add `allowList` to types
#261
metonym
closed
2 years ago
2
运算符 大于号>和小于号<不想被转码
#260
Cossey11111
opened
2 years ago
1
"invalid group specifier name" error in Safari after upgrade to 1.0.12
#259
scottohara
closed
2 years ago
7
add another site that extensively uses XSS
#258
williamstein
closed
2 years ago
0
fix: comment has encoded
#257
lumburr
closed
2 years ago
0
fix: whitelist match failure due to case ignoring
#256
lumburr
closed
2 years ago
0
fix: whitelist match failure due to case ignoring
#255
lumburr
closed
2 years ago
0
fix: example whiteList type error
#254
lumburr
closed
2 years ago
0
fix #245
#253
lumburr
closed
2 years ago
0
feat: add eslint:recommended check
#252
lumburr
closed
2 years ago
0
Confusing variable assignment - Eslint should be configured for this project
#251
ctaschereau
opened
2 years ago
2
可不可以设置一个黑名单除了黑名单里面的标签剩余都是白名单
#250
Lrunlin
opened
2 years ago
0
feat: add support for allowList as an alias for whiteList
#249
schu34
closed
2 years ago
6
单纯一份JS,如何设置css 为false?
#248
AceChen1
opened
2 years ago
2
whiteList does nothing
#247
chladnefazole
opened
2 years ago
1
fix(general): problem with double value in class
#246
sh4d0q
closed
2 years ago
1
class is wrong separated by attributes in method onTagAttr
#245
sh4d0q
closed
2 years ago
13
How can I remove [removed] text from stripIgnoreTagBody: ['script'] option?
#244
amjadaliup
opened
2 years ago
2
<vedio><source .... ></vedio> is not sanitised properly.
#243
UD-UD
opened
2 years ago
1
Question: is there a way to, when stripping tags, replace them with spaces?
#242
KayakinKoder
opened
2 years ago
1
new line characters filtered out
#241
ittybittykitty
closed
2 years ago
1
一样的过滤选项及内容,开发环境和编译后的输出有区别,编译后的第一个标签的起始标签被转义了
#240
alvawu
opened
2 years ago
3
[Security] Fix ReDoS
#239
ready-research
closed
2 years ago
3
Next