js-xss issues

How to use this packages in typescript project.

1

I want to use this package in my typescript project. How I will use this?

Is it possible to preserve case on attributes when filtering XSS?

Is there a way to preserve the case of whitelisted attributes when using `filterXSS`? Given this code: ```js const svgText = "" const WHITELIST = { svg: ['id', 'xmlns', 'viewBox',...

ok-martin

How to see what tags are removed?

Hi, Is there a way and if so how to see what attributes have been removed/escaped from the input string? I am thinking of a `removedElements` property or similar. I...

Thomas-1985

Doesn't sanitize "<p>abc<iframe//src=jAva&Tab;script:alert(3)>def</p>"

This particular HTML snippet would cause the alert to be executed. The library however, doesn't prevent this.

LeanKhan

How to whitelist cookies

How to whitelist cookies from encoding using xss lib?

ashuorg

a标签已经被加入到了白名a: ['class', 'href', 'target'],但是href里面放入自定义协议，比如baidu360://efwefwfwe给过滤了，怎么办

name: 'innerHTML', // xss白名单，可根据业务需求自己定制 value: `xss(_s(${directiveMeta.value}), { whiteList: { img: ['class', 'src', 'style', 'fileurl'], br: [], i: [], a: ['class', 'href', 'target'], span: ['class', 'style'], p: ['class'], font: ['style'], b:...

daweiyong