Implement basic XSS filter

2013-10-31 00:39:35 -05:00 · 2013-10-31 00:39:35 -05:00 · 271a23cdad
commit 271a23cdad
parent bf014530f9
2 changed files with 187 additions and 0 deletions
--- a/tests/xss.js
+++ b/tests/xss.js
@ -0,0 +1,16 @@
+var sanitize = require('../lib/xss').sanitizeHTML;
+var assert = require('assert');
+
+function basicTest() {
+    assert(sanitize("<  script src   =  bad.js>blah</script>") ===
+                    "[tag removed]blah[tag removed]");
+
+    assert(sanitize("< img src=asdf onerror='alert(\"xss\")'>") ===
+                    "<img src=\"asdf\">");
+
+    assert(sanitize("<a href='javascript:alert(document.cookie)'>") === 
+                    "<a href=\":()\">");
+}
+
+basicTest();
+console.log("Tests passed.");