flip/DefinitelyTyped
1
0
Fork 0
mirror of https://github.com/FlipsideCrypto/DefinitelyTyped.git synced 2026-02-06 10:56:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
DefinitelyTyped/types/sanitize-html/sanitize-html-tests.ts
Piotr Błażejewicz (Peter Blazejewicz) 5a5534babc
🤖 Merge PR #47384 update(sanitize-html): v1.27 updates by @peterblazejewicz 
- `allowedIframeDomains` option
- `allowVulnerableTags` option
- default linter settings applied, removing linter errors
- `interface-name` exclusion left as inline option
- version bump

https://github.com/apostrophecms/sanitize-html/compare/1.22.0...1.27.4

Thanks!
2020-09-09 17:36:43 -04:00

64 lines
2.0 KiB
TypeScript
Raw Permalink Blame History

import sanitize = require('sanitize-html');
const options: sanitize.IOptions = {
allowedTags: sanitize.defaults.allowedTags.concat('h1', 'h2', 'img'),
allowedAttributes: {
a: sanitize.defaults.allowedAttributes['a'].concat('rel'),
img: ['src', 'height', 'width', 'alt', 'style']
},
allowedClasses: {
a: ['className'],
p: false,
},
allowedStyles: {
'*': {
color: [/^red$/],
background: [/^green$/],
'background-color': [/^#0000FF$/]
}
},
allowedIframeDomains: ['zoom.us'],
allowedIframeHostnames: ['www.youtube.com'],
allowedSchemesAppliedToAttributes: [ 'href', 'src', 'cite' ],
transformTags: {
a: sanitize.simpleTransform('a', { rel: 'nofollow' }),
img: (tagName: string, attribs: sanitize.Attributes) => {
const img = { tagName, attribs };
img.attribs['alt'] = 'transformed' ;
return img;
}
},
textFilter: (text, _) => text,
allowIframeRelativeUrls: false,
allowVulnerableTags: true,
exclusiveFilter(frame: sanitize.IFrame) {
return frame.tag === 'a' && !frame.text.trim();
},
allowedSchemesByTag: {
a: ['http', 'https']
},
allowProtocolRelative: false,
disallowedTagsMode: 'escape',
enforceHtmlBoundary: true,
};
sanitize.defaults.allowedAttributes; // $ExpectType { [index: string]: AllowedAttribute[]; }
sanitize.defaults.allowedSchemes; // $ExpectType string[]
sanitize.defaults.allowedSchemesAppliedToAttributes; // $ExpectType string[]
sanitize.defaults.allowedSchemesByTag; // $ExpectType { [index: string]: string[]; }
sanitize.defaults.allowedTags; // $ExpectType string[]
sanitize.defaults.allowProtocolRelative; // $ExpectType boolean
sanitize.defaults.disallowedTagsMode; // $ExpectType string
sanitize.defaults.enforceHtmlBoundary; // $ExpectType boolean
sanitize.defaults.selfClosing; // $ExpectType string[]
const unsafe = '<div><script>alert("hello");</script></div>';
let safe = sanitize(unsafe, options);
options.parser = {
decodeEntities: true
};
safe = sanitize(unsafe, options);
Reference in New Issue View Git Blame Copy Permalink