axios/lib/helpers/isValidXss.js at 960e1c879892ac6e1c83a798c06b9907e35ad2df - axios - Gitea: Git with a cup of tea

mirrors/axios

mirror of https://github.com/tenrok/axios.git synced 2026-06-05 16:42:32 +03:00

Files

T

Yasu Flores 841466416b Fix XSS logic that matched some valid urls (#2529 )

* Fix XSS logic that matched some valid urls, e.g. "/one/?foo=bar", when it shouldn't match those

2019-11-07 18:39:24 -08:00

8 lines

170 B

JavaScript

Raw Blame History

 'use strict';
 module.exports = function isValidXss(requestURL) {
   var xssRegex = /(\b)(on\w+)=|javascript|(<\s*)(\/*)script/gi;
   return xssRegex.test(requestURL);
 };