How to use the xss.escapeAttrValue function in xss
To help you get started, we’ve selected a few xss examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
bs32g1038 / node-blog / client / libs / marked / index.ts View on Github 
onIgnoreTagAttr: (tag, name, value) => {
// 让 prettyprint 可以工作
if (tag === 'pre' && name === 'class') {
return name + '="' + jsxss.escapeAttrValue(value) + '"';
}
return '';
},
});onIgnoreTagAttr: function (tag, name, value, isWhiteAttr) {
if (tag == 'div' && name.substr(0, 5) === 'data-') {
// 通过内置的escapeAttrValue函数来对属性值进行转义
return name + '="' + xss.escapeAttrValue(value) + '"';
}
}
})onIgnoreTagAttr: function (tag, name, value, isWhiteAttr) {
// 让 prettyprint 可以工作
if (tag === 'pre' && name === 'class') {
return name + '="' + jsxss.escapeAttrValue(value) + '"';
}
}
});onIgnoreTagAttr: (tag: any, name: any, value: any, isWhiteAttr: any) => {
// 让 prettyprint 可以工作
if (tag === 'pre' && name === 'class') {
return name + '="' + jsxss.escapeAttrValue(value) + '"';
}
return '';
}
});onIgnoreTagAttr: (tag, name, value, isWhiteAttr) => {
// 让 prettyprint 可以工作
if (tag === 'pre' && name === 'class') {
return name + '="' + jsxss.escapeAttrValue(value) + '"'
}
}
})onIgnoreTagAttr: function (tag, name, value, isWhiteAttr) {
if (tag == 'div' && name.substr(0, 5) === 'data-') {
// 通过内置的escapeAttrValue函数来对属性值进行转义
return name + '="' + xss.escapeAttrValue(value) + '"';
}
}
})onIgnoreTagAttr: function (tag, name, value, isWhiteAttr) {
if (tag == 'div' && name.substr(0, 5) === 'data-') {
// 通过内置的escapeAttrValue函数来对属性值进行转义
return name + '="' + xss.escapeAttrValue(value) + '"';
}
}
});onIgnoreTagAttr: (tag: any, name: any, value: any) => {
// 让 prettyprint 可以工作
if (tag === 'pre' && name === 'class') {
return name + '="' + jsxss.escapeAttrValue(value) + '"';
}
return '';
},
});function attr(name, value) {
if (value) {
return `${name}="${xss.escapeAttrValue(value)}"`;
}
return name;
}public sanitizeUrl(value: string): string {
const protocol = this._trim(value.substring(0, value.indexOf(':')));
if (
!(
value === '/' ||
value === '#' ||
value[0] === '#' ||
this.allowedProtocols.indexOf(protocol.toLowerCase()) > -1
)
) {
return '';
} else {
return xss.escapeAttrValue(value);
}
}xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
