How to use the xss.onIgnoreTag function in xss
To help you get started, we’ve selected a few xss examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
tianxiangbing / chat / socket / msg.js View on Github 
var IO = function(server) {
var io = sio.listen(server)
var users = {},
usocket = {};
var counter = 0;
var home = {};
var xss = require('xss');
var drawlist = ['杯子', '苹果', '香蕉', '花',"乌龟","大象","飞机","手枪","蛋糕","火车","椅子","桌子","大树"];
var quest = "";
var interval = null;
// 添加或更新白名单中的标签 标签名(小写) = ['允许的属性列表(小写)']
xss.whiteList['img'] = ['src'];
// 删除默认的白名单标签
delete xss.whiteList['div'];
// 自定义处理不在白名单中的标签
xss.onIgnoreTag = function(tag, html) {
// tag:当前标签名(小写),如:a
// html:当前标签的HTML代码,如:<a href="ooxx">
// 返回新的标签HTML代码,如果想使用默认的处理方式,不返回任何值即可
// 比如将标签替换为[removed]:return '[removed]';
// 以下为默认的处理代码:
return html.replace(//g, '>');
}
function Quest() {
//随机出题
outQuest();
//interval = setInterval(outQuest, 60000);
}
function outQuest() {
quest = drawlist[Math.floor(drawlist.length * Math.random())];</a>xss
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
