Permalink
Cannot retrieve contributors at this time
Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upGitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
| 'use strict' | |
| /** | |
| * XSS regex reference - taken from symantec | |
| * http://www.symantec.com/connect/articles/detection-sql-injection-and-cross-site-scripting-attacks | |
| */ | |
| const xssSimple = new RegExp('((%3C)|<)((%2F)|/)*[a-z0-9%]+((%3E)|>)', 'i') | |
| const xssImgSrc = new RegExp('((%3C)|<)((%69)|i|(%49))((%6D)|m|(%4D))((%67)|g|(%47))[^\n]+((%3E)|>)', 'i') | |
| function isXss (value) { | |
| return xssSimple.test(value) || xssImgSrc.test(value) | |
| } | |
| module.exports = isXss |