Permalink
Show file tree
Hide file tree
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Added Text Attribute
To help combat XSS attackes the text attribute will add text only to elements rather than html
- Loading branch information
Showing
9 changed files
with
134 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> | ||
| <html> | ||
| <head> | ||
| <title> json2html tests </title> | ||
|
|
||
| <!-- Add JSON2HTML --> | ||
| <script type="text/javascript" src="../json2html.js"></script> | ||
|
|
||
| </head> | ||
| <body> | ||
| <!-- Run the tests --> | ||
| <script type="text/javascript" src="test.nested.js"></script> | ||
| <script type="text/javascript" src="test.shorthand.js"></script> | ||
| <script type="text/javascript" src="test.escape.js"></script> | ||
| <script type="text/javascript" src="test.text.js"></script> | ||
| </body> | ||
| </html> |
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
|
|
||
| (function() { | ||
|
|
||
| //Test the handling of quoted strings | ||
| var test_data = [ | ||
| {"text":"<script>alert(0);</script> no alert"}, | ||
| {"text":"<strong>non highlighted</strong>"}, | ||
| {"text":"& (ampersand) : ' (single quote) : \" (double quote) "} | ||
| ]; | ||
|
|
||
| var transform = [ | ||
| {"<>":"div", "text":"${text}"}, | ||
| {"<>":"div","text":[ | ||
| {"<>":"span","text":"this shouldn't be rendered"} | ||
| ]}, | ||
| {"<>":"div", "text":function(){ | ||
| return(this.text); | ||
| }}, | ||
| {"<>":"div", "text":function(){ | ||
| return(["not rendered"]); | ||
| }} | ||
| ]; | ||
|
|
||
| var html = json2html.transform(test_data, transform); | ||
|
|
||
| document.write('<h1>Text Encoding Test</h1>'+ html); | ||
| })(); |