rewrite constructor arguments, call DOMPurify, profit
Перейти к файлу
dependabot[bot] de72a7503a
Bump eslint-plugin-jsdoc from 48.2.12 to 48.4.0 (#322)
Bumps [eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) from 48.2.12 to 48.4.0.
- [Release notes](https://github.com/gajus/eslint-plugin-jsdoc/releases)
- [Changelog](https://github.com/gajus/eslint-plugin-jsdoc/blob/main/.releaserc)
- [Commits](https://github.com/gajus/eslint-plugin-jsdoc/compare/v48.2.12...v48.4.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-jsdoc
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-01 12:59:06 +02:00
.github
demo
src
.eslintrc.json
.gitignore
.prettierignore
CODE_OF_CONDUCT.md
LICENSE
README.md
SECURITY.md
package-lock.json
package.json
rollup.config.browser-min.js
rollup.config.browser.js
rollup.config.cjs.js
rollup.config.esm.js

README.md

Polyfill for the Sanitizer API specification.

Usage

The Sanitizer API is still under heavy development. We do not recommend relying on the polyfill for stability and can not fully promise the same security guarantees as the finished API will.

About

The polyfill might provide a shim on top of DOMPurify, that mainly rewrites the specified configuration object into a DOMPurify configuration.

DOMPurify is more interesting than other libraries, as it relies on the current browser's HTML parsing behavior (it is built on top of the NodeIterator interface).

Demo

There's a Demo page that loads all of the polyfill scripts and then does nothing. By default, the polyfill will bail out if you already have a Sanitizer object defined. But that can be easily overridden by clicking the .

It might useful to test Element.setHTML