Skip to content
This repository has been archived by the owner on Jul 15, 2019. It is now read-only.

Commit

Permalink
blacklist x-schema protocol
Browse files Browse the repository at this point in the history
  • Loading branch information
adon committed Jul 14, 2015
1 parent 4cdd9b8 commit a0e38b3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/xss-filters.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ exports._getPrivFilters = function () {
// Reference: http://shazzer.co.uk/database/All/Characters-after-javascript-uri
// Reference: https://html.spec.whatwg.org/multipage/syntax.html#consume-a-character-reference
// Reference for named characters: https://html.spec.whatwg.org/multipage/entities.json
var URI_BLACKLIST_PROTOCOLS = {'javascript':1, 'data':1, 'vbscript':1, 'mhtml':1},
var URI_BLACKLIST_PROTOCOLS = {'javascript':1, 'data':1, 'vbscript':1, 'mhtml':1, 'x-schema':1},
URI_PROTOCOL_COLON = /(?::|&#[xX]0*3[aA];?|&#0*58;?|:)/,
URI_PROTOCOL_WHITESPACES = /(?:^[\x00-\x20]+|[\t\n\r\x00]+)/g,
URI_PROTOCOL_NAMED_REF_MAP = {Tab: '\t', NewLine: '\n'};
Expand Down

0 comments on commit a0e38b3

Please sign in to comment.