npm
Sign UpSign In

xss-test

0.0.1 • Public • Published

xss-test

NPM version build status Test coverage Gittip David deps node version npm download

A brief slogan.

foo/xss'"&#

[xss link](javascript:alert(2))

A thrilling description, it should let me know clearly:

  1. What can it do (and what cannot do)?
  2. Why is it my best choice?

Features

  • List core freatures here.
  • The less the better.
  • Make sure not more than 5.

Requirement

If your project must run in a paticular enviroment.

e.g.

node >= 0.11.14

or

  • IE6~10 ×
  • IE11 √
  • chrome √

Installation

How to install or download the project, show the installation steps or download links.

$ npm install xss-test

Quick start

A carefully prepared demo is indispensable!

It should:

  • Always works (believe me, it is not easy).
  • Easy to run, typically with default config.
  • Demostrate the core features.
  • Use code snippet, screenshot and video when necessary.
var xss-test = require('xss-test');
 
xss-test.foo(function (err) {
 
});

Cli options / Configs

-o, --option

Option description.

Default: default value

Give a code snippet if it's hard to understand

Subcommand(e.g. totoro config)

Subcommand description.

-s, --suboption

Suboption description.

Default: default value

API Reference

Class(config)

Class description.

  • config: description.
  • config.property: description.
Code snippet here

#classProperty

Property description.

#classMethod(param1, param2)

Method description.

  • param1: description.
  • param2: description.
Code snippet here

.objectProperty

Property description.

.objectMethod(param1, param2)

Method description.

  • param1: description.
  • param2: description.
Code snippet here

Contributing

Plain text or a link both be OK.

License

MIT

xss markdown

come from https://github.com/markdown-it/markdown-it/blob/master/test/fixtures/markdown-it/xss.txt

. normal link .

normal link

.

Should not allow some protocols in links and images

. [xss link](javascript:alert(1))

[xss link](JAVASCRIPT:alert(1))

[xss link](vbscript:alert(1))

[xss link](VBSCRIPT:alert(1))

[xss link](file:///123) .

[xss link](javascript:alert(1))

[xss link](JAVASCRIPT:alert(1))

[xss link](vbscript:alert(1))

[xss link](VBSCRIPT:alert(1))

[xss link](file:///123)

.

. xss link .

xss link

.

. [xss link](<javascript:alert(1)>) .

[xss link](<javascript:alert(1)>)

.

. [xss link](javascript:alert(1)) .

[xss link](javascript:alert(1))

.

Image parser use the same code base.

. ![xss link](javascript:alert(1)) .

![xss link](javascript:alert(1))

.

Autolinks

. <javascript:alert(1)>

<javascript:alert(1)> .

<javascript:alert(1)>

<javascript:alert(1)>

.

Linkifier

. javascript:alert(1)

javascript:alert(1) .

javascript:alert(1)

javascript:alert(1)

.

Readme

Keywords

Package Sidebar

Install

npm i xss-test

Repository

github.com/node-modules/xss-test

Homepage

github.com/node-modules/xss-test

Weekly Downloads

0

Version

0.0.1

License

MIT

Last publish

Collaborators

  • fengmk2
Try on RunKit
Report malware