1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 | declare module "xss" {
|
8 | global {
|
9 | function filterXSS(html: string, options?: IFilterXSSOptions): string;
|
10 |
|
11 | namespace XSS {
|
12 | export interface IFilterXSSOptions {
|
13 | allowList?: IWhiteList;
|
14 | whiteList?: IWhiteList;
|
15 | onTag?: OnTagHandler;
|
16 | onTagAttr?: OnTagAttrHandler;
|
17 | onIgnoreTag?: OnTagHandler;
|
18 | onIgnoreTagAttr?: OnTagAttrHandler;
|
19 | safeAttrValue?: SafeAttrValueHandler;
|
20 | escapeHtml?: EscapeHandler;
|
21 | stripIgnoreTag?: boolean;
|
22 | stripIgnoreTagBody?: boolean | string[];
|
23 | allowCommentTag?: boolean;
|
24 | stripBlankChar?: boolean;
|
25 | singleQuotedAttributeValue?: boolean;
|
26 | css?: {} | boolean;
|
27 | }
|
28 |
|
29 | interface IWhiteList extends Record<string, string[] | undefined> {
|
30 | a?: string[];
|
31 | abbr?: string[];
|
32 | address?: string[];
|
33 | area?: string[];
|
34 | article?: string[];
|
35 | aside?: string[];
|
36 | audio?: string[];
|
37 | b?: string[];
|
38 | bdi?: string[];
|
39 | bdo?: string[];
|
40 | big?: string[];
|
41 | blockquote?: string[];
|
42 | br?: string[];
|
43 | caption?: string[];
|
44 | center?: string[];
|
45 | cite?: string[];
|
46 | code?: string[];
|
47 | col?: string[];
|
48 | colgroup?: string[];
|
49 | dd?: string[];
|
50 | del?: string[];
|
51 | details?: string[];
|
52 | div?: string[];
|
53 | dl?: string[];
|
54 | dt?: string[];
|
55 | em?: string[];
|
56 | figure?: string[];
|
57 | figcaption?: string[];
|
58 | font?: string[];
|
59 | footer?: string[];
|
60 | h1?: string[];
|
61 | h2?: string[];
|
62 | h3?: string[];
|
63 | h4?: string[];
|
64 | h5?: string[];
|
65 | h6?: string[];
|
66 | header?: string[];
|
67 | hr?: string[];
|
68 | i?: string[];
|
69 | img?: string[];
|
70 | ins?: string[];
|
71 | li?: string[];
|
72 | mark?: string[];
|
73 | nav?: string[];
|
74 | ol?: string[];
|
75 | p?: string[];
|
76 | pre?: string[];
|
77 | s?: string[];
|
78 | section?: string[];
|
79 | small?: string[];
|
80 | span?: string[];
|
81 | sub?: string[];
|
82 | sup?: string[];
|
83 | strong?: string[];
|
84 | strike?: string[];
|
85 | summary?: string[];
|
86 | table?: string[];
|
87 | tbody?: string[];
|
88 | td?: string[];
|
89 | tfoot?: string[];
|
90 | th?: string[];
|
91 | thead?: string[];
|
92 | tr?: string[];
|
93 | tt?: string[];
|
94 | u?: string[];
|
95 | ul?: string[];
|
96 | video?: string[];
|
97 | }
|
98 |
|
99 | type OnTagHandler = (
|
100 | tag: string,
|
101 | html: string,
|
102 | options: {
|
103 | sourcePosition?: number;
|
104 | position?: number;
|
105 | isClosing?: boolean;
|
106 | isWhite?: boolean;
|
107 | }
|
108 | ) => string | void;
|
109 |
|
110 | type OnTagAttrHandler = (
|
111 | tag: string,
|
112 | name: string,
|
113 | value: string,
|
114 | isWhiteAttr: boolean
|
115 | ) => string | void;
|
116 |
|
117 | type SafeAttrValueHandler = (
|
118 | tag: string,
|
119 | name: string,
|
120 | value: string,
|
121 | cssFilter: ICSSFilter
|
122 | ) => string;
|
123 |
|
124 | type EscapeHandler = (str: string) => string;
|
125 |
|
126 | interface ICSSFilter {
|
127 | process(value: string): string;
|
128 | }
|
129 | }
|
130 | }
|
131 | export interface IFilterXSSOptions extends XSS.IFilterXSSOptions {}
|
132 |
|
133 | export interface IWhiteList extends XSS.IWhiteList {}
|
134 |
|
135 | export type OnTagHandler = XSS.OnTagHandler;
|
136 |
|
137 | export type OnTagAttrHandler = XSS.OnTagAttrHandler;
|
138 |
|
139 | export type SafeAttrValueHandler = XSS.SafeAttrValueHandler;
|
140 |
|
141 | export type EscapeHandler = XSS.EscapeHandler;
|
142 |
|
143 | export interface ICSSFilter extends XSS.ICSSFilter {}
|
144 |
|
145 | export function StripTagBody(
|
146 | tags: string[],
|
147 | next: () => void
|
148 | ): {
|
149 | onIgnoreTag(
|
150 | tag: string,
|
151 | html: string,
|
152 | options: {
|
153 | position: number;
|
154 | isClosing: boolean;
|
155 | }
|
156 | ): string;
|
157 | remove(html: string): string;
|
158 | };
|
159 |
|
160 | export class FilterXSS {
|
161 | constructor(options?: IFilterXSSOptions);
|
162 | process(html: string): string;
|
163 | }
|
164 |
|
165 | export function filterXSS(html: string, options?: IFilterXSSOptions): string;
|
166 | export function parseTag(
|
167 | html: string,
|
168 | onTag: (
|
169 | sourcePosition: number,
|
170 | position: number,
|
171 | tag: string,
|
172 | html: string,
|
173 | isClosing: boolean
|
174 | ) => string,
|
175 | escapeHtml: EscapeHandler
|
176 | ): string;
|
177 | export function parseAttr(
|
178 | html: string,
|
179 | onAttr: (name: string, value: string) => string
|
180 | ): string;
|
181 | export const whiteList: IWhiteList;
|
182 | export function getDefaultWhiteList(): IWhiteList;
|
183 | export const onTag: OnTagHandler;
|
184 | export const onIgnoreTag: OnTagHandler;
|
185 | export const onTagAttr: OnTagAttrHandler;
|
186 | export const onIgnoreTagAttr: OnTagAttrHandler;
|
187 | export const safeAttrValue: SafeAttrValueHandler;
|
188 | export const escapeHtml: EscapeHandler;
|
189 | export const escapeQuote: EscapeHandler;
|
190 | export const unescapeQuote: EscapeHandler;
|
191 | export const escapeHtmlEntities: EscapeHandler;
|
192 | export const escapeDangerHtml5Entities: EscapeHandler;
|
193 | export const clearNonPrintableCharacter: EscapeHandler;
|
194 | export const friendlyAttrValue: EscapeHandler;
|
195 | export const escapeAttrValue: EscapeHandler;
|
196 | export function onIgnoreTagStripAll(): string;
|
197 | export const stripCommentTag: EscapeHandler;
|
198 | export const stripBlankChar: EscapeHandler;
|
199 | export const attributeWrapSign: string;
|
200 | export const cssFilter: ICSSFilter;
|
201 | export function getDefaultCSSWhiteList(): ICSSFilter;
|
202 |
|
203 | const xss: (html: string, options?: IFilterXSSOptions) => string;
|
204 | export default xss;
|
205 | }
|