Fix #775
This commit is contained in:
parent
5b86fb3187
commit
801d3d9be1
9
NEWS.md
9
NEWS.md
|
@ -1,3 +1,12 @@
|
|||
2018-10-21
|
||||
==========
|
||||
|
||||
The `sanitize-html` dependency has made a change that results in `"` no longer
|
||||
being replaced by `"` when not inside an HTML attribute value. This
|
||||
potentially breaks any chat filters matching quotes as `"` (on my
|
||||
particular instance, this seems to be quite rare). These filters will need to
|
||||
be updated in order to continue matching quotes.
|
||||
|
||||
2018-08-27
|
||||
==========
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"author": "Calvin Montgomery",
|
||||
"name": "CyTube",
|
||||
"description": "Online media synchronizer and chat",
|
||||
"version": "3.58.4",
|
||||
"version": "3.59.0",
|
||||
"repository": {
|
||||
"url": "http://github.com/calzoneman/sync"
|
||||
},
|
||||
|
|
|
@ -5,7 +5,7 @@ describe('XSS', () => {
|
|||
describe('sanitizeHTML', () => {
|
||||
it('behaves consistently w.r.t. special chars used in emotes', () => {
|
||||
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
|
||||
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
|
||||
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
|
||||
assert.strictEqual(XSS.sanitizeHTML(input), expected);
|
||||
});
|
||||
});
|
||||
|
|
Loading…
Reference in a new issue