51 lines
1.8 KiB
JavaScript
51 lines
1.8 KiB
JavaScript
/*
|
|
* NoScript - a Firefox extension for whitelist driven safe JavaScript execution
|
|
*
|
|
* Copyright (C) 2005-2021 Giorgio Maone <https://maone.net>
|
|
*
|
|
* SPDX-License-Identifier: GPL-3.0-or-later
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify it under
|
|
* the terms of the GNU General Public License as published by the Free Software
|
|
* Foundation, either version 3 of the License, or (at your option) any later
|
|
* version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
|
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with
|
|
* this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
var Entities = {
|
|
get htmlNode() {
|
|
delete this.htmlNode;
|
|
return this.htmlNode = document.implementation.createHTMLDocument("")
|
|
.createElement("body");
|
|
},
|
|
convert: function(e) {
|
|
try {
|
|
this.htmlNode.innerHTML = e;
|
|
var child = this.htmlNode.firstChild || null;
|
|
return child && child.nodeValue || e;
|
|
} catch(ex) {
|
|
return e;
|
|
}
|
|
},
|
|
convertAll: function(s) {
|
|
return s.replace(/[\\&][^<>]+/g, function(e) { return Entities.convert(e) });
|
|
},
|
|
convertDeep: function(s) {
|
|
for (var prev = null; (s = this.convertAll(s)) !== prev || (s = unescape(s)) !== prev; prev = s);
|
|
return s;
|
|
},
|
|
neutralize: function(e, whitelist) {
|
|
var c = this.convert(e);
|
|
return (c == e) ? c : (whitelist && whitelist.test(c) ? e : e.replace(";", ","));
|
|
},
|
|
neutralizeAll: function(s, whitelist) {
|
|
return s.replace(/&[\w#-]*?;/g, function(e) { return Entities.neutralize(e, whitelist || null); });
|
|
}
|
|
};
|