@library-pals/isbn 1.3.0 → 1.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/providers/librofm.js +26 -2
package/package.json
CHANGED
package/src/providers/librofm.js
CHANGED
|
@@ -102,8 +102,8 @@ export function formatDescription(description) {
|
|
|
102
102
|
description = description.replaceAll("<b>—</b>", "—");
|
|
103
103
|
// Remove bold tags and contents
|
|
104
104
|
description = description.replaceAll(/<b>.*?<\/b>/g, "");
|
|
105
|
-
//
|
|
106
|
-
description = description
|
|
105
|
+
// Strip HTML tags
|
|
106
|
+
description = stripHtmlTags(description);
|
|
107
107
|
// Trim
|
|
108
108
|
description = description.trim();
|
|
109
109
|
// Remove extra spaces
|
|
@@ -132,3 +132,27 @@ function extractGenres(text) {
|
|
|
132
132
|
|
|
133
133
|
return genres;
|
|
134
134
|
}
|
|
135
|
+
|
|
136
|
+
/**
|
|
137
|
+
* Encodes HTML special characters to prevent XSS attacks.
|
|
138
|
+
* @param {string} string - The string to encode.
|
|
139
|
+
* @returns {string} - The encoded string.
|
|
140
|
+
*/
|
|
141
|
+
function encodeHTML(string) {
|
|
142
|
+
return string
|
|
143
|
+
.replaceAll("&", "&")
|
|
144
|
+
.replaceAll("<", "<")
|
|
145
|
+
.replaceAll(">", ">")
|
|
146
|
+
.replaceAll('" ', "” ")
|
|
147
|
+
.replaceAll(' "', "“ ")
|
|
148
|
+
.replaceAll("'", "'");
|
|
149
|
+
}
|
|
150
|
+
|
|
151
|
+
/**
|
|
152
|
+
* Removes HTML tags from a string and encodes it to prevent XSS attacks.
|
|
153
|
+
* @param {string} string - The string from which to remove HTML tags.
|
|
154
|
+
* @returns {string} - The sanitized string without HTML tags.
|
|
155
|
+
*/
|
|
156
|
+
function stripHtmlTags(string) {
|
|
157
|
+
return encodeHTML(string.replaceAll(/<\/?[^>]+(>|$)/g, ""));
|
|
158
|
+
}
|