testit-js-commons 3.4.5 → 3.4.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -7,8 +7,8 @@ const NO_ESCAPE_HTML_ENV_VAR = 'NO_ESCAPE_HTML';
|
|
|
7
7
|
// Regex pattern to detect HTML tags
|
|
8
8
|
const HTML_TAG_PATTERN = /<\S.*?(?:>|\/>)/;
|
|
9
9
|
// Regex patterns to escape only non-escaped characters
|
|
10
|
-
const LESS_THAN_PATTERN =
|
|
11
|
-
const GREATER_THAN_PATTERN =
|
|
10
|
+
const LESS_THAN_PATTERN = /</;
|
|
11
|
+
const GREATER_THAN_PATTERN = />/;
|
|
12
12
|
/**
|
|
13
13
|
* Escapes HTML tags to prevent XSS attacks.
|
|
14
14
|
* First checks if the string contains HTML tags using regex pattern.
|
|
@@ -25,8 +25,8 @@ function escapeHtmlTags(text) {
|
|
|
25
25
|
return text; // No HTML tags found, return original string
|
|
26
26
|
}
|
|
27
27
|
// Use regex with negative lookbehind to escape only non-escaped characters
|
|
28
|
-
let result = text.replace(LESS_THAN_PATTERN, '
|
|
29
|
-
result = result.replace(GREATER_THAN_PATTERN, '
|
|
28
|
+
let result = text.replace(LESS_THAN_PATTERN, '<');
|
|
29
|
+
result = result.replace(GREATER_THAN_PATTERN, '>');
|
|
30
30
|
return result;
|
|
31
31
|
}
|
|
32
32
|
/**
|