mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-30 20:39:39 +02:00
14 lines
434 B
JavaScript
14 lines
434 B
JavaScript
// Cross-file sanitizer: delegates to the `xss` library, which is a
|
|||
// registered HTML_ESCAPE sanitiser in the JS label rules. The
|
|||
// wrapping function itself is user-defined, so resolution must go
|
|||
// through either the cross-file SSA summary (StripBits(HTML_ESCAPE))
|
|||
// or the cross-file inline path to clear the taint.
|
|||
|
|||
const xss = require('xss');
|
|||
|
|||
function xssSafe(s) {
|
|||
return xss(String(s));
|
|||
}
|
|||
|
|||
module.exports = { xssSafe };
|