MCPcopy Index your code
hub / github.com/ionic-team/ionic-framework / sanitizeElement

Function sanitizeElement

core/src/utils/sanitization/index.ts:97–154  ·  view source on GitHub ↗
(element: any)

Source from the content-addressed store, hash-verified

95 */
96// TODO(FW-2832): type (using Element triggers other type errors as well)
97const sanitizeElement = (element: any) => {
98 // IE uses childNodes, so ignore nodes that are not elements
99 if (element.nodeType && element.nodeType !== 1) {
100 return;
101 }
102
103 /**
104 * If attributes is not a NamedNodeMap
105 * then we should remove the element entirely.
106 * This helps avoid DOM Clobbering attacks where
107 * attributes is overridden.
108 */
109 if (typeof NamedNodeMap !== 'undefined' && !(element.attributes instanceof NamedNodeMap)) {
110 element.remove();
111 return;
112 }
113
114 for (let i = element.attributes.length - 1; i >= 0; i--) {
115 const attribute = element.attributes.item(i);
116 const attributeName = attribute.name;
117
118 // remove non-allowed attribs
119 if (!allowedAttributes.includes(attributeName.toLowerCase())) {
120 element.removeAttribute(attributeName);
121 continue;
122 }
123
124 // clean up any allowed attribs
125 // that attempt to do any JS funny-business
126 const attributeValue = attribute.value;
127
128 /**
129 * We also need to check the property value
130 * as javascript: can allow special characters
131 * such as 	 and still be valid (i.e. java	script)
132 */
133 const propertyValue = element[attributeName];
134
135 /* eslint-disable */
136 if (
137 (attributeValue != null && attributeValue.toLowerCase().includes('javascript:')) ||
138 (propertyValue != null && propertyValue.toLowerCase().includes('javascript:'))
139 ) {
140 element.removeAttribute(attributeName);
141 }
142 /* eslint-enable */
143 }
144
145 /**
146 * Sanitize any nested children
147 */
148 const childElements = getElementChildren(element);
149
150 /* eslint-disable-next-line */
151 for (let i = 0; i < childElements.length; i++) {
152 sanitizeElement(childElements[i]);
153 }
154};

Callers 1

sanitizeDOMStringFunction · 0.85

Calls 1

getElementChildrenFunction · 0.85

Tested by

no test coverage detected