XssWhiteList.ts
1.0 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
//xss攻击白名单列表
export const options = {
whiteList: {
h1: ['style'],
h2: ['style'],
h3: ['style'],
h4: ['style'],
h5: ['style'],
h6: ['style'],
hr: ['style'],
span: ['style'],
strong: ['style'],
b: ['style'],
i: ['style'],
br: [],
p: ['style'],
pre: ['style'],
code: ['style'],
a: ['style', 'target', 'href', 'title', 'rel'],
img: ['style', 'src', 'title', 'width', 'height'],
div: ['style'],
table: ['style', 'width', 'border', 'height'],
tr: ['style'],
td: ['style', 'width', 'colspan'],
th: ['style', 'width', 'colspan'],
tbody: ['style'],
ul: ['style'],
li: ['style'],
ol: ['style'],
dl: ['style'],
dt: ['style'],
em: ['style'],
cite: ['style'],
section: ['style'],
header: ['style'],
footer: ['style'],
blockquote: ['style'],
audio: ['autoplay', 'controls', 'loop', 'preload', 'src'],
video: ['autoplay', 'controls', 'loop', 'preload', 'src', 'height', 'width'],
},
};