src/xssprotection.js
/**
* @module xssprotection
*/
/**
* Filters text from user input
* @param {string} text
* @returns {string}
*/
export function filterText (text) {
if (text) {
// escaping following guidelines from owasp.org
return text
.replace(/&/g, '&')
.replace(/</g, '<')
.replace(/>/g, '>')
.replace(/"/g, '"')
.replace(/'/g, ''')
.replace(/\//g, '/')
} else {
return text
}
}
/**
* Restores the text
* @param {string} text
* @returns {string}
*/
export function restoreText (text) {
if (text) {
return text
.replace(/&/g, '&')
.replace(/</g, '<')
.replace(/>/g, '>')
.replace(/"/g, '"')
.replace(/'/g, "'")
.replace(///g, '/')
} else {
return text
}
}