omniscript-cli
Version:
OmniScript Format (OSF) CLI tools - Command-line interface for parsing, validating, and converting OSF documents
28 lines • 899 B
JavaScript
;
// File: omniscript-core/cli/src/utils/sanitize.ts
// What: Input sanitization utilities for rendering
// Why: Defense-in-depth for XSS prevention
// Related: renderers/html.ts
Object.defineProperty(exports, "__esModule", { value: true });
exports.sanitizeAlignment = sanitizeAlignment;
exports.sanitizeCssClass = sanitizeCssClass;
/**
* Sanitize alignment value for inline CSS
* Defense-in-depth: validates even though parser should ensure correctness
*/
function sanitizeAlignment(align) {
if (align === 'center' || align === 'right') {
return align;
}
return 'left'; // safe default
}
/**
* Sanitize CSS class name to prevent injection
*/
function sanitizeCssClass(className) {
if (!className)
return '';
// Only allow alphanumeric, dash, underscore
return className.replace(/[^a-zA-Z0-9_-]/g, '');
}
//# sourceMappingURL=sanitize.js.map