File size: 1,198 Bytes
bc20498 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
/**
* Make a value safe for injection as a URL.
*
* This encodes unsafe characters with percent-encoding and skips already
* encoded sequences (see `normalizeUri`).
* Further unsafe characters are encoded as character references (see
* `micromark-util-encode`).
*
* A regex of allowed protocols can be given, in which case the URL is
* sanitized.
* For example, `/^(https?|ircs?|mailto|xmpp)$/i` can be used for `a[href]`, or
* `/^https?$/i` for `img[src]` (this is what `github.com` allows).
* If the URL includes an unknown protocol (one not matched by `protocol`, such
* as a dangerous example, `javascript:`), the value is ignored.
*
* @param {string | undefined} url
* URI to sanitize.
* @param {RegExp | null | undefined} [protocol]
* Allowed protocols.
* @returns {string}
* Sanitized URI.
*/
export function sanitizeUri(
url: string | undefined,
protocol?: RegExp | null | undefined
): string
/**
* Normalize a URL.
*
* Encode unsafe characters with percent-encoding, skipping already encoded
* sequences.
*
* @param {string} value
* URI to normalize.
* @returns {string}
* Normalized URI.
*/
export function normalizeUri(value: string): string
|