diff --git a/examples/example.ipynb b/examples/example.ipynb index 1c9c88a..7b95053 100644 --- a/examples/example.ipynb +++ b/examples/example.ipynb @@ -2,15 +2,15 @@ "cells": [ { "cell_type": "code", - "execution_count": 2, - "id": "5f41eab9-0fc3-43eb-add1-18f9ad56dc14", + "execution_count": 1, + "id": "ca6cd635-e99a-499d-bca9-53e60c87fe4c", "metadata": {}, "outputs": [ { "name": "stdout", "output_type": "stream", "text": [ - "&ltscript&gtalert(";Bad.";);&lt/script&gt\n" + "<script>alert("Bad.");</script>\n" ] } ], diff --git a/pyproject.toml b/pyproject.toml index 2cf9102..a07e292 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "xss-shield" -version = "0.0.3" +version = "0.1.1" authors = [ { name="Gordon Zhang", email="jp20171211@163.com" }, ] diff --git a/src/xss_shield/__init__.py b/src/xss_shield/__init__.py index 1a07aa4..f4f614e 100644 --- a/src/xss_shield/__init__.py +++ b/src/xss_shield/__init__.py @@ -1,11 +1,10 @@ def escape(s: str) -> str: - s = s.replace('<', '<')\ + s = s.replace(';', ';')\ + .replace('<', '<')\ .replace('>', '>')\ - .replace('&', '&')\ .replace(' ', '-')\ .replace("'", "'")\ .replace('"', """)\ - .replace(';', ';')\ .replace('/', '/')\ return s