We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
xss-filters - Secure XSS Filters
In this example, the traditional wisdom of blindly escaping some special html entity characters (& < > ' " `) would not stop XSS (e.g., when url is equal to javascript:alert(1) or onclick=alert(1)).Figure 1. "Just sufficient" encoding based on the HTML5 spec.
xss output-filter sanitize sanitise escape encode filter context-aware context-sensitive security yahoostring.js - Extra JavaScript string methods.
string.js, or simply S is a lightweight (< 5 kb minified and gzipped) JavaScript library for the browser or for Node.js that provides extra String methods. Originally, it modified the String prototype. But I quickly learned that in JavaScript, this is considered poor practice.Personally, I prefer the cleanliness of the way code looks when it appears to be native methods. i.e. when you modify native JavaScript prototypes. However, if any app dependency required string.js, then the app's string prototype would be modified in every module. This could be troublesome. So I settled on creating a wrapper a la jQuery style. For those of you prototype hatin' fools, there is the method extendPrototype().
string strings string.js stringjs s csv html entities parse tags strip trim encode decode escape unescapetermbox - Library for writing text-based user interfaces
Termbox is a library that provides minimalistic API which allows the programmer to write text-based user interfaces.It is based on a very simple abstraction. The main idea is viewing terminals as a table of fixed-size cells and input being a stream of structured messages. Would be fair to say that the model is inspired by windows console API. The abstraction itself is not perfect and it may create problems in certain areas. The most sensitive ones are copy & pasting and wide characters (mostly Chinese, Japanese, Korean (CJK) characters). When it comes to copy & pasting, the notion of cells is not really compatible with the idea of text. And CJK runes often require more than one cell to display them nicely. Despite the mentioned flaws, using such a simple model brings benefits in a form of simplicity. And KISS principle is important.
termbox terminal term tty ansi escape colors consolejs-xss - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
sanitization xss sanitize sanitisation input security escape encode filter validator html injection whitelistvmware_escape - VMware Escape Exploit before VMware WorkStation 12.5.5
VMware Escape Exploit before VMware WorkStation 12.5.5
vmware escapexss-filters - Secure XSS Filters.
In this example, the traditional wisdom of blindly escaping some special html entity characters (& < > ' " `) would not stop XSS (e.g., when url is equal to javascript:alert(1) or onclick=alert(1)). Figure 1. "Just sufficient" encoding based on the HTML5 spec.
xss output-filter sanitize sanitise escape encode filter context-aware context-sensitive security yahoovoca - The ultimate JavaScript string library
The Voca library offers helpful functions to make string manipulations comfortable: change case, trim, pad, slugify, latinise, sprintf'y, truncate, escape and much more. The modular design allows to load the entire library, or individual functions to minimize the application builds. The library is fully tested, well documented and long-term supported. Voca can be used in various environments.
javascript-library string slugify sprintf truncate pad case trim latinise escape word wrap stripnode-charm - ansi control sequences for terminal cursor hopping and colors
Use ansi terminal characters to write colors and cursor positions.Charm objects pass along the data events from their input stream except for events generated from querying the terminal device.
terminal ansi cursor color console control escape sequencejsesc - Given some data, jsesc returns the shortest possible stringified & ASCII-safe representation of that data
For any input, jsesc generates the shortest possible valid printable-ASCII-only output. Here’s an online demo.jsesc’s output can be used instead of JSON.stringify’s to avoid mojibake and other encoding issues, or even to avoid errors when passing JSON-formatted data (which may contain U+2028 LINE SEPARATOR, U+2029 PARAGRAPH SEPARATOR, or lone surrogates) to a JavaScript parser or an UTF-8 encoder.
code-generation ecmascript stringify json ascii-safe unicode escape-sequences escape buffer map set string toolescape-goat - &🐐; Escape a string for use in HTML or the inverse
Tagged template literal that escapes interpolated values.Tagged template literal that unescapes interpolated values.
goats goat caprine escape html nodejs unescape entity entities escaping sanitize sanitization utility template attribute value interpolate xss 🐐terminal-image - Display images in the terminal
Works in any terminal that supports colors. In iTerm, the image will be displayed in full resolution, since iTerm has special image support.
terminal-image image cli-utility nodejs npm-package terminal term iterm shell console command-line img pic picture photo ansi escape jpg jpeg display show pixelssecure-handlebars - Handlebars Context Pre-compiler
Check out the latest slide deck, presented in the OWASP AppSec USA 2015.Imagine a template is written like so: <a href="{{url}}">{{url}}</a>. When it is compiled with an untrusted user data like {"url": "javascript:alert(666)"}, secure-handlebars automatically applies contextual escaping and generates the HTML <a href="x-javascript:alert(666)">javascript:alert(666)</a> as a result.
xss security escape encode filter context html5 handlebars parser precompilernode-term-css - style terminal output using CSS
Terminal CSS styling using node-css.term-css substitutes tokens with properties in the object passed, for example {name} will access { name: "tobi" }, whereas {labels.visits} will access { labels: { visits: 'Visits' } }.
css stylesheet term console ansi escapewidest-line - Get the visual width of the widest line in a string - the number of columns required to display it
Some Unicode characters are fullwidth and use double the normal width. ANSI escape codes are stripped and doesn't affect the width.Useful to be able to know the maximum width a string will take up in the terminal.
string str character char unicode width visual column columns fullwidth full-width full ansi escape codes cli command-line terminal console cjk chinese japanese korean fixed-widthstring-length - Get the real length of a string - by correctly counting astral symbols and ignoring ansi escape codes
Get the real length of a string - by correctly counting astral symbols and ignoring ansi escape codes
unicode string length size count astral symbol surrogates codepoints ansi escape codesstring-width - Get the visual width of a string - the number of columns required to display it
Some Unicode characters are fullwidth and use double the normal width. ANSI escape codes are stripped and doesn't affect the width.Useful to be able to measure the actual width of command-line output.
string str character char unicode width visual column columns fullwidth full-width full ansi escape codes cli command-line terminal console cjk chinese japanese korean fixed-widthsqlstring - Simple SQL escape and format for MySQL
Caution These methods of escaping values only works when the NO_BACKSLASH_ESCAPES SQL mode is disabled (which is the default state for MySQL servers).This looks similar to prepared statements in MySQL, however it really just uses the same SqlString.escape() method internally.
nodejs mysql sqlstring sql escape sql-escapewrap-ansi - Wordwrap a string with ANSI escape codes
Wrap words to the specified column width.String with ANSI escape codes. Like one styled by chalk.
wrap break wordwrap wordbreak linewrap ansi styles color colour colors terminal console cli string tty escape formatting rgb 256 shell xterm log logging command-line text
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
