Merge pull request #7 from yahoo/no-browserify-for-min-js

No browserify for min js
YahooArchive · Feb 25, 2015 · 908180a · 908180a
2 parents 7719da6 + 4f7c01b
commit 908180a
Show file tree

Hide file tree

Showing 10 changed files with 369 additions and 1,398 deletions.
diff --git a/Gruntfile.js b/Gruntfile.js
@@ -12,7 +12,9 @@ module.exports = function(grunt) {
       options: {
         scripturl: true,
         camelcase: true,
-        unused: true
+        unused: true,
+        curly: true,
+        node: true
       }
     },
     jsdoc : {
@@ -41,18 +43,28 @@ module.exports = function(grunt) {
         banner: '/**\n'
               + ' * <%= pkg.name %> - v<%= pkg.version %>\n'
               + ' * Yahoo! Inc. Copyrights licensed under the New BSD License. See the accompanying LICENSE file for terms.\n'
-              + ' */\n'
+              + ' */\n',
+        compress: {
+          join_vars: true
+        }
       },
-      build: {
+      buildBrowserified: {
         src: 'dist/<%= pkg.name %>.js',
+        dest: 'dist/<%= pkg.name %>.js'
+      },
+      buildMin: {
+        options: {
+          wrap: 'xssFilters'
+        },
+        src: 'src/<%= pkg.name %>.js',
         dest: 'dist/<%= pkg.name %>.min.js'
-      }
-    },
-    copy: {
-      buildFile: {
-        files: [
-          { dest: 'dist/<%= pkg.name %>.<%= pkg.version %>.min.js', src: 'dist/<%= pkg.name %>.min.js'}
-        ]
+      },
+      buildMinWithVersion: {
+        options: {
+          wrap: 'xssFilters'
+        },
+        src: 'src/<%= pkg.name %>.js',
+        dest: 'dist/<%= pkg.name %>.<%= pkg.version %>.min.js'
       }
     },
     mocha_istanbul: {
@@ -69,7 +81,7 @@ module.exports = function(grunt) {
       }
     },
     clean: {
-      all: ['dist', 'artifacts', 'node_modules']
+      all: ['artifacts', 'node_modules', 'bower_components']
     }
   });
 
@@ -78,11 +90,10 @@ module.exports = function(grunt) {
   grunt.loadNpmTasks('grunt-contrib-uglify');
   grunt.loadNpmTasks('grunt-contrib-jshint');
   grunt.loadNpmTasks('grunt-contrib-clean');
-  grunt.loadNpmTasks('grunt-contrib-copy');
   grunt.loadNpmTasks('grunt-jsdoc');
 
   grunt.registerTask('test', ['jshint', 'mocha_istanbul']);
-  grunt.registerTask('dist', ['browserify', 'uglify', 'copy:buildFile'])
+  grunt.registerTask('dist', ['browserify', 'uglify'])
   grunt.registerTask('docs', ['jsdoc']);
   grunt.registerTask('default', ['test', 'dist']);
 

diff --git a/README.md b/README.md
@@ -6,10 +6,7 @@ Secure XSS Filters
 
 - **More Secure.** Context-dependent output filters that are developer-friendly. It is safe to apply these filters like so: 
 
-  ```javascript
-el.innerHTML = "<a href=" + xssFilters.uriInUnquotedAttr(url) + ">" 
-                 + xssFilters.uriInHTMLData(url) + "</a>";
-```
+  `document.write("<a href=" + xssFilters.uriInUnquotedAttr(url) + ">" + xssFilters.uriInHTMLData(url) + "</a>");`
 
   In this example, the traditional wisdom of blindly escaping the five well-known characters (`&` `<` `>` `'` `"`) would not stop XSS (e.g., when `url` is equal to `javascript:alert(1)` or ` onclick=alert(1)`).
 

diff --git a/bower.json b/bower.json
@@ -1,6 +1,6 @@
 {
   "name": "xss-filters",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "homepage": "https://github.com/yahoo/xss-filters",
   "authors": [
     "Nera Liu <[email protected]>",

diff --git a/dist/xss-filters.1.0.3.min.js b/dist/xss-filters.1.0.3.min.js