Bug#1125073: ITP: node-braintree-sanitize-url -- URL sanitization to prevent script-scheme injection

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1125073: ITP: node-braintree-sanitize-url -- URL sanitization to prevent script-scheme injection
From: Edward Betts <edward@4angle.com>
Date: Thu, 8 Jan 2026 22:41:01 +0000
Message-id: <[🔎] aWAyaBZ-9m5FuhgU@4angle.com>
Reply-to: Edward Betts <edward@4angle.com>, 1125073@bugs.debian.org

Package: wnpp
Severity: wishlist
Owner: Edward Betts <edward@4angle.com>
X-Debbugs-Cc: debian-devel@lists.debian.org

* Package name    : node-braintree-sanitize-url
  Version         : 7.1.1
  Upstream Author : Braintree
* URL             : https://github.com/braintree/sanitize-url
* License         : MIT
  Programming Lang: JavaScript
  Description     : URL sanitization to prevent script-scheme injection

  This library sanitizes URL strings so they can be handled safely in contexts
  such as link targets and redirects.
  .
  It inspects input for dangerous schemes such as "javascript:" and normalizes
  common obfuscation tricks, including mixed-case spellings, embedded control
  characters, and HTML character references. When a URL is considered unsafe, it
  returns a neutral value ("about:blank") rather than passing the original
  string through.

This library is a dependancy of Home Assistant, the Python smart home platform.

I plan to maintain it as part of the Home Assistant team.

Reply to:

Prev by Date: Bug#1125074: ITP: node-memoize-one -- Single-entry memoization for function calls
Next by Date: Bug#1125087: ITP: node-expect-type -- Compile-time type assertions for TypeScript
Previous by thread: Bug#1125074: ITP: node-memoize-one -- Single-entry memoization for function calls
Next by thread: Bug#1125087: ITP: node-expect-type -- Compile-time type assertions for TypeScript
Index(es):
- Date
- Thread