UNPKG

@atlaskit/editor-common

Version:

A package that contains common classes and components for editor and renderer

bitbucket.org/atlassian/atlassian-frontend-mirror

38 lines (35 loc) 1.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.normaliseSentryBreadcrumbs = exports.SERIALIZABLE_ATTRIBUTES = void 0; var SERIALIZABLE_ATTRIBUTES = exports.SERIALIZABLE_ATTRIBUTES = ['data-test-id', 'data-testid']; var WHITELISTED_ATTRIBNUTES = ['type', 'name'].concat(SERIALIZABLE_ATTRIBUTES); var REG_MATCH_NOTALLOWED_ATTRIBUTES = new RegExp("\\[(?!".concat(WHITELISTED_ATTRIBNUTES.join('|'), ").*?\\]"), 'gmu'); // attributes may contain UGC that we need to strip out // only allow type and name attributes var sanitiseUiBreadcrumbMessage = function sanitiseUiBreadcrumbMessage(message) { return message.replace(REG_MATCH_NOTALLOWED_ATTRIBUTES, ''); }; /** * Sanitizes messages within UI category breadcrumbs to ensure user-generated content is * appropriately cleaned before being logged by Sentry. This helps in maintaining * privacy and security by preventing sensitive data exposure. */ var normaliseSentryBreadcrumbs = exports.normaliseSentryBreadcrumbs = function normaliseSentryBreadcrumbs(breadcrumb) { var _ref = breadcrumb || {}, category = _ref.category; // allow "ui*"" category breadcrumbs, that include clicks and inputs on DOM elements // they may contain UGC that needs to be stripped out if (category !== null && category !== void 0 && category.startsWith('ui')) { // sentry can include the element attributes in the data // which may contain UGC that we need to strip out var sanitisedBreadCrumb = breadcrumb; var message = sanitisedBreadCrumb.message; if (message !== null && message !== undefined) { sanitisedBreadCrumb.message = sanitiseUiBreadcrumbMessage(message); } return breadcrumb; } return breadcrumb; };