UNPKG

@trap_stevo/legendarybuilderproreact-ui

Version:

The legendary UI & utility API that makes your application a legendary application. ~ Created by Steven Compton

106 lines 5.74 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
import _toConsumableArray from "@babel/runtime/helpers/toConsumableArray"; import _defineProperty from "@babel/runtime/helpers/defineProperty"; function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; } function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; } import DOMPurify from "dompurify"; var normalizeToken = function normalizeToken() { var s = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : ""; return s.trim().toLowerCase().replace(/[^a-z0-9\-_.:]+/g, "-").slice(0, 120); }; export var containsHTML = function containsHTML(input) { return /<\/?[a-z][\s\S]*>/i.test(input); }; export var sanitizeHTML = function sanitizeHTML(html) { var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {}; var baseOptions = { ADD_TAGS: ["img", "video", "audio", "source", "track", "iframe", "button"], ADD_ATTR: ["id", "class", "title", "style", "href", "target", "rel", "src", "srcset", "sizes", "alt", "loading", "referrerpolicy", "controls", "autoplay", "loop", "muted", "playsinline", "preload", "poster", "width", "height", "type", "kind", "label", "default", "allow", "allowfullscreen", "frameborder", "sandbox", "data-doc-action-id", "data-doc-action-event", "data-prevent-default", "data-stop-propagation", "role", "tabindex", "cite"], FORBID_TAGS: ["style"], WHOLE_DOCUMENT: false, SANITIZE_DOM: true, ALLOW_ARIA_ATTR: true, ALLOW_DATA_ATTR: true, KEEP_CONTENT: true, ALLOWED_URI_REGEXP: /^(?:(?:https?|mailto|tel|blob):|about:blank|data:image\/|data:audio\/|data:video\/)/i, ADD_POLICY_FACTORY: function ADD_POLICY_FACTORY() { return { transform: { element: function element(nodeName, node) { if (nodeName === "body" || nodeName === "html") { return null; } if (nodeName === "iframe") { var safeSandbox = "allow-scripts allow-same-origin allow-popups allow-forms"; var usesSandbox = node.getAttribute && node.getAttribute("sandbox"); if (!usesSandbox && node.setAttribute) { node.setAttribute("sandbox", safeSandbox); } } return { nodeName: nodeName, node: node }; }, attribute: function attribute(attrName, attrValue, node) { var name = String(attrName || "").toLowerCase(); if (name.startsWith("on")) { var eventType = name.slice(2).toLowerCase(); var token = normalizeToken(String(attrValue || "").replace(/\(.*\)$/, "")); if (token && node !== null && node !== void 0 && node.setAttribute) { if (!node.getAttribute("data-doc-action-id")) { node.setAttribute("data-doc-action-id", "inline-".concat(token)); } if (!node.getAttribute("data-doc-action-event")) { node.setAttribute("data-doc-action-event", eventType || "click"); } if (eventType === "click" && node.nodeName !== "A" && node.nodeName !== "BUTTON") { if (!node.getAttribute("tabindex")) { node.setAttribute("tabindex", "0"); } if (!node.getAttribute("role")) { node.setAttribute("role", "button"); } } } return null; } if (name === "target" && attrValue === "_blank") { if (node && node.setAttribute) { node.setAttribute("rel", "noopener noreferrer"); } } if (name === "style") { var forbiddenStyles = ["position: fixed", "position: absolute", "position: sticky", "behavior:", "expression(", "url(javascript:"]; var styleRules = attrValue.split(";").map(function (r) { return r.trim(); }).filter(function (rule) { return !forbiddenStyles.some(function (forbiddenStyle) { return rule.toLowerCase().includes(forbiddenStyle); }); }).join("; "); return { attrValue: styleRules, attrName: attrName }; } if (name === "src" && node && node.nodeName.toLowerCase() === "iframe") { var ok = /^(https?:\/\/|blob:|about:blank)/i.test(String(attrValue || "")); if (!ok) { return null; } } return { attrValue: attrValue, attrName: attrName }; } } }; } }; var mergedOptions = _objectSpread(_objectSpread(_objectSpread({}, baseOptions), options), {}, { ADD_TAGS: Array.from(new Set([].concat(_toConsumableArray(baseOptions.ADD_TAGS || []), _toConsumableArray(options.ADD_TAGS || [])))), ADD_ATTR: Array.from(new Set([].concat(_toConsumableArray(baseOptions.ADD_ATTR || []), _toConsumableArray(options.ADD_ATTR || [])))) }); return DOMPurify.sanitize(html, mergedOptions); };