UNPKG

ember-legacy-class-transform

Version:

The default blueprint for ember-cli addons.

github.com/pzuraq/ember-legacy-class-transform

pzuraq/ember-legacy-class-transform

56 lines (52 loc) 6.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
'use strict'; Object.defineProperty(exports, "__esModule", { value: true }); exports.requiresSanitization = requiresSanitization; exports.sanitizeAttributeValue = sanitizeAttributeValue; var _content = require('../compiled/opcodes/content'); var _upsert = require('../upsert'); const badProtocols = ['javascript:', 'vbscript:']; const badTags = ['A', 'BODY', 'LINK', 'IMG', 'IFRAME', 'BASE', 'FORM']; const badTagsForDataURI = ['EMBED']; const badAttributes = ['href', 'src', 'background', 'action']; const badAttributesForDataURI = ['src']; function has(array, item) { return array.indexOf(item) !== -1; } function checkURI(tagName, attribute) { return (tagName === null || has(badTags, tagName)) && has(badAttributes, attribute); } function checkDataURI(tagName, attribute) { if (tagName === null) return false; return has(badTagsForDataURI, tagName) && has(badAttributesForDataURI, attribute); } function requiresSanitization(tagName, attribute) { return checkURI(tagName, attribute) || checkDataURI(tagName, attribute); } function sanitizeAttributeValue(env, element, attribute, value) { let tagName = null; if (value === null || value === undefined) { return value; } if ((0, _upsert.isSafeString)(value)) { return value.toHTML(); } if (!element) { tagName = null; } else { tagName = element.tagName.toUpperCase(); } let str = (0, _content.normalizeTextValue)(value); if (checkURI(tagName, attribute)) { let protocol = env.protocolForURL(str); if (has(badProtocols, protocol)) { return `unsafe:${str}`; } } if (checkDataURI(tagName, attribute)) { return `unsafe:${str}`; } return str; } //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbImxpYi9kb20vc2FuaXRpemVkLXZhbHVlcy5qcyJdLCJuYW1lcyI6WyJyZXF1aXJlc1Nhbml0aXphdGlvbiIsInNhbml0aXplQXR0cmlidXRlVmFsdWUiLCJiYWRQcm90b2NvbHMiLCJiYWRUYWdzIiwiYmFkVGFnc0ZvckRhdGFVUkkiLCJiYWRBdHRyaWJ1dGVzIiwiYmFkQXR0cmlidXRlc0ZvckRhdGFVUkkiLCJoYXMiLCJhcnJheSIsIml0ZW0iLCJpbmRleE9mIiwiY2hlY2tVUkkiLCJ0YWdOYW1lIiwiYXR0cmlidXRlIiwiY2hlY2tEYXRhVVJJIiwiZW52IiwiZWxlbWVudCIsInZhbHVlIiwidW5kZWZpbmVkIiwidG9IVE1MIiwidG9VcHBlckNhc2UiLCJzdHIiLCJwcm90b2NvbCIsInByb3RvY29sRm9yVVJMIl0sIm1hcHBpbmdzIjoiOzs7OztRQWlCZ0JBLG9CLEdBQUFBLG9CO1FBR0FDLHNCLEdBQUFBLHNCOztBQXBCaEI7O0FBQ0E7O0FBQ0EsTUFBTUMsZUFBZSxDQUFDLGFBQUQsRUFBZ0IsV0FBaEIsQ0FBckI7QUFDQSxNQUFNQyxVQUFVLENBQUMsR0FBRCxFQUFNLE1BQU4sRUFBYyxNQUFkLEVBQXNCLEtBQXRCLEVBQTZCLFFBQTdCLEVBQXVDLE1BQXZDLEVBQStDLE1BQS9DLENBQWhCO0FBQ0EsTUFBTUMsb0JBQW9CLENBQUMsT0FBRCxDQUExQjtBQUNBLE1BQU1DLGdCQUFnQixDQUFDLE1BQUQsRUFBUyxLQUFULEVBQWdCLFlBQWhCLEVBQThCLFFBQTlCLENBQXRCO0FBQ0EsTUFBTUMsMEJBQTBCLENBQUMsS0FBRCxDQUFoQztBQUNBLFNBQVNDLEdBQVQsQ0FBYUMsS0FBYixFQUFvQkMsSUFBcEIsRUFBMEI7QUFDdEIsV0FBT0QsTUFBTUUsT0FBTixDQUFjRCxJQUFkLE1BQXdCLENBQUMsQ0FBaEM7QUFDSDtBQUNELFNBQVNFLFFBQVQsQ0FBa0JDLE9BQWxCLEVBQTJCQyxTQUEzQixFQUFzQztBQUNsQyxXQUFPLENBQUNELFlBQVksSUFBWixJQUFvQkwsSUFBSUosT0FBSixFQUFhUyxPQUFiLENBQXJCLEtBQStDTCxJQUFJRixhQUFKLEVBQW1CUSxTQUFuQixDQUF0RDtBQUNIO0FBQ0QsU0FBU0MsWUFBVCxDQUFzQkYsT0FBdEIsRUFBK0JDLFNBQS9CLEVBQTBDO0FBQ3RDLFFBQUlELFlBQVksSUFBaEIsRUFBc0IsT0FBTyxLQUFQO0FBQ3RCLFdBQU9MLElBQUlILGlCQUFKLEVBQXVCUSxPQUF2QixLQUFtQ0wsSUFBSUQsdUJBQUosRUFBNkJPLFNBQTdCLENBQTFDO0FBQ0g7QUFDTSxTQUFTYixvQkFBVCxDQUE4QlksT0FBOUIsRUFBdUNDLFNBQXZDLEVBQWtEO0FBQ3JELFdBQU9GLFNBQVNDLE9BQVQsRUFBa0JDLFNBQWxCLEtBQWdDQyxhQUFhRixPQUFiLEVBQXNCQyxTQUF0QixDQUF2QztBQUNIO0FBQ00sU0FBU1osc0JBQVQsQ0FBZ0NjLEdBQWhDLEVBQXFDQyxPQUFyQyxFQUE4Q0gsU0FBOUMsRUFBeURJLEtBQXpELEVBQWdFO0FBQ25FLFFBQUlMLFVBQVUsSUFBZDtBQUNBLFFBQUlLLFVBQVUsSUFBVixJQUFrQkEsVUFBVUMsU0FBaEMsRUFBMkM7QUFDdkMsZUFBT0QsS0FBUDtBQUNIO0FBQ0QsUUFBSSwwQkFBYUEsS0FBYixDQUFKLEVBQXlCO0FBQ3JCLGVBQU9BLE1BQU1FLE1BQU4sRUFBUDtBQUNIO0FBQ0QsUUFBSSxDQUFDSCxPQUFMLEVBQWM7QUFDVkosa0JBQVUsSUFBVjtBQUNILEtBRkQsTUFFTztBQUNIQSxrQkFBVUksUUFBUUosT0FBUixDQUFnQlEsV0FBaEIsRUFBVjtBQUNIO0FBQ0QsUUFBSUMsTUFBTSxpQ0FBbUJKLEtBQW5CLENBQVY7QUFDQSxRQUFJTixTQUFTQyxPQUFULEVBQWtCQyxTQUFsQixDQUFKLEVBQWtDO0FBQzlCLFlBQUlTLFdBQVdQLElBQUlRLGNBQUosQ0FBbUJGLEdBQW5CLENBQWY7QUFDQSxZQUFJZCxJQUFJTCxZQUFKLEVBQWtCb0IsUUFBbEIsQ0FBSixFQUFpQztBQUM3QixtQkFBUSxVQUFTRCxHQUFJLEVBQXJCO0FBQ0g7QUFDSjtBQUNELFFBQUlQLGFBQWFGLE9BQWIsRUFBc0JDLFNBQXRCLENBQUosRUFBc0M7QUFDbEMsZUFBUSxVQUFTUSxHQUFJLEVBQXJCO0FBQ0g7QUFDRCxXQUFPQSxHQUFQO0FBQ0giLCJmaWxlIjoibGliL2RvbS9zYW5pdGl6ZWQtdmFsdWVzLmpzIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgbm9ybWFsaXplVGV4dFZhbHVlIH0gZnJvbSAnLi4vY29tcGlsZWQvb3Bjb2Rlcy9jb250ZW50JztcbmltcG9ydCB7IGlzU2FmZVN0cmluZyB9IGZyb20gJy4uL3Vwc2VydCc7XG5jb25zdCBiYWRQcm90b2NvbHMgPSBbJ2phdmFzY3JpcHQ6JywgJ3Zic2NyaXB0OiddO1xuY29uc3QgYmFkVGFncyA9IFsnQScsICdCT0RZJywgJ0xJTksnLCAnSU1HJywgJ0lGUkFNRScsICdCQVNFJywgJ0ZPUk0nXTtcbmNvbnN0IGJhZFRhZ3NGb3JEYXRhVVJJID0gWydFTUJFRCddO1xuY29uc3QgYmFkQXR0cmlidXRlcyA9IFsnaHJlZicsICdzcmMnLCAnYmFja2dyb3VuZCcsICdhY3Rpb24nXTtcbmNvbnN0IGJhZEF0dHJpYnV0ZXNGb3JEYXRhVVJJID0gWydzcmMnXTtcbmZ1bmN0aW9uIGhhcyhhcnJheSwgaXRlbSkge1xuICAgIHJldHVybiBhcnJheS5pbmRleE9mKGl0ZW0pICE9PSAtMTtcbn1cbmZ1bmN0aW9uIGNoZWNrVVJJKHRhZ05hbWUsIGF0dHJpYnV0ZSkge1xuICAgIHJldHVybiAodGFnTmFtZSA9PT0gbnVsbCB8fCBoYXMoYmFkVGFncywgdGFnTmFtZSkpICYmIGhhcyhiYWRBdHRyaWJ1dGVzLCBhdHRyaWJ1dGUpO1xufVxuZnVuY3Rpb24gY2hlY2tEYXRhVVJJKHRhZ05hbWUsIGF0dHJpYnV0ZSkge1xuICAgIGlmICh0YWdOYW1lID09PSBudWxsKSByZXR1cm4gZmFsc2U7XG4gICAgcmV0dXJuIGhhcyhiYWRUYWdzRm9yRGF0YVVSSSwgdGFnTmFtZSkgJiYgaGFzKGJhZEF0dHJpYnV0ZXNGb3JEYXRhVVJJLCBhdHRyaWJ1dGUpO1xufVxuZXhwb3J0IGZ1bmN0aW9uIHJlcXVpcmVzU2FuaXRpemF0aW9uKHRhZ05hbWUsIGF0dHJpYnV0ZSkge1xuICAgIHJldHVybiBjaGVja1VSSSh0YWdOYW1lLCBhdHRyaWJ1dGUpIHx8IGNoZWNrRGF0YVVSSSh0YWdOYW1lLCBhdHRyaWJ1dGUpO1xufVxuZXhwb3J0IGZ1bmN0aW9uIHNhbml0aXplQXR0cmlidXRlVmFsdWUoZW52LCBlbGVtZW50LCBhdHRyaWJ1dGUsIHZhbHVlKSB7XG4gICAgbGV0IHRhZ05hbWUgPSBudWxsO1xuICAgIGlmICh2YWx1ZSA9PT0gbnVsbCB8fCB2YWx1ZSA9PT0gdW5kZWZpbmVkKSB7XG4gICAgICAgIHJldHVybiB2YWx1ZTtcbiAgICB9XG4gICAgaWYgKGlzU2FmZVN0cmluZyh2YWx1ZSkpIHtcbiAgICAgICAgcmV0dXJuIHZhbHVlLnRvSFRNTCgpO1xuICAgIH1cbiAgICBpZiAoIWVsZW1lbnQpIHtcbiAgICAgICAgdGFnTmFtZSA9IG51bGw7XG4gICAgfSBlbHNlIHtcbiAgICAgICAgdGFnTmFtZSA9IGVsZW1lbnQudGFnTmFtZS50b1VwcGVyQ2FzZSgpO1xuICAgIH1cbiAgICBsZXQgc3RyID0gbm9ybWFsaXplVGV4dFZhbHVlKHZhbHVlKTtcbiAgICBpZiAoY2hlY2tVUkkodGFnTmFtZSwgYXR0cmlidXRlKSkge1xuICAgICAgICBsZXQgcHJvdG9jb2wgPSBlbnYucHJvdG9jb2xGb3JVUkwoc3RyKTtcbiAgICAgICAgaWYgKGhhcyhiYWRQcm90b2NvbHMsIHByb3RvY29sKSkge1xuICAgICAgICAgICAgcmV0dXJuIGB1bnNhZmU6JHtzdHJ9YDtcbiAgICAgICAgfVxuICAgIH1cbiAgICBpZiAoY2hlY2tEYXRhVVJJKHRhZ05hbWUsIGF0dHJpYnV0ZSkpIHtcbiAgICAgICAgcmV0dXJuIGB1bnNhZmU6JHtzdHJ9YDtcbiAgICB9XG4gICAgcmV0dXJuIHN0cjtcbn0iXX0=