UNPKG

ember-legacy-class-transform

Version:

The default blueprint for ember-cli addons.

github.com/pzuraq/ember-legacy-class-transform

pzuraq/ember-legacy-class-transform

56 lines (52 loc) 6.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
'use strict'; Object.defineProperty(exports, "__esModule", { value: true }); exports.requiresSanitization = requiresSanitization; exports.sanitizeAttributeValue = sanitizeAttributeValue; var _content = require('../compiled/opcodes/content'); var _upsert = require('../upsert'); var badProtocols = ['javascript:', 'vbscript:']; var badTags = ['A', 'BODY', 'LINK', 'IMG', 'IFRAME', 'BASE', 'FORM']; var badTagsForDataURI = ['EMBED']; var badAttributes = ['href', 'src', 'background', 'action']; var badAttributesForDataURI = ['src']; function has(array, item) { return array.indexOf(item) !== -1; } function checkURI(tagName, attribute) { return (tagName === null || has(badTags, tagName)) && has(badAttributes, attribute); } function checkDataURI(tagName, attribute) { if (tagName === null) return false; return has(badTagsForDataURI, tagName) && has(badAttributesForDataURI, attribute); } function requiresSanitization(tagName, attribute) { return checkURI(tagName, attribute) || checkDataURI(tagName, attribute); } function sanitizeAttributeValue(env, element, attribute, value) { var tagName = null; if (value === null || value === undefined) { return value; } if ((0, _upsert.isSafeString)(value)) { return value.toHTML(); } if (!element) { tagName = null; } else { tagName = element.tagName.toUpperCase(); } var str = (0, _content.normalizeTextValue)(value); if (checkURI(tagName, attribute)) { var protocol = env.protocolForURL(str); if (has(badProtocols, protocol)) { return 'unsafe:' + str; } } if (checkDataURI(tagName, attribute)) { return 'unsafe:' + str; } return str; } //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbImxpYi9kb20vc2FuaXRpemVkLXZhbHVlcy5qcyJdLCJuYW1lcyI6WyJub3JtYWxpemVUZXh0VmFsdWUiLCJpc1NhZmVTdHJpbmciLCJiYWRQcm90b2NvbHMiLCJiYWRUYWdzIiwiYmFkVGFnc0ZvckRhdGFVUkkiLCJiYWRBdHRyaWJ1dGVzIiwiYmFkQXR0cmlidXRlc0ZvckRhdGFVUkkiLCJoYXMiLCJhcnJheSIsIml0ZW0iLCJpbmRleE9mIiwiY2hlY2tVUkkiLCJ0YWdOYW1lIiwiYXR0cmlidXRlIiwiY2hlY2tEYXRhVVJJIiwicmVxdWlyZXNTYW5pdGl6YXRpb24iLCJzYW5pdGl6ZUF0dHJpYnV0ZVZhbHVlIiwiZW52IiwiZWxlbWVudCIsInZhbHVlIiwidW5kZWZpbmVkIiwidG9IVE1MIiwidG9VcHBlckNhc2UiLCJzdHIiLCJwcm90b2NvbCIsInByb3RvY29sRm9yVVJMIl0sIm1hcHBpbmdzIjoiOzs7OztRQWlCTyxBQUFTO1FBR1QsQUFBUzs7QUFwQmhCLEFBQVMsQUFBMEI7O0FBQ25DLEFBQVMsQUFBb0I7O0FBQzdCLElBQU0sZUFBZSxDQUFBLEFBQUMsZUFBdEIsQUFBcUIsQUFBZ0I7QUFDckMsSUFBTSxVQUFVLENBQUEsQUFBQyxLQUFELEFBQU0sUUFBTixBQUFjLFFBQWQsQUFBc0IsT0FBdEIsQUFBNkIsVUFBN0IsQUFBdUMsUUFBdkQsQUFBZ0IsQUFBK0M7QUFDL0QsSUFBTSxvQkFBb0IsQ0FBMUIsQUFBMEIsQUFBQztBQUMzQixJQUFNLGdCQUFnQixDQUFBLEFBQUMsUUFBRCxBQUFTLE9BQVQsQUFBZ0IsY0FBdEMsQUFBc0IsQUFBOEI7QUFDcEQsSUFBTSwwQkFBMEIsQ0FBaEMsQUFBZ0MsQUFBQztBQUNqQyxTQUFBLEFBQVMsSUFBVCxBQUFhLE9BQWIsQUFBb0IsTUFBTSxBQUN0QjtXQUFPLE1BQUEsQUFBTSxRQUFOLEFBQWMsVUFBVSxDQUEvQixBQUFnQyxBQUNuQzs7QUFDRCxTQUFBLEFBQVMsU0FBVCxBQUFrQixTQUFsQixBQUEyQixXQUFXLEFBQ2xDO1dBQU8sQ0FBQyxZQUFBLEFBQVksUUFBUSxJQUFBLEFBQUksU0FBekIsQUFBcUIsQUFBYSxhQUFhLElBQUEsQUFBSSxlQUExRCxBQUFzRCxBQUFtQixBQUM1RTs7QUFDRCxTQUFBLEFBQVMsYUFBVCxBQUFzQixTQUF0QixBQUErQixXQUFXLEFBQ3RDO1FBQUksWUFBSixBQUFnQixNQUFNLE9BQUEsQUFBTyxBQUM3QjtXQUFPLElBQUEsQUFBSSxtQkFBSixBQUF1QixZQUFZLElBQUEsQUFBSSx5QkFBOUMsQUFBMEMsQUFBNkIsQUFDMUU7QUFDRDtBQUFPLDhCQUFBLEFBQThCLFNBQTlCLEFBQXVDLFdBQVcsQUFDckQ7V0FBTyxTQUFBLEFBQVMsU0FBVCxBQUFrQixjQUFjLGFBQUEsQUFBYSxTQUFwRCxBQUF1QyxBQUFzQixBQUNoRTtBQUNEO0FBQU8sZ0NBQUEsQUFBZ0MsS0FBaEMsQUFBcUMsU0FBckMsQUFBOEMsV0FBOUMsQUFBeUQsT0FBTyxBQUNuRTtRQUFJLFVBQUosQUFBYyxBQUNkO1FBQUksVUFBQSxBQUFVLFFBQVEsVUFBdEIsQUFBZ0MsV0FBVyxBQUN2QztlQUFBLEFBQU8sQUFDVjtBQUNEO1FBQUksMEJBQUosQUFBSSxBQUFhLFFBQVEsQUFDckI7ZUFBTyxNQUFQLEFBQU8sQUFBTSxBQUNoQjtBQUNEO1FBQUksQ0FBSixBQUFLLFNBQVMsQUFDVjtrQkFBQSxBQUFVLEFBQ2I7QUFGRCxXQUVPLEFBQ0g7a0JBQVUsUUFBQSxBQUFRLFFBQWxCLEFBQVUsQUFBZ0IsQUFDN0I7QUFDRDtRQUFJLE1BQU0saUNBQVYsQUFBVSxBQUFtQixBQUM3QjtRQUFJLFNBQUEsQUFBUyxTQUFiLEFBQUksQUFBa0IsWUFBWSxBQUM5QjtZQUFJLFdBQVcsSUFBQSxBQUFJLGVBQW5CLEFBQWUsQUFBbUIsQUFDbEM7WUFBSSxJQUFBLEFBQUksY0FBUixBQUFJLEFBQWtCLFdBQVcsQUFDN0I7K0JBQUEsQUFBaUIsQUFDcEI7QUFDSjtBQUNEO1FBQUksYUFBQSxBQUFhLFNBQWpCLEFBQUksQUFBc0IsWUFBWSxBQUNsQzsyQkFBQSxBQUFpQixBQUNwQjtBQUNEO1dBQUEsQUFBTyxBQUNWIiwiZmlsZSI6ImxpYi9kb20vc2FuaXRpemVkLXZhbHVlcy5qcyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IG5vcm1hbGl6ZVRleHRWYWx1ZSB9IGZyb20gJy4uL2NvbXBpbGVkL29wY29kZXMvY29udGVudCc7XG5pbXBvcnQgeyBpc1NhZmVTdHJpbmcgfSBmcm9tICcuLi91cHNlcnQnO1xuY29uc3QgYmFkUHJvdG9jb2xzID0gWydqYXZhc2NyaXB0OicsICd2YnNjcmlwdDonXTtcbmNvbnN0IGJhZFRhZ3MgPSBbJ0EnLCAnQk9EWScsICdMSU5LJywgJ0lNRycsICdJRlJBTUUnLCAnQkFTRScsICdGT1JNJ107XG5jb25zdCBiYWRUYWdzRm9yRGF0YVVSSSA9IFsnRU1CRUQnXTtcbmNvbnN0IGJhZEF0dHJpYnV0ZXMgPSBbJ2hyZWYnLCAnc3JjJywgJ2JhY2tncm91bmQnLCAnYWN0aW9uJ107XG5jb25zdCBiYWRBdHRyaWJ1dGVzRm9yRGF0YVVSSSA9IFsnc3JjJ107XG5mdW5jdGlvbiBoYXMoYXJyYXksIGl0ZW0pIHtcbiAgICByZXR1cm4gYXJyYXkuaW5kZXhPZihpdGVtKSAhPT0gLTE7XG59XG5mdW5jdGlvbiBjaGVja1VSSSh0YWdOYW1lLCBhdHRyaWJ1dGUpIHtcbiAgICByZXR1cm4gKHRhZ05hbWUgPT09IG51bGwgfHwgaGFzKGJhZFRhZ3MsIHRhZ05hbWUpKSAmJiBoYXMoYmFkQXR0cmlidXRlcywgYXR0cmlidXRlKTtcbn1cbmZ1bmN0aW9uIGNoZWNrRGF0YVVSSSh0YWdOYW1lLCBhdHRyaWJ1dGUpIHtcbiAgICBpZiAodGFnTmFtZSA9PT0gbnVsbCkgcmV0dXJuIGZhbHNlO1xuICAgIHJldHVybiBoYXMoYmFkVGFnc0ZvckRhdGFVUkksIHRhZ05hbWUpICYmIGhhcyhiYWRBdHRyaWJ1dGVzRm9yRGF0YVVSSSwgYXR0cmlidXRlKTtcbn1cbmV4cG9ydCBmdW5jdGlvbiByZXF1aXJlc1Nhbml0aXphdGlvbih0YWdOYW1lLCBhdHRyaWJ1dGUpIHtcbiAgICByZXR1cm4gY2hlY2tVUkkodGFnTmFtZSwgYXR0cmlidXRlKSB8fCBjaGVja0RhdGFVUkkodGFnTmFtZSwgYXR0cmlidXRlKTtcbn1cbmV4cG9ydCBmdW5jdGlvbiBzYW5pdGl6ZUF0dHJpYnV0ZVZhbHVlKGVudiwgZWxlbWVudCwgYXR0cmlidXRlLCB2YWx1ZSkge1xuICAgIGxldCB0YWdOYW1lID0gbnVsbDtcbiAgICBpZiAodmFsdWUgPT09IG51bGwgfHwgdmFsdWUgPT09IHVuZGVmaW5lZCkge1xuICAgICAgICByZXR1cm4gdmFsdWU7XG4gICAgfVxuICAgIGlmIChpc1NhZmVTdHJpbmcodmFsdWUpKSB7XG4gICAgICAgIHJldHVybiB2YWx1ZS50b0hUTUwoKTtcbiAgICB9XG4gICAgaWYgKCFlbGVtZW50KSB7XG4gICAgICAgIHRhZ05hbWUgPSBudWxsO1xuICAgIH0gZWxzZSB7XG4gICAgICAgIHRhZ05hbWUgPSBlbGVtZW50LnRhZ05hbWUudG9VcHBlckNhc2UoKTtcbiAgICB9XG4gICAgbGV0IHN0ciA9IG5vcm1hbGl6ZVRleHRWYWx1ZSh2YWx1ZSk7XG4gICAgaWYgKGNoZWNrVVJJKHRhZ05hbWUsIGF0dHJpYnV0ZSkpIHtcbiAgICAgICAgbGV0IHByb3RvY29sID0gZW52LnByb3RvY29sRm9yVVJMKHN0cik7XG4gICAgICAgIGlmIChoYXMoYmFkUHJvdG9jb2xzLCBwcm90b2NvbCkpIHtcbiAgICAgICAgICAgIHJldHVybiBgdW5zYWZlOiR7c3RyfWA7XG4gICAgICAgIH1cbiAgICB9XG4gICAgaWYgKGNoZWNrRGF0YVVSSSh0YWdOYW1lLCBhdHRyaWJ1dGUpKSB7XG4gICAgICAgIHJldHVybiBgdW5zYWZlOiR7c3RyfWA7XG4gICAgfVxuICAgIHJldHVybiBzdHI7XG59Il19