UNPKG

ember-legacy-class-transform

Version:

The default blueprint for ember-cli addons.

github.com/pzuraq/ember-legacy-class-transform

pzuraq/ember-legacy-class-transform

46 lines 6.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import { normalizeTextValue } from '../compiled/opcodes/content'; import { isSafeString } from '../upsert'; var badProtocols = ['javascript:', 'vbscript:']; var badTags = ['A', 'BODY', 'LINK', 'IMG', 'IFRAME', 'BASE', 'FORM']; var badTagsForDataURI = ['EMBED']; var badAttributes = ['href', 'src', 'background', 'action']; var badAttributesForDataURI = ['src']; function has(array, item) { return array.indexOf(item) !== -1; } function checkURI(tagName, attribute) { return (tagName === null || has(badTags, tagName)) && has(badAttributes, attribute); } function checkDataURI(tagName, attribute) { if (tagName === null) return false; return has(badTagsForDataURI, tagName) && has(badAttributesForDataURI, attribute); } export function requiresSanitization(tagName, attribute) { return checkURI(tagName, attribute) || checkDataURI(tagName, attribute); } export function sanitizeAttributeValue(env, element, attribute, value) { var tagName = null; if (value === null || value === undefined) { return value; } if (isSafeString(value)) { return value.toHTML(); } if (!element) { tagName = null; } else { tagName = element.tagName.toUpperCase(); } var str = normalizeTextValue(value); if (checkURI(tagName, attribute)) { var protocol = env.protocolForURL(str); if (has(badProtocols, protocol)) { return 'unsafe:' + str; } } if (checkDataURI(tagName, attribute)) { return 'unsafe:' + str; } return str; } //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbImxpYi9kb20vc2FuaXRpemVkLXZhbHVlcy5qcyJdLCJuYW1lcyI6WyJub3JtYWxpemVUZXh0VmFsdWUiLCJpc1NhZmVTdHJpbmciLCJiYWRQcm90b2NvbHMiLCJiYWRUYWdzIiwiYmFkVGFnc0ZvckRhdGFVUkkiLCJiYWRBdHRyaWJ1dGVzIiwiYmFkQXR0cmlidXRlc0ZvckRhdGFVUkkiLCJoYXMiLCJhcnJheSIsIml0ZW0iLCJpbmRleE9mIiwiY2hlY2tVUkkiLCJ0YWdOYW1lIiwiYXR0cmlidXRlIiwiY2hlY2tEYXRhVVJJIiwicmVxdWlyZXNTYW5pdGl6YXRpb24iLCJzYW5pdGl6ZUF0dHJpYnV0ZVZhbHVlIiwiZW52IiwiZWxlbWVudCIsInZhbHVlIiwidW5kZWZpbmVkIiwidG9IVE1MIiwidG9VcHBlckNhc2UiLCJzdHIiLCJwcm90b2NvbCIsInByb3RvY29sRm9yVVJMIl0sIm1hcHBpbmdzIjoiQUFBQSxTQUFTQSxrQkFBVCxRQUFtQyw2QkFBbkM7QUFDQSxTQUFTQyxZQUFULFFBQTZCLFdBQTdCO0FBQ0EsSUFBTUMsZUFBZSxDQUFDLGFBQUQsRUFBZ0IsV0FBaEIsQ0FBckI7QUFDQSxJQUFNQyxVQUFVLENBQUMsR0FBRCxFQUFNLE1BQU4sRUFBYyxNQUFkLEVBQXNCLEtBQXRCLEVBQTZCLFFBQTdCLEVBQXVDLE1BQXZDLEVBQStDLE1BQS9DLENBQWhCO0FBQ0EsSUFBTUMsb0JBQW9CLENBQUMsT0FBRCxDQUExQjtBQUNBLElBQU1DLGdCQUFnQixDQUFDLE1BQUQsRUFBUyxLQUFULEVBQWdCLFlBQWhCLEVBQThCLFFBQTlCLENBQXRCO0FBQ0EsSUFBTUMsMEJBQTBCLENBQUMsS0FBRCxDQUFoQztBQUNBLFNBQVNDLEdBQVQsQ0FBYUMsS0FBYixFQUFvQkMsSUFBcEIsRUFBMEI7QUFDdEIsV0FBT0QsTUFBTUUsT0FBTixDQUFjRCxJQUFkLE1BQXdCLENBQUMsQ0FBaEM7QUFDSDtBQUNELFNBQVNFLFFBQVQsQ0FBa0JDLE9BQWxCLEVBQTJCQyxTQUEzQixFQUFzQztBQUNsQyxXQUFPLENBQUNELFlBQVksSUFBWixJQUFvQkwsSUFBSUosT0FBSixFQUFhUyxPQUFiLENBQXJCLEtBQStDTCxJQUFJRixhQUFKLEVBQW1CUSxTQUFuQixDQUF0RDtBQUNIO0FBQ0QsU0FBU0MsWUFBVCxDQUFzQkYsT0FBdEIsRUFBK0JDLFNBQS9CLEVBQTBDO0FBQ3RDLFFBQUlELFlBQVksSUFBaEIsRUFBc0IsT0FBTyxLQUFQO0FBQ3RCLFdBQU9MLElBQUlILGlCQUFKLEVBQXVCUSxPQUF2QixLQUFtQ0wsSUFBSUQsdUJBQUosRUFBNkJPLFNBQTdCLENBQTFDO0FBQ0g7QUFDRCxPQUFPLFNBQVNFLG9CQUFULENBQThCSCxPQUE5QixFQUF1Q0MsU0FBdkMsRUFBa0Q7QUFDckQsV0FBT0YsU0FBU0MsT0FBVCxFQUFrQkMsU0FBbEIsS0FBZ0NDLGFBQWFGLE9BQWIsRUFBc0JDLFNBQXRCLENBQXZDO0FBQ0g7QUFDRCxPQUFPLFNBQVNHLHNCQUFULENBQWdDQyxHQUFoQyxFQUFxQ0MsT0FBckMsRUFBOENMLFNBQTlDLEVBQXlETSxLQUF6RCxFQUFnRTtBQUNuRSxRQUFJUCxVQUFVLElBQWQ7QUFDQSxRQUFJTyxVQUFVLElBQVYsSUFBa0JBLFVBQVVDLFNBQWhDLEVBQTJDO0FBQ3ZDLGVBQU9ELEtBQVA7QUFDSDtBQUNELFFBQUlsQixhQUFha0IsS0FBYixDQUFKLEVBQXlCO0FBQ3JCLGVBQU9BLE1BQU1FLE1BQU4sRUFBUDtBQUNIO0FBQ0QsUUFBSSxDQUFDSCxPQUFMLEVBQWM7QUFDVk4sa0JBQVUsSUFBVjtBQUNILEtBRkQsTUFFTztBQUNIQSxrQkFBVU0sUUFBUU4sT0FBUixDQUFnQlUsV0FBaEIsRUFBVjtBQUNIO0FBQ0QsUUFBSUMsTUFBTXZCLG1CQUFtQm1CLEtBQW5CLENBQVY7QUFDQSxRQUFJUixTQUFTQyxPQUFULEVBQWtCQyxTQUFsQixDQUFKLEVBQWtDO0FBQzlCLFlBQUlXLFdBQVdQLElBQUlRLGNBQUosQ0FBbUJGLEdBQW5CLENBQWY7QUFDQSxZQUFJaEIsSUFBSUwsWUFBSixFQUFrQnNCLFFBQWxCLENBQUosRUFBaUM7QUFDN0IsK0JBQWlCRCxHQUFqQjtBQUNIO0FBQ0o7QUFDRCxRQUFJVCxhQUFhRixPQUFiLEVBQXNCQyxTQUF0QixDQUFKLEVBQXNDO0FBQ2xDLDJCQUFpQlUsR0FBakI7QUFDSDtBQUNELFdBQU9BLEdBQVA7QUFDSCIsImZpbGUiOiJsaWIvZG9tL3Nhbml0aXplZC12YWx1ZXMuanMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBub3JtYWxpemVUZXh0VmFsdWUgfSBmcm9tICcuLi9jb21waWxlZC9vcGNvZGVzL2NvbnRlbnQnO1xuaW1wb3J0IHsgaXNTYWZlU3RyaW5nIH0gZnJvbSAnLi4vdXBzZXJ0JztcbmNvbnN0IGJhZFByb3RvY29scyA9IFsnamF2YXNjcmlwdDonLCAndmJzY3JpcHQ6J107XG5jb25zdCBiYWRUYWdzID0gWydBJywgJ0JPRFknLCAnTElOSycsICdJTUcnLCAnSUZSQU1FJywgJ0JBU0UnLCAnRk9STSddO1xuY29uc3QgYmFkVGFnc0ZvckRhdGFVUkkgPSBbJ0VNQkVEJ107XG5jb25zdCBiYWRBdHRyaWJ1dGVzID0gWydocmVmJywgJ3NyYycsICdiYWNrZ3JvdW5kJywgJ2FjdGlvbiddO1xuY29uc3QgYmFkQXR0cmlidXRlc0ZvckRhdGFVUkkgPSBbJ3NyYyddO1xuZnVuY3Rpb24gaGFzKGFycmF5LCBpdGVtKSB7XG4gICAgcmV0dXJuIGFycmF5LmluZGV4T2YoaXRlbSkgIT09IC0xO1xufVxuZnVuY3Rpb24gY2hlY2tVUkkodGFnTmFtZSwgYXR0cmlidXRlKSB7XG4gICAgcmV0dXJuICh0YWdOYW1lID09PSBudWxsIHx8IGhhcyhiYWRUYWdzLCB0YWdOYW1lKSkgJiYgaGFzKGJhZEF0dHJpYnV0ZXMsIGF0dHJpYnV0ZSk7XG59XG5mdW5jdGlvbiBjaGVja0RhdGFVUkkodGFnTmFtZSwgYXR0cmlidXRlKSB7XG4gICAgaWYgKHRhZ05hbWUgPT09IG51bGwpIHJldHVybiBmYWxzZTtcbiAgICByZXR1cm4gaGFzKGJhZFRhZ3NGb3JEYXRhVVJJLCB0YWdOYW1lKSAmJiBoYXMoYmFkQXR0cmlidXRlc0ZvckRhdGFVUkksIGF0dHJpYnV0ZSk7XG59XG5leHBvcnQgZnVuY3Rpb24gcmVxdWlyZXNTYW5pdGl6YXRpb24odGFnTmFtZSwgYXR0cmlidXRlKSB7XG4gICAgcmV0dXJuIGNoZWNrVVJJKHRhZ05hbWUsIGF0dHJpYnV0ZSkgfHwgY2hlY2tEYXRhVVJJKHRhZ05hbWUsIGF0dHJpYnV0ZSk7XG59XG5leHBvcnQgZnVuY3Rpb24gc2FuaXRpemVBdHRyaWJ1dGVWYWx1ZShlbnYsIGVsZW1lbnQsIGF0dHJpYnV0ZSwgdmFsdWUpIHtcbiAgICBsZXQgdGFnTmFtZSA9IG51bGw7XG4gICAgaWYgKHZhbHVlID09PSBudWxsIHx8IHZhbHVlID09PSB1bmRlZmluZWQpIHtcbiAgICAgICAgcmV0dXJuIHZhbHVlO1xuICAgIH1cbiAgICBpZiAoaXNTYWZlU3RyaW5nKHZhbHVlKSkge1xuICAgICAgICByZXR1cm4gdmFsdWUudG9IVE1MKCk7XG4gICAgfVxuICAgIGlmICghZWxlbWVudCkge1xuICAgICAgICB0YWdOYW1lID0gbnVsbDtcbiAgICB9IGVsc2Uge1xuICAgICAgICB0YWdOYW1lID0gZWxlbWVudC50YWdOYW1lLnRvVXBwZXJDYXNlKCk7XG4gICAgfVxuICAgIGxldCBzdHIgPSBub3JtYWxpemVUZXh0VmFsdWUodmFsdWUpO1xuICAgIGlmIChjaGVja1VSSSh0YWdOYW1lLCBhdHRyaWJ1dGUpKSB7XG4gICAgICAgIGxldCBwcm90b2NvbCA9IGVudi5wcm90b2NvbEZvclVSTChzdHIpO1xuICAgICAgICBpZiAoaGFzKGJhZFByb3RvY29scywgcHJvdG9jb2wpKSB7XG4gICAgICAgICAgICByZXR1cm4gYHVuc2FmZToke3N0cn1gO1xuICAgICAgICB9XG4gICAgfVxuICAgIGlmIChjaGVja0RhdGFVUkkodGFnTmFtZSwgYXR0cmlidXRlKSkge1xuICAgICAgICByZXR1cm4gYHVuc2FmZToke3N0cn1gO1xuICAgIH1cbiAgICByZXR1cm4gc3RyO1xufSJdfQ==