UNPKG

typescript-closure-tools

Version:

Command-line tools to convert closure-style JSDoc annotations to typescript, and to convert typescript sources to closure externs files

github.com/fivetran/typescript-closure-tools

fivetran/typescript-closure-tools

126 lines (114 loc) 4.76 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
// Copyright 2013 The Closure Library Authors. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS-IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. /** * @fileoverview Type-safe wrappers for unsafe DOM APIs. * * This file provides type-safe wrappers for DOM APIs that can result in * cross-site scripting (XSS) vulnerabilities, if the API is supplied with * untrusted (attacker-controlled) input. Instead of plain strings, the type * safe wrappers consume values of types from the goog.html package whose * contract promises that values are safe to use in the corresponding context. * * Hence, a program that exclusively uses the wrappers in this file (i.e., whose * only reference to security-sensitive raw DOM APIs are in this file) is * guaranteed to be free of XSS due to incorrect use of such DOM APIs (modulo * correctness of code that produces values of the respective goog.html types, * and absent code that violates type safety). * * For example, assigning to an element's .innerHTML property a string that is * derived (even partially) from untrusted input typically results in an XSS * vulnerability. The type-safe wrapper goog.html.setInnerHtml consumes a value * of type goog.html.SafeHtml, whose contract states that using its values in a * HTML context will not result in XSS. Hence a program that is free of direct * assignments to any element's innerHTML property (with the exception of the * assignment to .innerHTML in this file) is guaranteed to be free of XSS due to * assignment of untrusted strings to the innerHTML property. */ goog.provide('goog.dom.safe'); goog.require('goog.html.SafeHtml'); goog.require('goog.html.SafeUrl'); /** * Assigns known-safe HTML to an element's innerHTML property. * @param {!Element} elem The element whose innerHTML is to be assigned to. * @param {!goog.html.SafeHtml} html The known-safe HTML to assign. */ goog.dom.safe.setInnerHtml = function(elem, html) { elem.innerHTML = goog.html.SafeHtml.unwrap(html); }; /** * Writes known-safe HTML to a document. * @param {!Document} doc The document to be written to. * @param {!goog.html.SafeHtml} html The known-safe HTML to assign. */ goog.dom.safe.documentWrite = function(doc, html) { doc.write(goog.html.SafeHtml.unwrap(html)); }; /** * Safely assigns a URL to an anchor element's href property. * * If url is of type goog.html.SafeUrl, its value is unwrapped and assigned to * anchor's href property. If url is of type string however, it is first * sanitized using goog.html.SafeUrl.sanitize. * * Example usage: * goog.dom.safe.setAnchorHref(anchorEl, url); * which is a safe alternative to * anchorEl.href = url; * The latter can result in XSS vulnerabilities if url is a * user-/attacker-controlled value. * * @param {!HTMLAnchorElement} anchor The anchor element whose href property * is to be assigned to. * @param {string|!goog.html.SafeUrl} url The URL to assign. * @see goog.html.SafeUrl#sanitize */ goog.dom.safe.setAnchorHref = function(anchor, url) { /** @type {!goog.html.SafeUrl} */ var safeUrl; if (url instanceof goog.html.SafeUrl) { safeUrl = url; } else { safeUrl = goog.html.SafeUrl.sanitize(url); } anchor.href = goog.html.SafeUrl.unwrap(safeUrl); }; /** * Safely assigns a URL to a Location object's href property. * * If url is of type goog.html.SafeUrl, its value is unwrapped and assigned to * loc's href property. If url is of type string however, it is first sanitized * using goog.html.SafeUrl.sanitize. * * Example usage: * goog.dom.safe.setLocationHref(document.location, redirectUrl); * which is a safe alternative to * document.location.href = redirectUrl; * The latter can result in XSS vulnerabilities if redirectUrl is a * user-/attacker-controlled value. * * @param {!Location} loc The Location object whose href property is to be * assigned to. * @param {string|!goog.html.SafeUrl} url The URL to assign. * @see goog.html.SafeUrl#sanitize */ goog.dom.safe.setLocationHref = function(loc, url) { /** @type {!goog.html.SafeUrl} */ var safeUrl; if (url instanceof goog.html.SafeUrl) { safeUrl = url; } else { safeUrl = goog.html.SafeUrl.sanitize(url); } loc.href = goog.html.SafeUrl.unwrap(safeUrl); };