[Libreoffice-commits] online.git: loleaflet/.eslintignore loleaflet/js loleaflet/Makefile.am loleaflet/package.json loleaflet/README
Henry Castro (via logerrit)
logerrit at kemper.freedesktop.org
Thu Feb 20 12:21:02 UTC 2020
loleaflet/.eslintignore | 1
loleaflet/Makefile.am | 7 +++---
loleaflet/README | 3 ++
loleaflet/js/sanitize-url.js | 45 +++++++++++++++++++++++++++++++++++++++++++
loleaflet/package.json | 3 --
5 files changed, 53 insertions(+), 6 deletions(-)
New commits:
commit 5cc7ba2d77361d8c963576e1ef6d97f8eb0ead86
Author: Henry Castro <hcastro at collabora.com>
AuthorDate: Wed Feb 19 15:08:17 2020 -0400
Commit: Henry Castro <hcastro at collabora.com>
CommitDate: Thu Feb 20 13:20:44 2020 +0100
loleaflet: import sanitize-url.js library
The file was imported from node_modules/@braintree/sanitize-url/index.js
the main reason is to analyze the source code, debug and patch
if necessary
To obtain the source code from npm repository
make libs
To bundle the file sanitize-url.js
browserify braintree-sanitize-url/index.js --standalone sanitizeUrl > sanitize-url.js
Change-Id: I7869a1349648ae1f8f2194859ebb398b1a73733e
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89055
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice at gmail.com>
Reviewed-by: Henry Castro <hcastro at collabora.com>
diff --git a/loleaflet/.eslintignore b/loleaflet/.eslintignore
index 4d6c90ac9..04f898987 100644
--- a/loleaflet/.eslintignore
+++ b/loleaflet/.eslintignore
@@ -1,4 +1,5 @@
# We only directly edit toolbar.js in dist/
+**/js/sanitize-url.js
**/js/l10n.js
**/js/w2ui-1.5.rc1.js
**/src/unocommands.js
diff --git a/loleaflet/Makefile.am b/loleaflet/Makefile.am
index e52c2288a..8eee500ab 100644
--- a/loleaflet/Makefile.am
+++ b/loleaflet/Makefile.am
@@ -72,6 +72,7 @@ define npm_source
endef
NODE_MODULES_SRC =\
+ @braintree/sanitize-url at 3.0.0 \
l10n-for-node at 0.0.1
LOLEAFLET_CSS =\
@@ -122,10 +123,10 @@ NODE_MODULES_JS =\
node_modules/autolinker/dist/Autolinker.js \
node_modules/json-js/json2.js \
node_modules/select2/dist/js/select2.js \
- node_modules/vex-js/dist/js/vex.combined.js \
- node_modules/@braintree/sanitize-url/dist.js
+ node_modules/vex-js/dist/js/vex.combined.js
-LOLEAFLET_LIBS_JS =
+LOLEAFLET_LIBS_JS =\
+ sanitize-url.js
if !ENABLE_MOBILEAPP
LOLEAFLET_LIBS_JS +=\
diff --git a/loleaflet/README b/loleaflet/README
index d9a3dbddc..0ac0571df 100644
--- a/loleaflet/README
+++ b/loleaflet/README
@@ -41,6 +41,9 @@ in node_modules/.bin/shrinkpack, so you can use the binary from there.
If you need to get the sources:
make libs
+To bundle the file sanitize-url.js
+ browserify braintree-sanitize-url/index.js --standalone sanitizeUrl > sanitize-url.js
+
Building
--------
diff --git a/loleaflet/js/sanitize-url.js b/loleaflet/js/sanitize-url.js
new file mode 100644
index 000000000..ee8975589
--- /dev/null
+++ b/loleaflet/js/sanitize-url.js
@@ -0,0 +1,45 @@
+(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.sanitizeUrl = f()}})(function(){var define,module,exports;return (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){
+'use strict';
+
+var invalidPrototcolRegex = /^(%20|\s)*(javascript|data)/im;
+var ctrlCharactersRegex = /[^\x20-\x7E]/gmi;
+var urlSchemeRegex = /^([^:]+):/gm;
+var relativeFirstCharacters = ['.', '/']
+
+function isRelativeUrl(url) {
+ return relativeFirstCharacters.indexOf(url[0]) > -1;
+}
+
+function sanitizeUrl(url) {
+ if (!url) {
+ return 'about:blank';
+ }
+
+ var urlScheme, urlSchemeParseResults;
+ var sanitizedUrl = url.replace(ctrlCharactersRegex, '');
+
+ if (isRelativeUrl(sanitizedUrl)) {
+ return sanitizedUrl;
+ }
+
+ urlSchemeParseResults = sanitizedUrl.match(urlSchemeRegex);
+
+ if (!urlSchemeParseResults) {
+ return 'about:blank';
+ }
+
+ urlScheme = urlSchemeParseResults[0];
+
+ if (invalidPrototcolRegex.test(urlScheme)) {
+ return 'about:blank';
+ }
+
+ return sanitizedUrl;
+}
+
+module.exports = {
+ sanitizeUrl: sanitizeUrl
+};
+
+},{}]},{},[1])(1)
+});
diff --git a/loleaflet/package.json b/loleaflet/package.json
index 420c8bd8f..a52a754fc 100644
--- a/loleaflet/package.json
+++ b/loleaflet/package.json
@@ -36,8 +36,5 @@
"libreoffice",
"lool"
],
- "scripts": {
- "postinstall": "browserify node_modules/@braintree/sanitize-url/index.js --standalone sanitizeUrl > node_modules/@braintree/sanitize-url/dist.js"
- },
"license": "BSD-2-Clause"
}
More information about the Libreoffice-commits
mailing list