New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@aegisjsproject/sanitizer
Advanced tools
@aegisjsproject/sanitizer - npm Package Compare versions
Comparing version 0.0.7 to 0.0.8
@@ -9,2 +9,10 @@ # Changelog | ||
| ## [v0.0.8] - 2024-04-01 | ||
| ### Added | ||
| - Add `@aegisjsproject/trusted-types` as dev dependency | ||
| ### Fixed | ||
| - Fix indexing issue iterating over child nodes and attributes | ||
| ## [v0.0.7] - 2024-03-28 | ||
@@ -11,0 +19,0 @@ |
| { | ||
| "name": "@aegisjsproject/sanitizer", | ||
| "version": "0.0.7", | ||
| "version": "0.0.8", | ||
| "description": "A polyfill for the Sanitizer API with various sanitizer configs", | ||
@@ -92,2 +92,3 @@ "keywords": [ | ||
| "devDependencies": { | ||
| "@aegisjsproject/trusted-types": "^1.0.1", | ||
| "@rollup/plugin-node-resolve": "^15.2.3", | ||
@@ -94,0 +95,0 @@ "@rollup/plugin-terser": "^0.4.4", |
| !function(){"use strict"; | ||
| /** | ||
| * @copyright 2023 Chris Zuber <admin@kernvalley.us> | ||
| */const e="http://www.w3.org/1999/xhtml",t=new Set(("HTMLElement"in globalThis?Object.keys(HTMLElement.prototype):[]).filter((e=>e.startsWith("on"))));function a(t,a=e){if("string"==typeof t)return Object.freeze({name:t,namespace:a});if("object"==typeof t&&"string"==typeof t.name){const{name:e,namespace:r=a,attributes:n}=t;return Object.freeze({name:e,namespace:"string"==typeof r&&0!==r.length?r:a,attributes:n})}throw new TypeError("Invalid config entry for `elements`.")}function r({elements:t,allowElements:n},o=e){if(Array.isArray(n))return console.warn("Use of `allowElements` is deprecated. Please use `elements` instead."),r({elements:n},o);if(Array.isArray(t))return t.map((e=>a(e,o)));throw new TypeError("`elements` expected to be an array.")}function n(e,t=""){if("string"==typeof e)return Object.freeze({name:e,namespace:t});if("object"==typeof e&&"string"==typeof e.name){const{name:a,namespace:r=t,elements:n}=e;return Object.freeze({name:a,namespace:"string"==typeof r?r:t,elements:n})}throw new TypeError("Invalid entry in `attributes` config.")}function o({attributes:e,allowAttributes:t},a=""){if(void 0!==t)return console.warn("Use of `allowAttributes` is deprecated. Please use `attributes` instead."),o({attributes:t},a);if(Array.isArray(e))return e.map((e=>n(e,a)));if("object"==typeof e&&null!==e)return console.warn("`attributes` should be an array, not an oobject."),o({attributes:Object.entries(e).map((([e,t])=>({name:e,elements:t})))},a);throw new TypeError("`attributes` expected to be an array.")}function i({comments:e,allowComments:t}){return"boolean"==typeof e?e:"boolean"==typeof t&&(console.warn("Use of `allowComments` is deprecated. Please use `comments` instead."),t)}function s({attributes:e,allowAttributes:t},a){return Object.freeze(Object.groupBy(o({attributes:e,allowAttributes:t},a),(({namespace:e})=>e)))}function c({elements:t,allowElements:a},n=e){return Object.freeze(Object.groupBy(r({elements:t,allowElements:a},n),(({namespace:e})=>e)))}const l=Object.freeze(["accesskey","autocapitalize","autofocus","class","contenteditable","dir","draggable","enterkeyhint","exportparts","hidden","id","inert","inputmode","itemid","itemprop","itemref","itemscope","itemtype","lang","part","popover","slot","spellcheck","tabindex","title","translate","virtualkeyboardpolicy","aria-keyshortcuts","aria-activedescendant","aria-atomic","aria-autocomplete","aria-braillelabel","aria-brailleroledescription","aria-busy","aria-checked","aria-colcount","aria-colindex","aria-colindextext","aria-colspan","aria-controls","aria-current","aria-describedby","aria-description","aria-details","aria-disabled","aria-dropeffect","aria-errormessage","aria-expanded","aria-flowto","aria-grabbed","aria-haspopup","aria-hidden","aria-invalid","aria-keyshortcuts","aria-label","aria-labelledby","aria-level","aria-live","aria-modal","aria-multiline","aria-multiselectable","aria-orientation","aria-owns","aria-placeholder","aria-posinset","aria-pressed","aria-readonly","aria-relevant","aria-required","aria-roledescription","aria-rowcount","aria-rowindex","aria-rowindextext","aria-rowspan","aria-selected","aria-setsize","aria-sort","aria-valuemax","aria-valuemin","aria-valuenow","aria-valuetext"].map((e=>n(e,"")))),m=!1,u=Object.freeze(["html","head","link","meta","body","address","article","aside","footer","header","h1","h2","h3","h4","h5","h6","hgroup","main","nav","section","search","blockquote","cite","div","dd","dt","dl","figcaption","figure","hr","li","ol","ul","menu","p","pre","a","abbr","b","bdi","bdo","br","code","data","dfn","em","i","kbd","mark","q","rp","ruby","rt","s","del","ins","samp","small","span","strong","sub","sup","time","u","var","wbr","area","audio","img","map","track","video","picture","source","canvas","caption","col","colgroup","table","tbody","tr","td","tfoot","th","thead","button","datalist","option","fieldset","label","form","input","legend","meter","optgroup","select","output","progress","textarea","details","summary","dialog","slot","template","dir","strike","selectmenu","center"].map((t=>a(t,e)))),p=Object.freeze(["abbr","accept","accept-charset","align","alink","allow","allowfullscreen","alt","anchor","archive","as","async","autocomplete","autocorrect","autopictureinpicture","autoplay","axis","background","behavior","border","bordercolor","capture","cellpadding","cellspacing","challenge","char","charoff","charset","checked","cite","classid","clear","code","codetype","color","cols","colspan","compact","content","controls","controlslist","conversiondestination","coords","crossorigin","csp","data","datetime","declare","decoding","default","defer","direction","dirname","disabled","disablepictureinpicture","disableremoteplayback","disallowdocumentaccess","download","elementtiming","enctype","end","for","form","formenctype","formmethod","formnovalidate","formtarget","frameborder","headers","height","high","href","hreflang","hreftranslate","hspace","imagesizes","imagesrcset","importance","impressiondata","impressionexpiry","incremental","integrity","invisible","invoketarget","invokeaction","is","ismap","keytype","kind","label","language","latencyhint","leftmargin","link","list","loading","longdesc","loop","low","lowsrc","manifest","marginheight","marginwidth","max","maxlength","mayscript","media","method","min","minlength","multiple","muted","name","nohref","nomodule","noresize","noshade","novalidate","nowrap","object","open","optimum","pattern","ping","placeholder","playsinline","policy","popovertarget","popovertargetaction","poster","preload","pseudo","readonly","referrerpolicy","rel","reportingorigin","required","resources","rev","reversed","role","rows","rowspan","rules","sandbox","scheme","scope","scopes","scrollamount","scrolldelay","scrolling","select","selected","shadowrootmode","shadowrootdelegatesfocus","shape","size","sizes","span","src","srcdoc","srclang","srcset","standby","start","step","summary","target","text","topmargin","truespeed","trusttoken","type","usemap","valign","value","valuetype","version","vlink","vspace","webkitdirectory","width","wrap"].map((e=>n(e))).concat(l)),d=Object.freeze({comments:m,elements:u,attributes:p}),f=new Set(["href","src","action"]),b=new Set(["javascript:","about:","data:","file:","ftp:"]); | ||
| */const e="http://www.w3.org/1999/xhtml",t=new Set(("HTMLElement"in globalThis?Object.keys(HTMLElement.prototype):[]).filter((e=>e.startsWith("on"))));function a(t,a=e){if("string"==typeof t)return Object.freeze({name:t,namespace:a});if("object"==typeof t&&"string"==typeof t.name){const{name:e,namespace:r=a,attributes:n}=t;return Object.freeze({name:e,namespace:"string"==typeof r&&0!==r.length?r:a,attributes:n})}throw new TypeError("Invalid config entry for `elements`.")}function r({elements:t,allowElements:n},o=e){if(Array.isArray(n))return console.warn("Use of `allowElements` is deprecated. Please use `elements` instead."),r({elements:n},o);if(Array.isArray(t))return t.map((e=>a(e,o)));throw new TypeError("`elements` expected to be an array.")}function n(e,t=""){if("string"==typeof e)return Object.freeze({name:e,namespace:t});if("object"==typeof e&&"string"==typeof e.name){const{name:a,namespace:r=t,elements:n}=e;return Object.freeze({name:a,namespace:"string"==typeof r?r:t,elements:n})}throw new TypeError("Invalid entry in `attributes` config.")}function o({attributes:e,allowAttributes:t},a=""){if(void 0!==t)return console.warn("Use of `allowAttributes` is deprecated. Please use `attributes` instead."),o({attributes:t},a);if(Array.isArray(e))return e.map((e=>n(e,a)));if("object"==typeof e&&null!==e)return console.warn("`attributes` should be an array, not an oobject."),o({attributes:Object.entries(e).map((([e,t])=>({name:e,elements:t})))},a);throw new TypeError("`attributes` expected to be an array.")}function i({comments:e,allowComments:t}){return"boolean"==typeof e?e:"boolean"==typeof t&&(console.warn("Use of `allowComments` is deprecated. Please use `comments` instead."),t)}function s({attributes:e,allowAttributes:t},a){return Object.freeze(Object.groupBy(o({attributes:e,allowAttributes:t},a),(({namespace:e})=>e)))}function c({elements:t,allowElements:a},n=e){return Object.freeze(Object.groupBy(r({elements:t,allowElements:a},n),(({namespace:e})=>e)))}const l=Object.freeze(["accesskey","autocapitalize","autofocus","class","contenteditable","dir","draggable","enterkeyhint","exportparts","hidden","id","inert","inputmode","itemid","itemprop","itemref","itemscope","itemtype","lang","part","popover","slot","spellcheck","tabindex","title","translate","virtualkeyboardpolicy","aria-keyshortcuts","aria-activedescendant","aria-atomic","aria-autocomplete","aria-braillelabel","aria-brailleroledescription","aria-busy","aria-checked","aria-colcount","aria-colindex","aria-colindextext","aria-colspan","aria-controls","aria-current","aria-describedby","aria-description","aria-details","aria-disabled","aria-dropeffect","aria-errormessage","aria-expanded","aria-flowto","aria-grabbed","aria-haspopup","aria-hidden","aria-invalid","aria-keyshortcuts","aria-label","aria-labelledby","aria-level","aria-live","aria-modal","aria-multiline","aria-multiselectable","aria-orientation","aria-owns","aria-placeholder","aria-posinset","aria-pressed","aria-readonly","aria-relevant","aria-required","aria-roledescription","aria-rowcount","aria-rowindex","aria-rowindextext","aria-rowspan","aria-selected","aria-setsize","aria-sort","aria-valuemax","aria-valuemin","aria-valuenow","aria-valuetext"].map((e=>n(e,"")))),m=!1,u=Object.freeze(["html","head","link","meta","body","address","article","aside","footer","header","h1","h2","h3","h4","h5","h6","hgroup","main","nav","section","search","blockquote","cite","div","dd","dt","dl","figcaption","figure","hr","li","ol","ul","menu","p","pre","a","abbr","b","bdi","bdo","br","code","data","dfn","em","i","kbd","mark","q","rp","ruby","rt","s","del","ins","samp","small","span","strong","sub","sup","time","u","var","wbr","area","audio","img","map","track","video","picture","source","canvas","caption","col","colgroup","table","tbody","tr","td","tfoot","th","thead","button","datalist","option","fieldset","label","form","input","legend","meter","optgroup","select","output","progress","textarea","details","summary","dialog","slot","template","dir","strike","selectmenu","center"].map((t=>a(t,e)))),d=Object.freeze(["abbr","accept","accept-charset","align","alink","allow","allowfullscreen","alt","anchor","archive","as","async","autocomplete","autocorrect","autopictureinpicture","autoplay","axis","background","behavior","border","bordercolor","capture","cellpadding","cellspacing","challenge","char","charoff","charset","checked","cite","classid","clear","code","codetype","color","cols","colspan","compact","content","controls","controlslist","conversiondestination","coords","crossorigin","csp","data","datetime","declare","decoding","default","defer","direction","dirname","disabled","disablepictureinpicture","disableremoteplayback","disallowdocumentaccess","download","elementtiming","enctype","end","for","form","formenctype","formmethod","formnovalidate","formtarget","frameborder","headers","height","high","href","hreflang","hreftranslate","hspace","imagesizes","imagesrcset","importance","impressiondata","impressionexpiry","incremental","integrity","invisible","invoketarget","invokeaction","is","ismap","keytype","kind","label","language","latencyhint","leftmargin","link","list","loading","longdesc","loop","low","lowsrc","manifest","marginheight","marginwidth","max","maxlength","mayscript","media","method","min","minlength","multiple","muted","name","nohref","nomodule","noresize","noshade","novalidate","nowrap","object","open","optimum","pattern","ping","placeholder","playsinline","policy","popovertarget","popovertargetaction","poster","preload","pseudo","readonly","referrerpolicy","rel","reportingorigin","required","resources","rev","reversed","role","rows","rowspan","rules","sandbox","scheme","scope","scopes","scrollamount","scrolldelay","scrolling","select","selected","shadowrootmode","shadowrootdelegatesfocus","shape","size","sizes","span","src","srcdoc","srclang","srcset","standby","start","step","summary","target","text","topmargin","truespeed","trusttoken","type","usemap","valign","value","valuetype","version","vlink","vspace","webkitdirectory","width","wrap"].map((e=>n(e))).concat(l)),p=Object.freeze({comments:m,elements:u,attributes:d}),f=new Set(["href","src","action"]),b=new Set(["javascript:","data:","file:","ftp:"]); | ||
| /** | ||
| * @copyright 2023-2024 Chris Zuber <admin@kernvalley.us> | ||
| * @see https://wicg.github.io/sanitizer-api/#default-configuration-dictionary | ||
| */"location"in globalThis&&"https:"===location.protocol&&b.add("http:");const h=function(e,{createHTML:t,createScript:a,createScriptURL:r}){return"trustedTypes"in globalThis?globalThis.trustedTypes.createPolicy(e,{createHTML:t,createScript:a,createScriptURL:r}):Object.freeze({[Symbol.for("policy-name")]:e,createHTML:t instanceof Function?(e,...a)=>t(e.toString(),...a).toString():null,createScript:a instanceof Function?(e,...t)=>a(e.toString(),...t).toString():null,createScriptURL:r instanceof Function?(e,...t)=>r(e.toString(),...t).toString():null})}("aegis-sanitizer#html",{createHTML:e=>e});function g(t,a=d){if(t instanceof Node){const r=function(t,{elementNS:a=e,attributeNS:r=""}={}){if("object"!=typeof t||null===t)throw new TypeError("Sanitizer config must be an object.");if(t.getConfiguration instanceof Function){console.warn("`Sanitzer` objects are deprecated and will be removed.");const{allowElements:e,allowAttributes:n,allowComments:o}=t.getConfiguration();return Object.freeze({elements:c({elements:e},a),attributes:s({attributes:n},r),comments:o})}return Object.freeze({elements:c(t,a),attributes:s(t,r),comments:i(t)})}(a);return w(t,r)}throw new TypeError("Not a node.")}function y(e,a){return e.name.startsWith("data-")||(e.namespaceURI??"")in a.attributes&&a.attributes[e.namespaceURI??""].some((t=>t.name===e.localName))&&!t.has(e.localName)&&!function(e){if(f.has(e.localName)){if(URL.canParse(e.value)){const{protocol:t}=new URL(e.value);return b.has(t)}return!1}return!1}(e)}function w(e,t){switch(e.nodeType){case Node.ELEMENT_NODE:!function(e,t){!function(e,t){return e.namespaceURI in t.elements&&t.elements[e.namespaceURI].some((t=>t.name===e.localName))}(e,t)?e.remove():([...e.attributes].forEach((e=>E(e,t))),"TEMPLATE"===e.tagName?v(e.content,t):e.hasChildNodes()&&e.childNodes.forEach((e=>w(e,t))))}(e,t);break;case Node.DOCUMENT_NODE:case Node.DOCUMENT_FRAGMENT_NODE:v(e,t);break;case Node.COMMENT_NODE:!function(e,t){t.comments||e.remove()}(e,t);break;case Node.ATTRIBUTE_NODE:E(e,t);break;case Node.TEXT_NODE:case Node.DOCUMENT_TYPE_NODE:break;default:e.ownerElement instanceof Element&&e.ownerElement.removeChild(e)}}function E(e,t){!y(e,t)&&e.ownerElement instanceof Element&&e.ownerElement.removeAttributeNode(e)}function v(e,t){e.childNodes.forEach((e=>w(e,t)))}URL.canParse instanceof Function||(URL.canParse=function(e,t){try{return new URL(e,t),!0}catch{return!1}}),Object.groupBy instanceof Function||(Object.groupBy=function(e,t){return Object.fromEntries(e.map((e=>[t(e),e])))}),Element.prototype.setHTML instanceof Function||(Element.prototype.setHTML=function(e,{sanitizer:{elements:t=u,attributes:a=p,comments:r=false}=d}={}){!function(e,t,{sanitizer:a=d}={}){const r=document.createElement("template");r.innerHTML=h.createHTML(t),g(r.content,a),e.replaceChildren(r.content)}(this,e,{sanitizer:{elements:t,attributes:a,comments:r}})}),Document.parseHTML instanceof Function||(Document.parseHTML=function(e,{sanitizer:{elements:t=u,attributes:a=p,comments:r=false}=d}={}){return function(e,{sanitizer:t=d}={}){const a=(new DOMParser).parseFromString(h.createHTML(e),"text/html");return g(a,t),a}(e,{sanitizer:{elements:t,attributes:a,comments:r}})})}(); | ||
| */const h=function(e,{createHTML:t,createScript:a,createScriptURL:r}){return"trustedTypes"in globalThis?globalThis.trustedTypes.createPolicy(e,{createHTML:t,createScript:a,createScriptURL:r}):Object.freeze({[Symbol.for("policy-name")]:e,createHTML:t instanceof Function?(e,...a)=>t(e.toString(),...a).toString():null,createScript:a instanceof Function?(e,...t)=>a(e.toString(),...t).toString():null,createScriptURL:r instanceof Function?(e,...t)=>r(e.toString(),...t).toString():null})}("aegis-sanitizer#html",{createHTML:e=>e});function g(t,a=p){if(t instanceof Node){const r=function(t,{elementNS:a=e,attributeNS:r=""}={}){if("object"!=typeof t||null===t)throw new TypeError("Sanitizer config must be an object.");if(t.getConfiguration instanceof Function){console.warn("`Sanitzer` objects are deprecated and will be removed.");const{allowElements:e,allowAttributes:n,allowComments:o}=t.getConfiguration();return Object.freeze({elements:c({elements:e},a),attributes:s({attributes:n},r),comments:o})}return Object.freeze({elements:c(t,a),attributes:s(t,r),comments:i(t)})}(a);return w(t,r)}throw new TypeError("Not a node.")}function y(e,a){const r=e.namespaceURI||"";return e.name.startsWith("data-")||r in a.attributes&&a.attributes[r].some((t=>t.name===e.localName))&&!t.has(e.localName)&&!function(e){if(f.has(e.localName)){if(URL.canParse(e.value)){const{protocol:t}=new URL(e.value);return b.has(t)}return!1}return!1}(e)}function w(e,t){switch(e.nodeType){case Node.ELEMENT_NODE:!function(e,t){if(function(e,t){return e.namespaceURI in t.elements&&t.elements[e.namespaceURI].some((t=>t.name===e.localName))}(e,t)){if(e.hasAttributes()){const a=e.attributes;for(let e=a.length-1;-1!==e;e--)v(a[e],t)}if("TEMPLATE"===e.tagName)E(e.content,t);else if(e.hasChildNodes()){const a=e.childNodes;for(let e=a.length-1;-1!==e;e--)w(a[e],t)}}else e.remove()}(e,t);break;case Node.DOCUMENT_NODE:case Node.DOCUMENT_FRAGMENT_NODE:E(e,t);break;case Node.COMMENT_NODE:!function(e,t){t.comments||e.remove()}(e,t);break;case Node.ATTRIBUTE_NODE:v(e,t);break;case Node.TEXT_NODE:case Node.DOCUMENT_TYPE_NODE:break;default:e.ownerElement instanceof Element&&e.ownerElement.removeChild(e)}}function v(e,t){!y(e,t)&&e.ownerElement instanceof Element&&e.ownerElement.removeAttributeNode(e)}function E(e,t){if(e.hasChildNodes()){const a=e.childNodes;for(let e=a.length-1;-1!==e;e--)w(a[e],t)}}URL.canParse instanceof Function||(URL.canParse=function(e,t){try{return new URL(e,t),!0}catch{return!1}}),Object.groupBy instanceof Function||(Object.groupBy=function(e,t){return Object.fromEntries(e.map((e=>[t(e),e])))}),Element.prototype.setHTML instanceof Function||(Element.prototype.setHTML=function(e,{sanitizer:{elements:t=u,attributes:a=d,comments:r=false}=p}={}){!function(e,t,{sanitizer:a=p}={}){const r=document.createElement("template");r.innerHTML=h.createHTML(t),g(r.content,a),e.replaceChildren(r.content)}(this,e,{sanitizer:{elements:t,attributes:a,comments:r}})}),Document.parseHTML instanceof Function||(Document.parseHTML=function(e,{sanitizer:{elements:t=u,attributes:a=d,comments:r=false}=p}={}){return function(e,{sanitizer:t=p}={}){const a=(new DOMParser).parseFromString(h.createHTML(e),"text/html");return g(a,t),a}(e,{sanitizer:{elements:t,attributes:a,comments:r}})})}(); | ||
| //# sourceMappingURL=polyfill.min.js.map |
@@ -5,8 +5,4 @@ import { sanitizer as sanitizerConfig } from '@aegisjsproject/sanitizer/config/html.js'; | ||
| const LINK_ATTRS = new Set(['href', 'src' , 'action']); | ||
| const ILLEGAL_PROTOCOLS = new Set(['javascript:', 'about:', 'data:', 'file:', 'ftp:']); | ||
| const ILLEGAL_PROTOCOLS = new Set(['javascript:', 'data:', 'file:', 'ftp:']); | ||
| if ('location' in globalThis && location.protocol === 'https:') { | ||
| ILLEGAL_PROTOCOLS.add('http:'); | ||
| } | ||
| function createPolicy(name, { createHTML, createScript, createScriptURL }) { | ||
@@ -72,5 +68,7 @@ if ('trustedTypes' in globalThis) { | ||
| function isAllowedAttr(attr, config) { | ||
| const ns = attr.namespaceURI || ''; | ||
| return attr.name.startsWith('data-') || ( | ||
| (attr.namespaceURI ?? '') in config.attributes | ||
| && config.attributes[attr.namespaceURI ?? ''].some(opt => opt.name === attr.localName) | ||
| ns in config.attributes | ||
| && config.attributes[ns].some(opt => opt.name === attr.localName) | ||
| && ! EVENT_ATTRS.has(attr.localName) | ||
@@ -115,8 +113,18 @@ && ! isIllegalURLAttr(attr) | ||
| } else { | ||
| [...el.attributes].forEach(attr => sanitizeAttr(attr, config)); | ||
| if (el.hasAttributes()) { | ||
| const attrs = el.attributes; | ||
| for (let i = attrs.length - 1; i !== -1; i--) { | ||
| sanitizeAttr(attrs[i], config); | ||
| } | ||
| } | ||
| if (el.tagName === 'TEMPLATE') { | ||
| sanitizeFragOrDoc(el.content, config); | ||
| } else if (el.hasChildNodes()) { | ||
| el.childNodes.forEach(node => sanitizeNode(node, config)); | ||
| const childNodes = el.childNodes; | ||
| for (let i = childNodes.length - 1; i !== -1; i--) { | ||
| sanitizeNode(childNodes[i], config); | ||
| } | ||
| } | ||
@@ -133,3 +141,9 @@ } | ||
| function sanitizeFragOrDoc(node, config) { | ||
| node.childNodes.forEach(child => sanitizeNode(child, config)); | ||
| if (node.hasChildNodes()) { | ||
| const childNodes = node.childNodes; | ||
| for (let i = childNodes.length - 1; i !== -1; i--) { | ||
| sanitizeNode(childNodes[i], config); | ||
| } | ||
| } | ||
| } | ||
@@ -142,2 +156,1 @@ | ||
| } | ||
@@ -1,4 +0,17 @@ | ||
| import '@aegisjsproject/sanitizer/polyfill.min.js'; | ||
| import '@aegisjsproject/trusted-types'; | ||
| import '@aegisjsproject/sanitizer'; | ||
| import { sanitizer } from '@aegisjsproject/sanitizer/config/complete.min.js'; | ||
| trustedTypes.createPolicy('default', { | ||
| createHTML(input, { | ||
| elements = sanitizer.elements, | ||
| attributes = sanitizer.attributes, | ||
| comments = sanitizer.comments, | ||
| } = sanitizer) { | ||
| const el = document.createElement('div'); | ||
| el.setHTML(input, { sanitizer: { elements, attributes, comments }}); | ||
| return el.innerHTML; | ||
| } | ||
| }); | ||
| const file = new File(['Thanks for downloading my file :)'], 'thanks.txt', { type: 'text/plain' }); | ||
@@ -23,3 +36,3 @@ | ||
| document.body.setHTML(` | ||
| document.body.innerHTML = ` | ||
| <style> | ||
@@ -87,4 +100,4 @@ h1::after { | ||
| </template> | ||
| `, { sanitizer }); | ||
| `; | ||
| document.getElementById('main').append(document.getElementById('tmp').content); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.64%
244715
- Lines of code
- increased by1.95%
2298
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Dev dependency count
- increased by20%
6
No dependency changes