Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@applitools/ufg-client

Package Overview
Dependencies
Maintainers
36
Versions
99
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@applitools/ufg-client - npm Package Compare versions

Comparing version 1.2.5 to 1.2.6

23

dist/resources/process-resources.js

@@ -67,3 +67,3 @@ "use strict";

const dependencyUrls = utils.types.has(fetchedResource, 'value')
? await extractDependencyUrls({ resource: fetchedResource })
? await extractDependencyUrls({ resource: fetchedResource, settings })
: [];

@@ -125,18 +125,19 @@ logger === null || logger === void 0 ? void 0 : logger.log(`dependencyUrls for ${resource.url} --> ${dependencyUrls}`);

}
async function extractDependencyUrls({ resource }) {
async function extractDependencyUrls({ resource, settings, }) {
try {
let dependencyUrls = [];
if (/text\/css/.test(resource.contentType)) {
dependencyUrls = (0, extract_css_dependency_urls_1.extractCssDependencyUrls)(resource.value.toString());
dependencyUrls = (0, extract_css_dependency_urls_1.extractCssDependencyUrls)(resource.value.toString(), {
resourceUrl: resource.url,
pageUrl: settings === null || settings === void 0 ? void 0 : settings.referer,
});
}
else if (/image\/svg/.test(resource.contentType)) {
dependencyUrls = (0, extract_svg_dependency_urls_1.extractSvgDependencyUrls)(resource.value.toString());
dependencyUrls = (0, extract_svg_dependency_urls_1.extractSvgDependencyUrls)(resource.value.toString(), {
resourceUrl: resource.url,
pageUrl: settings === null || settings === void 0 ? void 0 : settings.referer,
});
}
return dependencyUrls.reduce((dependencyUrls, dependencyUrl) => {
dependencyUrl = utils.general.absolutizeUrl(dependencyUrl, resource.url);
// skip recursive dependency
if (dependencyUrl !== resource.url)
dependencyUrls.push(dependencyUrl);
return dependencyUrls;
}, []);
// avoid recursive dependencies
return dependencyUrls.filter(dependencyUrl => dependencyUrl !== resource.url);
}

@@ -143,0 +144,0 @@ catch (e) {

12

dist/server/req-ufg.js

@@ -65,8 +65,8 @@ "use strict";

},
beforeRetry({ request, attempt }) {
var _a, _b;
const [requestId] = (_b = (_a = request.headers.get('x-applitools-eyes-client-request-id')) === null || _a === void 0 ? void 0 : _a.split('#')) !== null && _b !== void 0 ? _b : [];
if (requestId) {
request.headers.set('x-applitools-eyes-client-request-id', `${requestId}#${attempt + 1}`);
}
beforeRetry({ request, attempt, error, response, options }) {
var _a;
const logger = (_a = options === null || options === void 0 ? void 0 : options.logger) !== null && _a !== void 0 ? _a : defaultLogger;
const requestId = request.headers.get('x-applitools-eyes-client-request-id');
logger === null || logger === void 0 ? void 0 : logger.log(`Request "${options === null || options === void 0 ? void 0 : options.name}" [${requestId}] that was sent to the address "[${request.method}]${request.url}" with body`, options === null || options === void 0 ? void 0 : options.body, `is going to retried due to ${error ? 'an error' : 'a response with status'}`, error !== null && error !== void 0 ? error : `${response.statusText}(${response.status})`);
request.headers.set('x-applitools-eyes-client-request-id', `${requestId.split('#', 1)[0]}#${attempt + 1}`);
},

@@ -73,0 +73,0 @@ async afterResponse({ request, response, options }) {

67

dist/utils/extract-css-dependency-urls.js

@@ -25,34 +25,55 @@ "use strict";

};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.extractCssDependencyUrls = void 0;
const csstree = __importStar(require("css-tree"));
const utils = __importStar(require("@applitools/utils"));
const postcss_value_parser_1 = __importDefault(require("postcss-value-parser"));
function extractCssDependencyUrls(css) {
const urls = [];
const parsedValue = new postcss_value_parser_1.default(css);
parsedValue.walk((node, index, nodes) => {
urls.push(...extractUrls(node, index, nodes));
function extractCssDependencyUrls(css, { resourceUrl, pageUrl }) {
const urls = new Set();
const ast = csstree.parse(css, {
parseRulePrelude: false,
parseAtrulePrelude: true,
parseCustomProperty: true,
parseValue: true,
});
return [...new Set(urls)].map(utils.general.toUriEncoding).map(utils.general.toUnAnchoredUri);
}
exports.extractCssDependencyUrls = extractCssDependencyUrls;
function extractUrls(node, index, nodes) {
var _a, _b;
if (node.type === 'function') {
if (node.value === 'url' && ((_a = node.nodes) === null || _a === void 0 ? void 0 : _a.length) == 1) {
return [node.nodes[0].value];
csstree.walk(ast, node => {
var _a;
if (node.type === 'Atrule' && node.name === 'import' && ((_a = node.prelude) === null || _a === void 0 ? void 0 : _a.type) === 'AtrulePrelude') {
return processImportPrelude(node.prelude, { baseUrl: resourceUrl });
}
if (node.value.includes('image-set') && node.nodes) {
return node.nodes.filter(n => n.type === 'string').map(n => n.value);
else if (node.type === 'Declaration' && node.property.startsWith('--')) {
return processCustomPropertyValue(node.value, { baseUrl: pageUrl !== null && pageUrl !== void 0 ? pageUrl : resourceUrl });
}
else {
return processCssNode(node, { baseUrl: resourceUrl });
}
});
return [...urls];
function processCssNode(node, { baseUrl }) {
if (node.type === 'Url') {
urls.add(sanitizeUrl(node.value, { baseUrl }));
return csstree.walk.skip;
}
else if (node.type === 'Function' && node.name.includes('image-set')) {
node.children.forEach(imageNode => {
if (imageNode.type === 'Url' || imageNode.type === 'String')
urls.add(sanitizeUrl(imageNode.value, { baseUrl }));
});
return csstree.walk.skip;
}
}
else if (node.type === 'word') {
if (node.value === '@import' && ((_b = nodes[index + 2]) === null || _b === void 0 ? void 0 : _b.type) === 'string') {
return [nodes[index + 2].value];
function processImportPrelude(node, { baseUrl }) {
var _a, _b;
if (((_a = node.children.first) === null || _a === void 0 ? void 0 : _a.type) === 'Url' || ((_b = node.children.first) === null || _b === void 0 ? void 0 : _b.type) === 'String') {
return urls.add(sanitizeUrl(node.children.first.value, { baseUrl }));
}
return csstree.walk.skip;
}
return [];
function processCustomPropertyValue(node, { baseUrl }) {
csstree.walk(node, node => processCssNode(node, { baseUrl }));
return csstree.walk.skip;
}
}
exports.extractCssDependencyUrls = extractCssDependencyUrls;
function sanitizeUrl(url, { baseUrl }) {
return utils.general.absolutizeUrl(utils.general.toUnAnchoredUri(utils.general.toUriEncoding(url)), baseUrl);
}

47

dist/utils/extract-svg-dependency-urls.js

@@ -31,36 +31,35 @@ "use strict";

const utils = __importStar(require("@applitools/utils"));
function extractSvgDependencyUrls(svg) {
const doc = parseDom(svg);
const srcsetUrls = Array.from(doc.querySelectorAll('img[srcset]')).flatMap(element => {
function extractSvgDependencyUrls(svg, { resourceUrl, pageUrl }) {
const urls = new Set();
const doc = typeof DOMParser === 'function'
? new DOMParser().parseFromString(svg, 'image/svg+xml')
: new jsdom_1.JSDOM(svg).window.document;
Array.from(doc.querySelectorAll('img[srcset]')).forEach(element => {
const sources = element.getAttribute('srcset').split(', ');
return sources.map(source => source.trim().split(/\s+/, 1)[0]);
sources.forEach(source => urls.add(sanitizeUrl(source.trim().split(/\s+/, 1)[0], { baseUrl: resourceUrl })));
});
const srcUrls = Array.from(doc.querySelectorAll('img[src]')).map(element => {
return element.getAttribute('src');
Array.from(doc.querySelectorAll('img[src]')).forEach(element => {
urls.add(sanitizeUrl(element.getAttribute('src'), { baseUrl: resourceUrl }));
});
const fromHref = Array.from(doc.querySelectorAll('image,use,link[rel="stylesheet"]')).map(element => {
return (element.getAttribute('href') || element.getAttribute('xlink:href'));
Array.from(doc.querySelectorAll('image,use,link[rel="stylesheet"]')).forEach(element => {
urls.add(sanitizeUrl(element.getAttribute('href') || element.getAttribute('xlink:href'), { baseUrl: resourceUrl }));
});
const fromObjects = Array.from(doc.getElementsByTagName('object')).map(element => {
return element.getAttribute('data');
Array.from(doc.getElementsByTagName('object')).forEach(element => {
urls.add(sanitizeUrl(element.getAttribute('data'), { baseUrl: resourceUrl }));
});
const fromStyleTags = Array.from(doc.querySelectorAll('style')).flatMap(element => {
return element.textContent ? (0, extract_css_dependency_urls_1.extractCssDependencyUrls)(element.textContent) : [];
Array.from(doc.querySelectorAll('style')).forEach(element => {
const cssUrls = element.textContent ? (0, extract_css_dependency_urls_1.extractCssDependencyUrls)(element.textContent, { resourceUrl, pageUrl }) : [];
cssUrls.forEach(url => urls.add(url));
});
const fromStyleAttrs = Array.from(doc.querySelectorAll('*[style]')).flatMap(element => {
Array.from(doc.querySelectorAll('*[style]')).forEach(element => {
const matches = element.style.cssText.matchAll(/url\((?!['"]?:)['"]?([^'")]*)['"]?\)/g);
return Array.from(matches).flatMap(match => { var _a; return (_a = match[1]) !== null && _a !== void 0 ? _a : []; });
Array.from(matches).forEach(([, url]) => urls.add(sanitizeUrl(url, { baseUrl: resourceUrl })));
});
return [...srcsetUrls, ...srcUrls, ...fromHref, ...fromObjects, ...fromStyleTags, ...fromStyleAttrs]
.filter(url => !url.startsWith('#'))
.map(utils.general.toUnAnchoredUri);
return [...urls];
}
exports.extractSvgDependencyUrls = extractSvgDependencyUrls;
function parseDom(svg) {
if (typeof DOMParser !== 'function') {
return new jsdom_1.JSDOM(svg).window.document;
}
else {
return new DOMParser().parseFromString(svg, 'image/svg+xml');
}
function sanitizeUrl(url, { baseUrl }) {
if (url.startsWith('#'))
return baseUrl;
return utils.general.absolutizeUrl(utils.general.toUnAnchoredUri(url), baseUrl);
}

5

package.json
{
"name": "@applitools/ufg-client",
"version": "1.2.5",
"version": "1.2.6",
"homepage": "https://applitools.com",

@@ -54,3 +54,3 @@ "bugs": {

"abort-controller": "3.0.0",
"postcss-value-parser": "4.2.0",
"css-tree": "2.3.1",
"throat": "6.0.1"

@@ -62,2 +62,3 @@ },

"@applitools/test-utils": "^1.5.15",
"@types/css-tree": "^2.3.1",
"@types/node": "^12.20.55",

@@ -64,0 +65,0 @@ "nock": "^13.2.8"

5

types/utils/extract-css-dependency-urls.d.ts

@@ -1,1 +0,4 @@

export declare function extractCssDependencyUrls(css: string): string[];
export declare function extractCssDependencyUrls(css: string, { resourceUrl, pageUrl }: {
resourceUrl: string;
pageUrl?: string;
}): string[];

5

types/utils/extract-svg-dependency-urls.d.ts

@@ -1,1 +0,4 @@

export declare function extractSvgDependencyUrls(svg: string): string[];
export declare function extractSvgDependencyUrls(svg: string, { resourceUrl, pageUrl }: {
resourceUrl: string;
pageUrl?: string;
}): string[];
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc