New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@locker/html-sanitizer
Advanced tools
@locker/html-sanitizer - npm Package Compare versions
Comparing version 0.19.6 to 0.19.7
@@ -30,7 +30,3 @@ import { SandboxKey } from '@locker/shared'; | ||
| declare function blobSanitizer(sandboxKey: SandboxKey): ReturnType<typeof getSanitizerForConfig>; | ||
| declare function svgSanitizer(): ReturnType<typeof getSanitizerForConfig>; | ||
| declare function sanitize(dirty: string, sandboxKey: SandboxKey): string; | ||
| declare function sanitizeDocument(doc: Document, sandboxKey: SandboxKey): Document; | ||
| declare function sanitizeSvgInnerHtml(stringOrSvg: string | SVGElement, dirty?: string): string; | ||
| export { getSanitizerForConfig, sanitizeSvgHref, sanitizeSvgTextReturnDOM, uponSanitizeAttribute, blobSanitizer, svgSanitizer, sanitize, sanitizeDocument, sanitizeSvgInnerHtml, BaseDOMPurifyConfigName, DOMPurifyConfig, DOMPurifyInterface, HookCallback, HooksRegistry, NormalizedHref }; | ||
| export { getSanitizerForConfig, sanitizeSvgHref, sanitizeSvgTextReturnDOM, uponSanitizeAttribute, blobSanitizer, BaseDOMPurifyConfigName, DOMPurifyConfig, DOMPurifyInterface, HookCallback, HooksRegistry, NormalizedHref }; | ||
| export type { HookEvent, HookName, SanitizeAttributeHookEvent }; |
@@ -13,2 +13,3 @@ /*! | ||
| var createDOMPurify$LWS = require('dompurify'); | ||
| var trustedTypes$LWS = require('@locker/trusted-types'); | ||
| function _interopDefaultLegacy$LWS(e$LWS) { | ||
@@ -41,3 +42,5 @@ return e$LWS && typeof e$LWS === 'object' && 'default' in e$LWS ? e$LWS : { | ||
| CUSTOM_ELEMENT_HANDLING: shared$LWS.ObjectAssign({}, CUSTOM_ELEMENT_HANDLING$LWS), | ||
| IN_PLACE: true | ||
| IN_PLACE: true, | ||
| // @ts-ignore this type is on DOMPurifyConfig | ||
| TRUSTED_TYPES_POLICY: trustedTypes$LWS.trusted | ||
| }; | ||
@@ -51,3 +54,5 @@ // A config to use only svg tags in which the sanitizer returns a document | ||
| RETURN_DOM_FRAGMENT: true, | ||
| SANITIZE_DOM: false | ||
| SANITIZE_DOM: false, | ||
| // @ts-ignore this type is on DOMPurifyConfig | ||
| TRUSTED_TYPES_POLICY: trustedTypes$LWS.trusted | ||
| }; | ||
@@ -59,3 +64,5 @@ // A config to use only tags allowed for blob and file. | ||
| CUSTOM_ELEMENT_HANDLING: shared$LWS.ObjectAssign({}, CUSTOM_ELEMENT_HANDLING$LWS), | ||
| SANITIZE_DOM: false | ||
| SANITIZE_DOM: false, | ||
| // @ts-ignore this type is on DOMPurifyConfig | ||
| TRUSTED_TYPES_POLICY: trustedTypes$LWS.trusted | ||
| }; | ||
@@ -73,3 +80,3 @@ var CONFIG$LWS = /*#__PURE__*/Object.freeze({ | ||
| const SHARED_SVG_SANITIZER_KEY$LWS = 'SHARED_SVG_SANITIZER_KEY'; | ||
| const htmlTemplate$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoCreateElement, document, ['template']); | ||
| shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoCreateElement, document, ['template']); | ||
| // Queue for managing pending XHR requests. | ||
@@ -262,57 +269,7 @@ const queue$LWS = shared$LWS.toSafeSet(new shared$LWS.SetCtor()); | ||
| } | ||
| function svgSanitizer$LWS() { | ||
| // SVG sanitization can be shared since there won't be custom elements created from existing SVG elements, | ||
| // and all SVG sanitization is subject to the same rules. | ||
| return getSanitizerForConfig$LWS(SHARED_SVG_SANITIZER_KEY$LWS, 'NODE_SVG'); | ||
| } | ||
| function sanitize$LWS(dirty$LWS, sandboxKey$LWS) { | ||
| if (typeof sandboxKey$LWS !== 'string') { | ||
| throw new shared$LWS.LockerSecurityError(shared$LWS.ERR_INVALID_SANDBOX_KEY); | ||
| } | ||
| shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoInnerHTMLSetter, htmlTemplate$LWS, [dirty$LWS]); | ||
| const content$LWS = shared$LWS.ReflectApply(sharedDom$LWS.HTMLTemplateElementProtoContentGetter, htmlTemplate$LWS, []); | ||
| const sanitizer$LWS = getSanitizerForConfig$LWS(sandboxKey$LWS, 'NODE_ALL_IN_PLACE'); | ||
| sanitizer$LWS.sanitize(content$LWS); | ||
| return shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoInnerHTMLGetter, htmlTemplate$LWS, []); | ||
| } | ||
| function sanitizeDocument$LWS(doc$LWS, sandboxKey$LWS) { | ||
| const docEl$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoDocumentElementGetter, doc$LWS, []); | ||
| const content$LWS = shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoOuterHTMLGetter, docEl$LWS, []); | ||
| const docImpl$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoImplementationGetter, doc$LWS, []); | ||
| const newDoc$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DOMImplementationProtoCreateDocument, docImpl$LWS, [sharedDom$LWS.NAMESPACE_XHTML, 'html']); | ||
| const newDocEl$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoDocumentElementGetter, newDoc$LWS, []); | ||
| shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoInnerHTMLSetter, newDocEl$LWS, [sanitize$LWS(content$LWS, sandboxKey$LWS)]); | ||
| return newDoc$LWS; | ||
| } | ||
| function createSvgContainer$LWS(ownerDoc$LWS) { | ||
| return shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoCreateElementNS, ownerDoc$LWS, [sharedDom$LWS.NAMESPACE_SVG, 'svg']); | ||
| } | ||
| function sanitizeSvgInnerHtml$LWS(stringOrSvg$LWS, dirty$LWS = '') { | ||
| const ownerDoc$LWS = typeof stringOrSvg$LWS === 'string' ? document : shared$LWS.ReflectApply(sharedDom$LWS.NodeProtoOwnerDocumentGetter, stringOrSvg$LWS, []); | ||
| let container$LWS; | ||
| if (typeof stringOrSvg$LWS === 'string') { | ||
| dirty$LWS = stringOrSvg$LWS; | ||
| container$LWS = createSvgContainer$LWS(ownerDoc$LWS); | ||
| } else { | ||
| const closestSvg$LWS = shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoClosest, stringOrSvg$LWS, ['svg']); | ||
| container$LWS = closestSvg$LWS ? shared$LWS.ReflectApply(sharedDom$LWS.NodeProtoCloneNode, closestSvg$LWS, [false]) : createSvgContainer$LWS(ownerDoc$LWS); | ||
| } | ||
| const comment$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoCreateComment, ownerDoc$LWS, ['']); | ||
| shared$LWS.ReflectApply(sharedDom$LWS.NodeProtoAppendChild, container$LWS, [comment$LWS]); | ||
| const outerHTML$LWS = shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoOuterHTMLGetter, container$LWS, []); | ||
| const replacedOuterHTML$LWS = shared$LWS.ReflectApply(shared$LWS.StringProtoReplace, outerHTML$LWS, ['<!---->', dirty$LWS]); | ||
| // eslint-disable-next-line @typescript-eslint/no-use-before-define | ||
| const fragment$LWS = sanitizeSvgTextReturnDOM$LWS(replacedOuterHTML$LWS); | ||
| const firstChild$LWS = shared$LWS.ReflectApply(sharedDom$LWS.NodeProtoFirstChildGetter, fragment$LWS, []); | ||
| return shared$LWS.ReflectApply(sharedDom$LWS.ElementProtoInnerHTMLGetter, firstChild$LWS, []); | ||
| } | ||
| exports.blobSanitizer = blobSanitizer$LWS; | ||
| exports.getSanitizerForConfig = getSanitizerForConfig$LWS; | ||
| exports.sanitize = sanitize$LWS; | ||
| exports.sanitizeDocument = sanitizeDocument$LWS; | ||
| exports.sanitizeSvgHref = sanitizeSvgHref$LWS; | ||
| exports.sanitizeSvgInnerHtml = sanitizeSvgInnerHtml$LWS; | ||
| exports.sanitizeSvgTextReturnDOM = sanitizeSvgTextReturnDOM$LWS; | ||
| exports.svgSanitizer = svgSanitizer$LWS; | ||
| exports.uponSanitizeAttribute = uponSanitizeAttribute$LWS; | ||
| /*! version: 0.19.6 */ | ||
| /*! version: 0.19.7 */ |
@@ -30,7 +30,3 @@ import { SandboxKey } from '@locker/shared'; | ||
| declare function blobSanitizer(sandboxKey: SandboxKey): ReturnType<typeof getSanitizerForConfig>; | ||
| declare function svgSanitizer(): ReturnType<typeof getSanitizerForConfig>; | ||
| declare function sanitize(dirty: string, sandboxKey: SandboxKey): string; | ||
| declare function sanitizeDocument(doc: Document, sandboxKey: SandboxKey): Document; | ||
| declare function sanitizeSvgInnerHtml(stringOrSvg: string | SVGElement, dirty?: string): string; | ||
| export { getSanitizerForConfig, sanitizeSvgHref, sanitizeSvgTextReturnDOM, uponSanitizeAttribute, blobSanitizer, svgSanitizer, sanitize, sanitizeDocument, sanitizeSvgInnerHtml, BaseDOMPurifyConfigName, DOMPurifyConfig, DOMPurifyInterface, HookCallback, HooksRegistry, NormalizedHref }; | ||
| export { getSanitizerForConfig, sanitizeSvgHref, sanitizeSvgTextReturnDOM, uponSanitizeAttribute, blobSanitizer, BaseDOMPurifyConfigName, DOMPurifyConfig, DOMPurifyInterface, HookCallback, HooksRegistry, NormalizedHref }; | ||
| export type { HookEvent, HookName, SanitizeAttributeHookEvent }; |
@@ -5,5 +5,6 @@ /*! | ||
| import { ArrayConcat as ArrayConcat$LWS, shallowCloneArray as shallowCloneArray$LWS, ObjectAssign as ObjectAssign$LWS, ReflectApply as ReflectApply$LWS, ArrayProtoFilter as ArrayProtoFilter$LWS, toSafeArray as toSafeArray$LWS, toSafeSet as toSafeSet$LWS, SetCtor as SetCtor$LWS, LockerSecurityError as LockerSecurityError$LWS, ERR_INVALID_SANDBOX_KEY as ERR_INVALID_SANDBOX_KEY$LWS, toString as toString$LWS, StringProtoStartsWith as StringProtoStartsWith$LWS, StringProtoSplit as StringProtoSplit$LWS, StringProtoToLowerCase as StringProtoToLowerCase$LWS, StringProtoReplace as StringProtoReplace$LWS, StringProtoToUpperCase as StringProtoToUpperCase$LWS, RegExpProtoTest as RegExpProtoTest$LWS } from '@locker/shared'; | ||
| import { DocumentProtoCreateElement as DocumentProtoCreateElement$LWS, DocumentProtoGetElementById as DocumentProtoGetElementById$LWS, WindowSetInterval as WindowSetInterval$LWS, WindowClearInterval as WindowClearInterval$LWS, XhrCtor as XhrCtor$LWS, EventTargetProtoAddEventListener as EventTargetProtoAddEventListener$LWS, XhrProtoStatusGetter as XhrProtoStatusGetter$LWS, XhrProtoResponseTextGetter as XhrProtoResponseTextGetter$LWS, DocumentFragmentProtoGetElementById as DocumentFragmentProtoGetElementById$LWS, ElementProtoSetAttribute as ElementProtoSetAttribute$LWS, NodeProtoAppendChild as NodeProtoAppendChild$LWS, XhrProtoOpen as XhrProtoOpen$LWS, XhrProtoSend as XhrProtoSend$LWS, HTMLAnchorElementProtoHrefSetter as HTMLAnchorElementProtoHrefSetter$LWS, HTMLAnchorElementProtoHrefGetter as HTMLAnchorElementProtoHrefGetter$LWS, HTMLAnchorElementProtoProtocolGetter as HTMLAnchorElementProtoProtocolGetter$LWS, NodeProtoNodeNameGetter as NodeProtoNodeNameGetter$LWS, DocumentProtoBodyGetter as DocumentProtoBodyGetter$LWS, ElementProtoQuerySelector as ElementProtoQuerySelector$LWS, ElementProtoHasAttribute as ElementProtoHasAttribute$LWS, CUSTOM_ELEMENT_REGISTRY_ATTRIBUTE_NAME as CUSTOM_ELEMENT_REGISTRY_ATTRIBUTE_NAME$LWS, ElementProtoInnerHTMLSetter as ElementProtoInnerHTMLSetter$LWS, HTMLTemplateElementProtoContentGetter as HTMLTemplateElementProtoContentGetter$LWS, ElementProtoInnerHTMLGetter as ElementProtoInnerHTMLGetter$LWS, DocumentProtoDocumentElementGetter as DocumentProtoDocumentElementGetter$LWS, ElementProtoOuterHTMLGetter as ElementProtoOuterHTMLGetter$LWS, DocumentProtoImplementationGetter as DocumentProtoImplementationGetter$LWS, DOMImplementationProtoCreateDocument as DOMImplementationProtoCreateDocument$LWS, NAMESPACE_XHTML as NAMESPACE_XHTML$LWS, NodeProtoOwnerDocumentGetter as NodeProtoOwnerDocumentGetter$LWS, ElementProtoClosest as ElementProtoClosest$LWS, NodeProtoCloneNode as NodeProtoCloneNode$LWS, DocumentProtoCreateComment as DocumentProtoCreateComment$LWS, NodeProtoFirstChildGetter as NodeProtoFirstChildGetter$LWS, DocumentProtoCreateElementNS as DocumentProtoCreateElementNS$LWS, NAMESPACE_SVG as NAMESPACE_SVG$LWS } from '@locker/shared-dom'; | ||
| import { DocumentProtoCreateElement as DocumentProtoCreateElement$LWS, DocumentProtoGetElementById as DocumentProtoGetElementById$LWS, WindowSetInterval as WindowSetInterval$LWS, WindowClearInterval as WindowClearInterval$LWS, XhrCtor as XhrCtor$LWS, EventTargetProtoAddEventListener as EventTargetProtoAddEventListener$LWS, XhrProtoStatusGetter as XhrProtoStatusGetter$LWS, XhrProtoResponseTextGetter as XhrProtoResponseTextGetter$LWS, DocumentFragmentProtoGetElementById as DocumentFragmentProtoGetElementById$LWS, ElementProtoSetAttribute as ElementProtoSetAttribute$LWS, NodeProtoAppendChild as NodeProtoAppendChild$LWS, XhrProtoOpen as XhrProtoOpen$LWS, XhrProtoSend as XhrProtoSend$LWS, HTMLAnchorElementProtoHrefSetter as HTMLAnchorElementProtoHrefSetter$LWS, HTMLAnchorElementProtoHrefGetter as HTMLAnchorElementProtoHrefGetter$LWS, HTMLAnchorElementProtoProtocolGetter as HTMLAnchorElementProtoProtocolGetter$LWS, NodeProtoNodeNameGetter as NodeProtoNodeNameGetter$LWS, DocumentProtoBodyGetter as DocumentProtoBodyGetter$LWS, ElementProtoQuerySelector as ElementProtoQuerySelector$LWS, ElementProtoHasAttribute as ElementProtoHasAttribute$LWS, CUSTOM_ELEMENT_REGISTRY_ATTRIBUTE_NAME as CUSTOM_ELEMENT_REGISTRY_ATTRIBUTE_NAME$LWS } from '@locker/shared-dom'; | ||
| import { URL_SCHEMES_LIST as URL_SCHEMES_LIST$LWS, normalizerAnchor as normalizerAnchor$LWS } from '@locker/shared-url'; | ||
| import createDOMPurify$LWS from 'dompurify'; | ||
| import { trusted as trusted$LWS } from '@locker/trusted-types'; | ||
| const ariaAttributes$LWS = ['aria-activedescendant', 'aria-atomic', 'aria-autocomplete', 'aria-busy', 'aria-checked', 'aria-controls', 'aria-describedby', 'aria-disabled', 'aria-readonly', 'aria-dropeffect', 'aria-expanded', 'aria-flowto', 'aria-grabbed', 'aria-haspopup', 'aria-hidden', 'aria-disabled', 'aria-invalid', 'aria-label', 'aria-labelledby', 'aria-level', 'aria-live', 'aria-multiline', 'aria-multiselectable', 'aria-orientation', 'aria-owns', 'aria-posinset', 'aria-pressed', 'aria-readonly', 'aria-relevant', 'aria-required', 'aria-selected', 'aria-setsize', 'aria-sort', 'aria-valuemax', 'aria-valuemin', 'aria-valuenow', 'aria-valuetext', 'role', 'target']; | ||
@@ -30,3 +31,5 @@ const htmlTags$LWS = ['a', 'abbr', 'acronym', 'address', 'area', 'article', 'aside', 'audio', 'b', 'bdi', 'bdo', 'big', 'blockquote', 'body', 'br', 'button', 'caption', 'canvas', 'center', 'cite', 'code', 'col', 'colgroup', 'command', 'datalist', 'dd', 'del', 'details', 'dfn', 'dir', 'div', 'dl', 'dt', 'em', 'fieldset', 'figure', 'figcaption', 'footer', 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'head', 'header', 'hgroup', 'hr', 'i', 'iframe', 'img', 'input', 'ins', 'keygen', 'kbd', 'label', 'legend', 'li', 'map', 'mark', 'menu', 'meter', 'nav', 'ol', 'optgroup', 'option', 'output', 'p', 'pre', 'progress', 'q', 'rp', 'rt', 'ruby', 's', 'samp', 'section', 'select', 'small', 'source', 'span', 'strike', 'strong', 'style', 'sub', 'summary', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'time', 'tr', 'track', 'tt', 'u', 'ul', 'var', 'video', 'wbr']; | ||
| CUSTOM_ELEMENT_HANDLING: ObjectAssign$LWS({}, CUSTOM_ELEMENT_HANDLING$LWS), | ||
| IN_PLACE: true | ||
| IN_PLACE: true, | ||
| // @ts-ignore this type is on DOMPurifyConfig | ||
| TRUSTED_TYPES_POLICY: trusted$LWS | ||
| }; | ||
@@ -40,3 +43,5 @@ // A config to use only svg tags in which the sanitizer returns a document | ||
| RETURN_DOM_FRAGMENT: true, | ||
| SANITIZE_DOM: false | ||
| SANITIZE_DOM: false, | ||
| // @ts-ignore this type is on DOMPurifyConfig | ||
| TRUSTED_TYPES_POLICY: trusted$LWS | ||
| }; | ||
@@ -48,3 +53,5 @@ // A config to use only tags allowed for blob and file. | ||
| CUSTOM_ELEMENT_HANDLING: ObjectAssign$LWS({}, CUSTOM_ELEMENT_HANDLING$LWS), | ||
| SANITIZE_DOM: false | ||
| SANITIZE_DOM: false, | ||
| // @ts-ignore this type is on DOMPurifyConfig | ||
| TRUSTED_TYPES_POLICY: trusted$LWS | ||
| }; | ||
@@ -62,3 +69,3 @@ var CONFIG$LWS = /*#__PURE__*/Object.freeze({ | ||
| const SHARED_SVG_SANITIZER_KEY$LWS = 'SHARED_SVG_SANITIZER_KEY'; | ||
| const htmlTemplate$LWS = ReflectApply$LWS(DocumentProtoCreateElement$LWS, document, ['template']); | ||
| ReflectApply$LWS(DocumentProtoCreateElement$LWS, document, ['template']); | ||
| // Queue for managing pending XHR requests. | ||
@@ -251,49 +258,3 @@ const queue$LWS = toSafeSet$LWS(new SetCtor$LWS()); | ||
| } | ||
| function svgSanitizer$LWS() { | ||
| // SVG sanitization can be shared since there won't be custom elements created from existing SVG elements, | ||
| // and all SVG sanitization is subject to the same rules. | ||
| return getSanitizerForConfig$LWS(SHARED_SVG_SANITIZER_KEY$LWS, 'NODE_SVG'); | ||
| } | ||
| function sanitize$LWS(dirty$LWS, sandboxKey$LWS) { | ||
| if (typeof sandboxKey$LWS !== 'string') { | ||
| throw new LockerSecurityError$LWS(ERR_INVALID_SANDBOX_KEY$LWS); | ||
| } | ||
| ReflectApply$LWS(ElementProtoInnerHTMLSetter$LWS, htmlTemplate$LWS, [dirty$LWS]); | ||
| const content$LWS = ReflectApply$LWS(HTMLTemplateElementProtoContentGetter$LWS, htmlTemplate$LWS, []); | ||
| const sanitizer$LWS = getSanitizerForConfig$LWS(sandboxKey$LWS, 'NODE_ALL_IN_PLACE'); | ||
| sanitizer$LWS.sanitize(content$LWS); | ||
| return ReflectApply$LWS(ElementProtoInnerHTMLGetter$LWS, htmlTemplate$LWS, []); | ||
| } | ||
| function sanitizeDocument$LWS(doc$LWS, sandboxKey$LWS) { | ||
| const docEl$LWS = ReflectApply$LWS(DocumentProtoDocumentElementGetter$LWS, doc$LWS, []); | ||
| const content$LWS = ReflectApply$LWS(ElementProtoOuterHTMLGetter$LWS, docEl$LWS, []); | ||
| const docImpl$LWS = ReflectApply$LWS(DocumentProtoImplementationGetter$LWS, doc$LWS, []); | ||
| const newDoc$LWS = ReflectApply$LWS(DOMImplementationProtoCreateDocument$LWS, docImpl$LWS, [NAMESPACE_XHTML$LWS, 'html']); | ||
| const newDocEl$LWS = ReflectApply$LWS(DocumentProtoDocumentElementGetter$LWS, newDoc$LWS, []); | ||
| ReflectApply$LWS(ElementProtoInnerHTMLSetter$LWS, newDocEl$LWS, [sanitize$LWS(content$LWS, sandboxKey$LWS)]); | ||
| return newDoc$LWS; | ||
| } | ||
| function createSvgContainer$LWS(ownerDoc$LWS) { | ||
| return ReflectApply$LWS(DocumentProtoCreateElementNS$LWS, ownerDoc$LWS, [NAMESPACE_SVG$LWS, 'svg']); | ||
| } | ||
| function sanitizeSvgInnerHtml$LWS(stringOrSvg$LWS, dirty$LWS = '') { | ||
| const ownerDoc$LWS = typeof stringOrSvg$LWS === 'string' ? document : ReflectApply$LWS(NodeProtoOwnerDocumentGetter$LWS, stringOrSvg$LWS, []); | ||
| let container$LWS; | ||
| if (typeof stringOrSvg$LWS === 'string') { | ||
| dirty$LWS = stringOrSvg$LWS; | ||
| container$LWS = createSvgContainer$LWS(ownerDoc$LWS); | ||
| } else { | ||
| const closestSvg$LWS = ReflectApply$LWS(ElementProtoClosest$LWS, stringOrSvg$LWS, ['svg']); | ||
| container$LWS = closestSvg$LWS ? ReflectApply$LWS(NodeProtoCloneNode$LWS, closestSvg$LWS, [false]) : createSvgContainer$LWS(ownerDoc$LWS); | ||
| } | ||
| const comment$LWS = ReflectApply$LWS(DocumentProtoCreateComment$LWS, ownerDoc$LWS, ['']); | ||
| ReflectApply$LWS(NodeProtoAppendChild$LWS, container$LWS, [comment$LWS]); | ||
| const outerHTML$LWS = ReflectApply$LWS(ElementProtoOuterHTMLGetter$LWS, container$LWS, []); | ||
| const replacedOuterHTML$LWS = ReflectApply$LWS(StringProtoReplace$LWS, outerHTML$LWS, ['<!---->', dirty$LWS]); | ||
| // eslint-disable-next-line @typescript-eslint/no-use-before-define | ||
| const fragment$LWS = sanitizeSvgTextReturnDOM$LWS(replacedOuterHTML$LWS); | ||
| const firstChild$LWS = ReflectApply$LWS(NodeProtoFirstChildGetter$LWS, fragment$LWS, []); | ||
| return ReflectApply$LWS(ElementProtoInnerHTMLGetter$LWS, firstChild$LWS, []); | ||
| } | ||
| export { blobSanitizer$LWS as blobSanitizer, getSanitizerForConfig$LWS as getSanitizerForConfig, sanitize$LWS as sanitize, sanitizeDocument$LWS as sanitizeDocument, sanitizeSvgHref$LWS as sanitizeSvgHref, sanitizeSvgInnerHtml$LWS as sanitizeSvgInnerHtml, sanitizeSvgTextReturnDOM$LWS as sanitizeSvgTextReturnDOM, svgSanitizer$LWS as svgSanitizer, uponSanitizeAttribute$LWS as uponSanitizeAttribute }; | ||
| /*! version: 0.19.6 */ | ||
| export { blobSanitizer$LWS as blobSanitizer, getSanitizerForConfig$LWS as getSanitizerForConfig, sanitizeSvgHref$LWS as sanitizeSvgHref, sanitizeSvgTextReturnDOM$LWS as sanitizeSvgTextReturnDOM, uponSanitizeAttribute$LWS as uponSanitizeAttribute }; | ||
| /*! version: 0.19.7 */ |
| { | ||
| "name": "@locker/html-sanitizer", | ||
| "version": "0.19.6", | ||
| "version": "0.19.7", | ||
| "license": "SEE LICENSE IN LICENSE.txt", | ||
@@ -19,5 +19,6 @@ "author": "Salesforce UI Security Team", | ||
| "dependencies": { | ||
| "@locker/shared": "0.19.6", | ||
| "@locker/shared-dom": "0.19.6", | ||
| "@locker/shared-url": "0.19.6", | ||
| "@locker/shared": "0.19.7", | ||
| "@locker/shared-dom": "0.19.7", | ||
| "@locker/shared-url": "0.19.7", | ||
| "@locker/trusted-types": "0.19.7", | ||
| "@types/dompurify": "3.0.2", | ||
@@ -24,0 +25,0 @@ "dompurify": "3.0.3" |
No alert changes
Worsened metrics
- Total package byte prevSize
42344
-15.48%- Dependency count
6
20%- Lines of code
602
-13.88%Dependency changes
+ Added
@locker/trusted-types@0.19.7+ Added
@locker/shared@0.19.7(transitive)+ Added
@locker/shared-dom@0.19.7(transitive)+ Added
@locker/shared-url@0.19.7(transitive)+ Added
@locker/trusted-types@0.19.7(transitive)- Removed
@locker/shared@0.19.6(transitive)- Removed
@locker/shared-dom@0.19.6(transitive)- Removed
@locker/shared-url@0.19.6(transitive)Updated
@locker/shared@0.19.7Updated
@locker/shared-dom@0.19.7Updated
@locker/shared-url@0.19.7