New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@locker/shared-url
Advanced tools
@locker/shared-url - npm Package Compare versions
Comparing version 0.24.5 to 0.24.6
@@ -8,2 +8,3 @@ interface ParsedURL { | ||
| declare const normalizerAnchor: HTMLAnchorElement; | ||
| declare function isSameOriginURL(resourceValue: string): any; | ||
| declare function isValidURL(parsedURL: ParsedURL): boolean; | ||
@@ -16,3 +17,3 @@ declare function isValidURLScheme(url: string): boolean; | ||
| declare function isMIMETypeAllowed(mimeType: string): boolean; | ||
| export { TRUSTED_DOMAINS_REG_EXP, URL_SCHEMES_LIST, normalizerAnchor, isValidURL, isValidURLScheme, parseURL, resolveURL, sanitizeURLForElement, sanitizeURLString, ParsedURL, isMIMETypeAllowed }; | ||
| export { TRUSTED_DOMAINS_REG_EXP, URL_SCHEMES_LIST, normalizerAnchor, isSameOriginURL, isValidURL, isValidURLScheme, parseURL, resolveURL, sanitizeURLForElement, sanitizeURLString, ParsedURL, isMIMETypeAllowed }; | ||
| //# sourceMappingURL=index.cjs.d.ts.map |
@@ -31,2 +31,18 @@ /*! | ||
| const normalizerAnchor$LWS = shared$LWS.ReflectApply(sharedDom$LWS.DocumentProtoCreateElement, sharedDom$LWS.rootDocument, ['a']); | ||
| function isSameOriginURL$LWS(resourceValue$LWS) { | ||
| let validParsedURL$LWS; | ||
| try { | ||
| validParsedURL$LWS = new sharedDom$LWS.URLCtor(resourceValue$LWS); | ||
| } catch (_unused$LWS) { | ||
| /* empty */ | ||
| } | ||
| // Empty strings and file path fragments are effectively "same origin" | ||
| if (!validParsedURL$LWS) { | ||
| return true; | ||
| } | ||
| const resourceUrlOrigin$LWS = shared$LWS.ReflectApply(sharedDom$LWS.URLProtoOriginGetter, validParsedURL$LWS, []); | ||
| // If there is an origin for the provided resource and its the same as the top level window | ||
| // then it can be treated as a same-origin URL. | ||
| return resourceUrlOrigin$LWS && resourceUrlOrigin$LWS === sharedDom$LWS.rootWindow.location.origin; | ||
| } | ||
| // @TODO: W-7302311 Make paths and domains configurable. | ||
@@ -70,2 +86,3 @@ function isValidURL$LWS(parsedURL$LWS) { | ||
| exports.isMIMETypeAllowed = isMIMETypeAllowed$LWS; | ||
| exports.isSameOriginURL = isSameOriginURL$LWS; | ||
| exports.isValidURL = isValidURL$LWS; | ||
@@ -78,2 +95,2 @@ exports.isValidURLScheme = isValidURLScheme$LWS; | ||
| exports.sanitizeURLString = sanitizeURLString$LWS; | ||
| /*! version: 0.24.5 */ | ||
| /*! version: 0.24.6 */ |
@@ -8,2 +8,3 @@ interface ParsedURL { | ||
| declare const normalizerAnchor: HTMLAnchorElement; | ||
| declare function isSameOriginURL(resourceValue: string): any; | ||
| declare function isValidURL(parsedURL: ParsedURL): boolean; | ||
@@ -16,3 +17,3 @@ declare function isValidURLScheme(url: string): boolean; | ||
| declare function isMIMETypeAllowed(mimeType: string): boolean; | ||
| export { TRUSTED_DOMAINS_REG_EXP, URL_SCHEMES_LIST, normalizerAnchor, isValidURL, isValidURLScheme, parseURL, resolveURL, sanitizeURLForElement, sanitizeURLString, ParsedURL, isMIMETypeAllowed }; | ||
| export { TRUSTED_DOMAINS_REG_EXP, URL_SCHEMES_LIST, normalizerAnchor, isSameOriginURL, isValidURL, isValidURLScheme, parseURL, resolveURL, sanitizeURLForElement, sanitizeURLString, ParsedURL, isMIMETypeAllowed }; | ||
| //# sourceMappingURL=index.mjs.d.ts.map |
@@ -5,3 +5,3 @@ /*! | ||
| import { ReflectApply as ReflectApply$LWS, RegExpProtoTest as RegExpProtoTest$LWS, StringProtoStartsWith as StringProtoStartsWith$LWS, toSafeArray as toSafeArray$LWS, isGaterEnabledFeature as isGaterEnabledFeature$LWS, StringProtoToLowerCase as StringProtoToLowerCase$LWS, StringProtoEndsWith as StringProtoEndsWith$LWS, StringProtoIncludes as StringProtoIncludes$LWS, StringProtoReplace as StringProtoReplace$LWS } from '@locker/shared'; | ||
| import { DocumentProtoCreateElement as DocumentProtoCreateElement$LWS, rootDocument as rootDocument$LWS, HTMLAnchorElementProtoHrefSetter as HTMLAnchorElementProtoHrefSetter$LWS, HTMLAnchorElementProtoProtocolGetter as HTMLAnchorElementProtoProtocolGetter$LWS, WindowDecodeURIComponent as WindowDecodeURIComponent$LWS, HTMLAnchorElementProtoPathnameGetter as HTMLAnchorElementProtoPathnameGetter$LWS, HTMLAnchorElementProtoHrefGetter as HTMLAnchorElementProtoHrefGetter$LWS } from '@locker/shared-dom'; | ||
| import { DocumentProtoCreateElement as DocumentProtoCreateElement$LWS, rootDocument as rootDocument$LWS, URLCtor as URLCtor$LWS, URLProtoOriginGetter as URLProtoOriginGetter$LWS, rootWindow as rootWindow$LWS, HTMLAnchorElementProtoHrefSetter as HTMLAnchorElementProtoHrefSetter$LWS, HTMLAnchorElementProtoProtocolGetter as HTMLAnchorElementProtoProtocolGetter$LWS, WindowDecodeURIComponent as WindowDecodeURIComponent$LWS, HTMLAnchorElementProtoPathnameGetter as HTMLAnchorElementProtoPathnameGetter$LWS, HTMLAnchorElementProtoHrefGetter as HTMLAnchorElementProtoHrefGetter$LWS } from '@locker/shared-dom'; | ||
| const ALLOWED_MIME_TYPES$LWS = ['application/octet-stream', 'application/json', 'application/pdf', 'video/', 'audio/', 'image/', 'font/', 'text/plain', 'text/markdown', 'application/zip', 'application/x-bzip', 'application/x-rar-compressed', 'application/x-tar']; | ||
@@ -27,2 +27,18 @@ const validMimeTypeRegExp$LWS = /^[a-z]+\/[a-z0-9.+-]+$/; | ||
| const normalizerAnchor$LWS = ReflectApply$LWS(DocumentProtoCreateElement$LWS, rootDocument$LWS, ['a']); | ||
| function isSameOriginURL$LWS(resourceValue$LWS) { | ||
| let validParsedURL$LWS; | ||
| try { | ||
| validParsedURL$LWS = new URLCtor$LWS(resourceValue$LWS); | ||
| } catch (_unused$LWS) { | ||
| /* empty */ | ||
| } | ||
| // Empty strings and file path fragments are effectively "same origin" | ||
| if (!validParsedURL$LWS) { | ||
| return true; | ||
| } | ||
| const resourceUrlOrigin$LWS = ReflectApply$LWS(URLProtoOriginGetter$LWS, validParsedURL$LWS, []); | ||
| // If there is an origin for the provided resource and its the same as the top level window | ||
| // then it can be treated as a same-origin URL. | ||
| return resourceUrlOrigin$LWS && resourceUrlOrigin$LWS === rootWindow$LWS.location.origin; | ||
| } | ||
| // @TODO: W-7302311 Make paths and domains configurable. | ||
@@ -63,3 +79,3 @@ function isValidURL$LWS(parsedURL$LWS) { | ||
| } | ||
| export { TRUSTED_DOMAINS_REG_EXP$LWS as TRUSTED_DOMAINS_REG_EXP, URL_SCHEMES_LIST$LWS as URL_SCHEMES_LIST, isMIMETypeAllowed$LWS as isMIMETypeAllowed, isValidURL$LWS as isValidURL, isValidURLScheme$LWS as isValidURLScheme, normalizerAnchor$LWS as normalizerAnchor, parseURL$LWS as parseURL, resolveURL$LWS as resolveURL, sanitizeURLForElement$LWS as sanitizeURLForElement, sanitizeURLString$LWS as sanitizeURLString }; | ||
| /*! version: 0.24.5 */ | ||
| export { TRUSTED_DOMAINS_REG_EXP$LWS as TRUSTED_DOMAINS_REG_EXP, URL_SCHEMES_LIST$LWS as URL_SCHEMES_LIST, isMIMETypeAllowed$LWS as isMIMETypeAllowed, isSameOriginURL$LWS as isSameOriginURL, isValidURL$LWS as isValidURL, isValidURLScheme$LWS as isValidURLScheme, normalizerAnchor$LWS as normalizerAnchor, parseURL$LWS as parseURL, resolveURL$LWS as resolveURL, sanitizeURLForElement$LWS as sanitizeURLForElement, sanitizeURLString$LWS as sanitizeURLString }; | ||
| /*! version: 0.24.6 */ |
| { | ||
| "name": "@locker/shared-url", | ||
| "version": "0.24.5", | ||
| "version": "0.24.6", | ||
| "license": "SEE LICENSE IN LICENSE.txt", | ||
@@ -18,4 +18,4 @@ "author": "Salesforce UI Security Team", | ||
| "dependencies": { | ||
| "@locker/shared": "0.24.5", | ||
| "@locker/shared-dom": "0.24.5" | ||
| "@locker/shared": "0.24.6", | ||
| "@locker/shared-dom": "0.24.6" | ||
| }, | ||
@@ -22,0 +22,0 @@ "files": [ |
No alert changes
Improved metrics
- Total package byte prevSize
17741
10.53%- Lines of code
206
21.18%Dependency changes
+ Added
@locker/shared@0.24.6(transitive)+ Added
@locker/shared-dom@0.24.6(transitive)- Removed
@locker/shared@0.24.5(transitive)- Removed
@locker/shared-dom@0.24.5(transitive)Updated
@locker/shared@0.24.6Updated
@locker/shared-dom@0.24.6