file-saver - npm Package Compare versions

Comparing version 2.0.0-rc.4 to 2.0.0

CHANGELOG.md

@@ -7,2 +7,6 @@ # Changelog
 
+## [2.0.0] - 2018-10-17
+
+- Removed eval to resolve CSP [#465]
+
 ## [2.0.0-rc.4] - 2018-10-17
@@ -14,3 +18,3 @@
 
-- switch export method
+- Switch export method
 
@@ -53,1 +57,2 @@ ## [2.0.0-rc.2] - 2018-09-26
   [#470]: https://github.com/eligrey/FileSaver.js/issues/470
+  [#491]: https://github.com/eligrey/FileSaver.js/issues/491

dist/FileSaver.js

@@ -27,12 +27,3 @@ (function (global, factory) {
   // https://stackoverflow.com/q/3277182/1008999
-  var _global = function () {
-    // some use content security policy to disable eval
-    try {
-      return Function('return this')() || (42, eval)('this');
-    } catch (e) {
-      // every global should have circular reference
-      // used for checking if someone writes var window = {}; var self = {}
-      return typeof window === 'object' && window.window === window ? window : typeof self === 'object' && self.self === self ? self : typeof global === 'object' && global.global === global ? global : this;
-    }
-  }();
+  var _global = typeof window === 'object' && window.window === window ? window : typeof self === 'object' && self.self === self ? self : typeof global === 'object' && global.global === global ? global : void 0;
 
@@ -39,0 +30,0 @@ function bom(blob, opts) {

dist/FileSaver.min.js

@@ -1,3 +0,3 @@
-(function(a,b){if("function"==typeof define&&define.amd)define([],b);else if("undefined"!=typeof exports)b();else{b(),a.FileSaver={exports:{}}.exports}})(this,function(){"use strict";function b(a,b){return"undefined"==typeof b?b={autoBom:!1}:"object"!=typeof b&&(console.warn("Depricated: Expected third argument to be a object"),b={autoBom:!b}),b.autoBom&&/^\s*(?:text\/\S*|application\/xml|\S*\/\S*\+xml)\s*;.*charset\s*=\s*utf-8/i.test(a.type)?new Blob(["\uFEFF",a],{type:a.type}):a}function c(b,c,d){var e=new XMLHttpRequest;e.open("GET",b),e.responseType="blob",e.onload=function(){a(e.response,c,d)},e.onerror=function(){console.error("could not download file")},e.send()}function d(a){var b=new XMLHttpRequest;return b.open("HEAD",a,!1),b.send(),200<=b.status&&299>=b.status}function e(a){try{a.dispatchEvent(new MouseEvent("click"))}catch(c){var b=document.createEvent("MouseEvents");b.initMouseEvent("click",!0,!0,window,0,0,0,80,20,!1,!1,!1,!1,0,null),a.dispatchEvent(b)}}var f=function(){try{return Function("return this")()||(42,eval)("this")}catch(a){return"object"==typeof window&&window.window===window?window:"object"==typeof self&&self.self===self?self:"object"==typeof global&&global.global===global?global:this}}(),a=f.saveAs||"object"!=typeof window||window!==f?function(){}:"download"in HTMLAnchorElement.prototype?function(b,g,h){var i=f.URL||f.webkitURL,j=document.createElement("a");g=g||b.name||"download",j.download=g,j.rel="noopener","string"==typeof b?(j.href=b,j.origin===location.origin?e(j):d(j.href)?c(b,g,h):e(j,j.target="_blank")):(j.href=i.createObjectURL(b),setTimeout(function(){i.revokeObjectURL(j.href)},4E4),setTimeout(function(){e(j)},0))}:"msSaveOrOpenBlob"in navigator?function(f,g,h){if(g=g||f.name||"download","string"!=typeof f)navigator.msSaveOrOpenBlob(b(f,h),g);else if(d(f))c(f,g,h);else{var i=document.createElement("a");i.href=f,i.target="_blank",setTimeout(function(){e(i)})}}:function(a,b,d,e){if(e=e||open("","_blank"),e&&(e.document.title=e.document.body.innerText="downloading..."),"string"==typeof a)return c(a,b,d);var g="application/octet-stream"===a.type,h=/constructor/i.test(f.HTMLElement)||f.safari,i=/CriOS\/[\d]+/.test(navigator.userAgent);if((i||g&&h)&&"object"==typeof FileReader){var j=new FileReader;j.onloadend=function(){var a=j.result;a=i?a:a.replace(/^data:[^;]*;/,"data:attachment/file;"),e?e.location.href=a:location=a,e=null},j.readAsDataURL(a)}else{var k=f.URL||f.webkitURL,l=k.createObjectURL(a);e?e.location=l:location.href=l,e=null,setTimeout(function(){k.revokeObjectURL(l)},4E4)}};f.saveAs=a.saveAs=a,"undefined"!=typeof module&&(module.exports=a)});
+(function(a,b){if("function"==typeof define&&define.amd)define([],b);else if("undefined"!=typeof exports)b();else{b(),a.FileSaver={exports:{}}.exports}})(this,function(){"use strict";function b(a,b){return"undefined"==typeof b?b={autoBom:!1}:"object"!=typeof b&&(console.warn("Depricated: Expected third argument to be a object"),b={autoBom:!b}),b.autoBom&&/^\s*(?:text\/\S*|application\/xml|\S*\/\S*\+xml)\s*;.*charset\s*=\s*utf-8/i.test(a.type)?new Blob(["\uFEFF",a],{type:a.type}):a}function c(b,c,d){var e=new XMLHttpRequest;e.open("GET",b),e.responseType="blob",e.onload=function(){a(e.response,c,d)},e.onerror=function(){console.error("could not download file")},e.send()}function d(a){var b=new XMLHttpRequest;return b.open("HEAD",a,!1),b.send(),200<=b.status&&299>=b.status}function e(a){try{a.dispatchEvent(new MouseEvent("click"))}catch(c){var b=document.createEvent("MouseEvents");b.initMouseEvent("click",!0,!0,window,0,0,0,80,20,!1,!1,!1,!1,0,null),a.dispatchEvent(b)}}var f="object"==typeof window&&window.window===window?window:"object"==typeof self&&self.self===self?self:"object"==typeof global&&global.global===global?global:void 0,a=f.saveAs||"object"!=typeof window||window!==f?function(){}:"download"in HTMLAnchorElement.prototype?function(b,g,h){var i=f.URL||f.webkitURL,j=document.createElement("a");g=g||b.name||"download",j.download=g,j.rel="noopener","string"==typeof b?(j.href=b,j.origin===location.origin?e(j):d(j.href)?c(b,g,h):e(j,j.target="_blank")):(j.href=i.createObjectURL(b),setTimeout(function(){i.revokeObjectURL(j.href)},4E4),setTimeout(function(){e(j)},0))}:"msSaveOrOpenBlob"in navigator?function(f,g,h){if(g=g||f.name||"download","string"!=typeof f)navigator.msSaveOrOpenBlob(b(f,h),g);else if(d(f))c(f,g,h);else{var i=document.createElement("a");i.href=f,i.target="_blank",setTimeout(function(){e(i)})}}:function(a,b,d,e){if(e=e||open("","_blank"),e&&(e.document.title=e.document.body.innerText="downloading..."),"string"==typeof a)return c(a,b,d);var g="application/octet-stream"===a.type,h=/constructor/i.test(f.HTMLElement)||f.safari,i=/CriOS\/[\d]+/.test(navigator.userAgent);if((i||g&&h)&&"object"==typeof FileReader){var j=new FileReader;j.onloadend=function(){var a=j.result;a=i?a:a.replace(/^data:[^;]*;/,"data:attachment/file;"),e?e.location.href=a:location=a,e=null},j.readAsDataURL(a)}else{var k=f.URL||f.webkitURL,l=k.createObjectURL(a);e?e.location=l:location.href=l,e=null,setTimeout(function(){k.revokeObjectURL(l)},4E4)}};f.saveAs=a.saveAs=a,"undefined"!=typeof module&&(module.exports=a)});
 
 //# sourceMappingURL=FileSaver.min.js.map

package.json

 {
   "name": "file-saver",
-  "version": "2.0.0-rc.4",
+  "version": "2.0.0",
   "description": "An HTML5 saveAs() FileSaver implementation",
@@ -9,2 +9,3 @@ "main": "dist/FileSaver.min.js",
     "dist/FileSaver.min.js",
+    "dist/FileSaver.min.js.map",
     "src/FileSaver.js"
@@ -11,0 +12,0 @@ ],

README.md

@@ -10,4 +10,4 @@ If you need to save really large files bigger then the blob's size limitation or don't have
 FileSaver.js is the solution to saving files on the client-side, and is perfect for
-webapps that generates files on the client, However if the file is coming from the
-server we recomend you to first try to use [Content-Disposition][8] attachment response header as it has more cross browser compatible
+web apps that generates files on the client, However if the file is coming from the
+server we recommend you to first try to use [Content-Disposition][8] attachment response header as it has more cross-browser compatible
 
@@ -17,3 +17,3 @@ Looking for `canvas.toBlob()` for saving canvases? Check out
 
-Supported browsers
+Supported Browsers
 ------------------
@@ -87,3 +87,3 @@
 
-### Saving urls
+### Saving URLs
 
@@ -93,5 +93,5 @@ ```js
 ```
-Using urls within the same origin will just use `a[download]`
-Otherwise it will first check if it supports cors header with a synchronously head request
-if it dose it will download the data and save it using blob urls
+Using URLs within the same origin will just use `a[download]`
+Otherwise, it will first check if it supports cors header with a synchronously head request
+if it does it will download the data and save it using blob URLs
 if not it will try to download it using `a[download]`
@@ -98,0 +98,0 @@

src/FileSaver.js

@@ -14,14 +14,7 @@ /*
 // https://stackoverflow.com/q/3277182/1008999
-var _global = (function () {
-// some use content security policy to disable eval
-  try {
-    return Function('return this')() || (42, eval)('this')
-  } catch (e) {
-    // every global should have circular reference
-    // used for checking if someone writes var window = {}; var self = {}
-    return typeof window === 'object' && window.window === window ? window
-    : typeof self === 'object' && self.self === self ? self
-    : typeof global === 'object' && global.global === global ? global : this
-  }
-})()
+var _global = typeof window === 'object' && window.window === window
+  ? window : typeof self === 'object' && self.self === self
+  ? self : typeof global === 'object' && global.global === global
+  ? global
+  : this
 
@@ -28,0 +21,0 @@ function bom (blob, opts) {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

33388

increased by36.94%

Number of package files

8

increased by14.29%

Number of low quality alerts

1

decreased by-50%

Worsened metrics

Lines of code

308

decreased by-5.23%

No dependency changes