safevalues - npm Package Compare versions

Comparing version 0.7.0 to 1.0.0-rc.1

dist/cjs/builders/html_builders.d.ts

@@ -62,3 +62,3 @@ /**
  * Non-exported version of `nodeToHtml`, with an explicit temporary root to
- * accomodate for the sanitizer's user case.
+ * accommodate for the sanitizer's user case.
  */
@@ -65,0 +65,0 @@ export declare function nodeToHtmlInternal(node: Node, temporaryRoot: Element): SafeHtml;

dist/cjs/builders/html_builders.js

@@ -136,3 +136,3 @@ "use strict";
  * Non-exported version of `nodeToHtml`, with an explicit temporary root to
- * accomodate for the sanitizer's user case.
+ * accommodate for the sanitizer's user case.
  */
@@ -139,0 +139,0 @@ function nodeToHtmlInternal(node, temporaryRoot) {

dist/cjs/builders/html_sanitizer/css/sanitizer.js

@@ -37,8 +37,8 @@ "use strict";
     getStyleSheet(cssText) {
-        const style = this.inertDocument.createElement('style');
-        const safeStyle = (0, style_sheet_impl_js_1.createStyleSheetInternal)(cssText);
-        (0, style_js_1.setTextContent)(style, safeStyle);
-        this.inertDocument.head.appendChild(style);
-        const sheet = style.sheet; // guaranteed to be non-null
-        style.remove();
+        const styleEl = this.inertDocument.createElement('style');
+        const safeStyleSheet = (0, style_sheet_impl_js_1.createStyleSheetInternal)(cssText);
+        (0, style_js_1.setTextContent)(styleEl, safeStyleSheet);
+        this.inertDocument.head.appendChild(styleEl);
+        const sheet = styleEl.sheet; // guaranteed to be non-null
+        styleEl.remove();
         return sheet;
@@ -45,0 +45,0 @@ }

dist/cjs/builders/html_sanitizer/default_css_sanitizer.d.ts

@@ -14,3 +14,6 @@ /**
  */
-/** Sanitizes untrusted CSS using the default sanitizer configuration. */
+/**
+ * Sanitizes untrusted CSS using the default sanitizer configuration.
+ *
+ */
 export declare function sanitizeHtmlWithCss(css: string): DocumentFragment;

dist/cjs/builders/html_sanitizer/default_css_sanitizer.js

@@ -20,3 +20,6 @@ "use strict";
 const defaultCssSanitizer = /* #__PURE__ */ (0, pure_js_1.pure)(() => new html_sanitizer_builder_js_1.CssSanitizerBuilder().build());
-/** Sanitizes untrusted CSS using the default sanitizer configuration. */
+/**
+ * Sanitizes untrusted CSS using the default sanitizer configuration.
+ *
+ */
 function sanitizeHtmlWithCss(css) {
@@ -23,0 +26,0 @@ return defaultCssSanitizer.sanitizeToFragment(css);

dist/cjs/dom/globals/location.js

@@ -17,3 +17,3 @@ "use strict";
     if (sanitizedUrl !== undefined) {
-        loc.href = sanitizedUrl;
+        mockableLocation.setHref(loc, sanitizedUrl);
     }
@@ -29,3 +29,3 @@ }
     if (sanitizedUrl !== undefined) {
-        loc.replace(sanitizedUrl);
+        mockableLocation.replace(loc, sanitizedUrl);
     }
@@ -41,5 +41,24 @@ }
     if (sanitizedUrl !== undefined) {
-        loc.assign(sanitizedUrl);
+        mockableLocation.assign(loc, sanitizedUrl);
     }
 }
 exports.assign = assign;
+/**
+ * Set of wrappers around the location object for tests to observe and mock it.
+ * Window.location is a read-only property. Users used to mock it with our
+ * former exports like safeLocation. This is not possible anymore now that
+ * functions are directly exported on the module.
+ * Ideally, we wouldn't provide this. It just happens that the safe wrappers are
+ * a handy plug-in point for mocks...
+ */
+const mockableLocation = {
+    setHref(loc, url) {
+        loc.href = url;
+    },
+    replace(loc, url) {
+        loc.replace(url);
+    },
+    assign(loc, url) {
+        loc.assign(url);
+    },
+};

dist/cjs/dom/index.d.ts

@@ -10,26 +10,2 @@ /**
  */
-export * as safeAnchorEl from './elements/anchor.js';
-export * as safeAreaEl from './elements/area.js';
-export * as safeBaseEl from './elements/base.js';
-export * as safeButtonEl from './elements/button.js';
-export * as safeElement from './elements/element.js';
-export * as safeEmbedEl from './elements/embed.js';
-export * as safeFormEl from './elements/form.js';
-export * as safeIframeEl from './elements/iframe.js';
-export * as safeInputEl from './elements/input.js';
-export * as safeLinkEl from './elements/link.js';
-export * as safeObjectEl from './elements/object.js';
-export * as safeScriptEl from './elements/script.js';
-export * as safeStyleEl from './elements/style.js';
-export * as safeSvgEl from './elements/svg.js';
-export * as safeSvgUseEl from './elements/svg_use.js';
-export * as safeDocument from './globals/document.js';
-export * as safeDomParser from './globals/dom_parser.js';
-export * as safeGlobal from './globals/global.js';
-export * as safeLocation from './globals/location.js';
-export * as safeRange from './globals/range.js';
-export * as safeServiceWorkerContainer from './globals/service_worker_container.js';
-export * as safeUrl from './globals/url.js';
-export * as safeWindow from './globals/window.js';
-export * as safeWorker from './globals/worker.js';
 export { setHref as setAnchorHref } from './elements/anchor.js';
@@ -36,0 +12,0 @@ export { setHref as setAreaHref } from './elements/area.js';

dist/cjs/dom/index.js

@@ -7,28 +7,4 @@ "use strict";
  */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.domParserParseFromString = exports.documentWrite = exports.documentExecCommandInsertHtml = exports.documentExecCommand = exports.setSvgUseHref = exports.setSvgAttribute = exports.setStyleTextContent = exports.setScriptTextContent = exports.setScriptSrc = exports.setObjectData = exports.setLinkWithResourceUrlHrefAndRel = exports.setLinkHrefAndRel = exports.setInputFormaction = exports.setIframeSrcdoc = exports.setIframeSrc = exports.setFormAction = exports.setEmbedSrc = exports.setElementPrefixedAttribute = exports.setElementOuterHtml = exports.setElementInnerHtml = exports.elementInsertAdjacentHtml = exports.buildPrefixedAttributeSetter = exports.setButtonFormaction = exports.setBaseHref = exports.setAreaHref = exports.setAnchorHref = exports.safeWorker = exports.safeWindow = exports.safeUrl = exports.safeServiceWorkerContainer = exports.safeRange = exports.safeLocation = exports.safeGlobal = exports.safeDomParser = exports.safeDocument = exports.safeSvgUseEl = exports.safeSvgEl = exports.safeStyleEl = exports.safeScriptEl = exports.safeObjectEl = exports.safeLinkEl = exports.safeInputEl = exports.safeIframeEl = exports.safeFormEl = exports.safeEmbedEl = exports.safeElement = exports.safeButtonEl = exports.safeBaseEl = exports.safeAreaEl = exports.safeAnchorEl = void 0;
-exports.workerGlobalScopeImportScripts = exports.createWorker = exports.createSharedWorker = exports.windowOpen = exports.getStyleNonce = exports.getScriptNonce = exports.objectUrlFromSafeSource = exports.serviceWorkerContainerRegister = exports.rangeCreateContextualFragment = exports.setLocationHref = exports.locationReplace = exports.locationAssign = exports.globalEval = exports.fetchResourceUrl = exports.domParserParseXml = exports.domParserParseHtml = void 0;
+exports.workerGlobalScopeImportScripts = exports.createWorker = exports.createSharedWorker = exports.windowOpen = exports.getStyleNonce = exports.getScriptNonce = exports.objectUrlFromSafeSource = exports.serviceWorkerContainerRegister = exports.rangeCreateContextualFragment = exports.setLocationHref = exports.locationReplace = exports.locationAssign = exports.globalEval = exports.fetchResourceUrl = exports.domParserParseXml = exports.domParserParseHtml = exports.domParserParseFromString = exports.documentWrite = exports.documentExecCommandInsertHtml = exports.documentExecCommand = exports.setSvgUseHref = exports.setSvgAttribute = exports.setStyleTextContent = exports.setScriptTextContent = exports.setScriptSrc = exports.setObjectData = exports.setLinkWithResourceUrlHrefAndRel = exports.setLinkHrefAndRel = exports.setInputFormaction = exports.setIframeSrcdoc = exports.setIframeSrc = exports.setFormAction = exports.setEmbedSrc = exports.setElementPrefixedAttribute = exports.setElementOuterHtml = exports.setElementInnerHtml = exports.elementInsertAdjacentHtml = exports.buildPrefixedAttributeSetter = exports.setButtonFormaction = exports.setBaseHref = exports.setAreaHref = exports.setAnchorHref = void 0;
 /**
@@ -38,27 +14,2 @@ * @fileoverview This file re-exports all of the wrappers to ensure that we have
  */
-// Old names. These are deprecated. Use the function directly defined on safevalues.dom instead.
-exports.safeAnchorEl = __importStar(require("./elements/anchor.js"));
-exports.safeAreaEl = __importStar(require("./elements/area.js"));
-exports.safeBaseEl = __importStar(require("./elements/base.js"));
-exports.safeButtonEl = __importStar(require("./elements/button.js"));
-exports.safeElement = __importStar(require("./elements/element.js"));
-exports.safeEmbedEl = __importStar(require("./elements/embed.js"));
-exports.safeFormEl = __importStar(require("./elements/form.js"));
-exports.safeIframeEl = __importStar(require("./elements/iframe.js"));
-exports.safeInputEl = __importStar(require("./elements/input.js"));
-exports.safeLinkEl = __importStar(require("./elements/link.js"));
-exports.safeObjectEl = __importStar(require("./elements/object.js"));
-exports.safeScriptEl = __importStar(require("./elements/script.js"));
-exports.safeStyleEl = __importStar(require("./elements/style.js"));
-exports.safeSvgEl = __importStar(require("./elements/svg.js"));
-exports.safeSvgUseEl = __importStar(require("./elements/svg_use.js"));
-exports.safeDocument = __importStar(require("./globals/document.js"));
-exports.safeDomParser = __importStar(require("./globals/dom_parser.js"));
-exports.safeGlobal = __importStar(require("./globals/global.js"));
-exports.safeLocation = __importStar(require("./globals/location.js"));
-exports.safeRange = __importStar(require("./globals/range.js"));
-exports.safeServiceWorkerContainer = __importStar(require("./globals/service_worker_container.js"));
-exports.safeUrl = __importStar(require("./globals/url.js"));
-exports.safeWindow = __importStar(require("./globals/window.js"));
-exports.safeWorker = __importStar(require("./globals/worker.js"));
 // Re-export functions with new names that don't conflict with browser APIs.
@@ -65,0 +16,0 @@ var anchor_js_1 = require("./elements/anchor.js");

dist/cjs/internals/html_impl.d.ts

@@ -6,28 +6,29 @@ /**
  */
-/// <reference types="trusted-types" />
+/** @fileoverview Internal implementations of SafeHtml. */
+import { UnwrapType } from './trusted_types.js';
+import { TrustedHTML } from './trusted_types_typings.js';
 import '../environment/dev.js';
 /**
- * String that is safe to use in HTML contexts in DOM APIs and HTML
- documents.
+ * String that is safe to use in HTML contexts in DOM APIs and HTML documents.
+ *
+ * @final
  */
-export declare type SafeHtml = TrustedHTML;
+export declare class SafeHtml {
+    private readonly privateDoNotAccessOrElseWrappedHtml;
+    private constructor();
+    toString(): string;
+}
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `SafeHtml` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-export declare const SafeHtml: TrustedHTML;
+export declare function createHtmlInternal(value: string): SafeHtml;
 /**
- * Builds a new `SafeHtml` from the given string, without enforcing safety
- * guarantees. It may cause side effects by creating a Trusted Types policy.
- * This shouldn't be exposed to application developers, and must only be used as
- * a step towards safe builders or safe constants.
- */
-export declare function createHtmlInternal(html: string): SafeHtml;
-/**
  * An empty `SafeHtml` constant.
- * Unlike the function above, using this will not create a policy.
+ * Unlike the functions above, using this will not create a policy.
  */
 export declare const EMPTY_HTML: SafeHtml;
-/**
- * Checks if the given value is a `SafeHtml` instance.
- */
+/** Checks if the given value is a `SafeHtml` instance */
 export declare function isHtml(value: unknown): value is SafeHtml;
@@ -37,5 +38,8 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedHTML` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedHTML` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
-export declare function unwrapHtml(value: SafeHtml): TrustedHTML | string;
+export declare function unwrapHtml(value: SafeHtml): UnwrapType<TrustedHTML> | string;

dist/cjs/internals/html_impl.js

@@ -9,36 +9,43 @@ "use strict";
 exports.unwrapHtml = exports.isHtml = exports.EMPTY_HTML = exports.createHtmlInternal = exports.SafeHtml = void 0;
+/** @fileoverview Internal implementations of SafeHtml. */
+const trusted_types_js_1 = require("./trusted_types.js");
 require("../environment/dev.js");
+const pure_js_1 = require("./pure.js");
 const secrets_js_1 = require("./secrets.js");
-const trusted_types_js_1 = require("./trusted_types.js");
 /**
- * Runtime implementation of `TrustedHTML` in browsers that don't support it.
+ * String that is safe to use in HTML contexts in DOM APIs and HTML documents.
+ *
+ * @final
  */
-class HtmlImpl {
-    constructor(html, token) {
-        (0, secrets_js_1.ensureTokenIsValid)(token);
-        this.privateDoNotAccessOrElseWrappedHtml = html;
+class SafeHtml {
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            (0, secrets_js_1.ensureTokenIsValid)(token);
+        }
+        this.privateDoNotAccessOrElseWrappedHtml = value;
     }
     toString() {
-        return this.privateDoNotAccessOrElseWrappedHtml.toString();
+        // String coercion minimizes code size.
+        // tslint:disable-next-line:restrict-plus-operands
+        return this.privateDoNotAccessOrElseWrappedHtml + '';
     }
 }
-function createTrustedHtmlOrPolyfill(html, trusted) {
-    return (trusted !== null && trusted !== void 0 ? trusted : new HtmlImpl(html, secrets_js_1.secretToken));
+exports.SafeHtml = SafeHtml;
+const HtmlImpl = SafeHtml;
+function constructHtml(value) {
+    return new HtmlImpl(secrets_js_1.secretToken, value);
 }
-const GlobalTrustedHTML = typeof window !== 'undefined' ? window.TrustedHTML : undefined;
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `SafeHtml` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-exports.SafeHtml = (GlobalTrustedHTML !== null && GlobalTrustedHTML !== void 0 ? GlobalTrustedHTML : HtmlImpl);
-/**
- * Builds a new `SafeHtml` from the given string, without enforcing safety
- * guarantees. It may cause side effects by creating a Trusted Types policy.
- * This shouldn't be exposed to application developers, and must only be used as
- * a step towards safe builders or safe constants.
- */
-function createHtmlInternal(html) {
-    var _a;
+function createHtmlInternal(value) {
+    // Inlining this variable can cause large codesize increases when it is a
+    // large constant string. See sizetests/examples/constants for an example.
     /** @noinline */
-    const noinlineHtml = html;
-    return createTrustedHtmlOrPolyfill(noinlineHtml, (_a = (0, trusted_types_js_1.getTrustedTypesPolicy)()) === null || _a === void 0 ? void 0 : _a.createHTML(noinlineHtml));
+    const noinlineValue = value;
+    const policy = (0, trusted_types_js_1.getPolicy)();
+    return constructHtml(policy ? policy.createHTML(noinlineValue) : noinlineValue);
 }
@@ -48,11 +55,8 @@ exports.createHtmlInternal = createHtmlInternal;
  * An empty `SafeHtml` constant.
- * Unlike the function above, using this will not create a policy.
+ * Unlike the functions above, using this will not create a policy.
  */
-exports.EMPTY_HTML = (() => { var _a; return createTrustedHtmlOrPolyfill('', (_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.emptyHTML); })();
-/**
- * Checks if the given value is a `SafeHtml` instance.
- */
+exports.EMPTY_HTML = (0, pure_js_1.pure)(() => constructHtml(trusted_types_js_1.trustedTypes ? trusted_types_js_1.trustedTypes.emptyHTML : ''));
+/** Checks if the given value is a `SafeHtml` instance */
 function isHtml(value) {
-    var _a;
-    return ((_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.isHTML(value)) || value instanceof HtmlImpl;
+    return value instanceof SafeHtml;
 }
@@ -63,11 +67,10 @@ exports.isHtml = isHtml;
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedHTML` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedHTML` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
 function unwrapHtml(value) {
-    var _a;
-    if ((_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.isHTML(value)) {
-        return value;
-    }
-    else if (value instanceof HtmlImpl) {
+    if (isHtml(value)) {
         return value.privateDoNotAccessOrElseWrappedHtml;
@@ -74,0 +77,0 @@ }

dist/cjs/internals/resource_url_impl.d.ts

@@ -6,3 +6,5 @@ /**
  */
-/// <reference types="trusted-types" />
+/** @fileoverview Internal implementations of TrustedResourceUrl. */
+import { UnwrapType } from './trusted_types.js';
+import { TrustedScriptURL } from './trusted_types_typings.js';
 import '../environment/dev.js';
@@ -13,18 +15,18 @@ /**
  * origin (e.g. scripts and stylesheets).
+ *
+ * @final
  */
-export declare type TrustedResourceUrl = TrustedScriptURL;
+export declare class TrustedResourceUrl {
+    private readonly privateDoNotAccessOrElseWrappedResourceUrl;
+    private constructor();
+    toString(): string;
+}
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `TrustedResourceUrl` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-export declare const TrustedResourceUrl: TrustedScriptURL;
-/**
- * Builds a new `TrustedResourceUrl` from the given string, without
- * enforcing safety guarantees. It may cause side effects by creating a Trusted
- * Types policy. This shouldn't be exposed to application developers, and must
- * only be used as a step towards safe builders or safe constants.
- */
-export declare function createResourceUrlInternal(url: string): TrustedResourceUrl;
-/**
- * Checks if the given value is a `TrustedResourceUrl` instance.
- */
+export declare function createResourceUrlInternal(value: string): TrustedResourceUrl;
+/** Checks if the given value is a `TrustedResourceUrl` instance */
 export declare function isResourceUrl(value: unknown): value is TrustedResourceUrl;
@@ -34,6 +36,8 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScriptURL` or a string if Trusted Types are
- * disabled.
+ * Returns a native `TrustedScriptURL` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
-export declare function unwrapResourceUrl(value: TrustedResourceUrl): TrustedScriptURL | string;
+export declare function unwrapResourceUrl(value: TrustedResourceUrl): UnwrapType<TrustedScriptURL> | string;

dist/cjs/internals/resource_url_impl.js

@@ -9,43 +9,49 @@ "use strict";
 exports.unwrapResourceUrl = exports.isResourceUrl = exports.createResourceUrlInternal = exports.TrustedResourceUrl = void 0;
+/** @fileoverview Internal implementations of TrustedResourceUrl. */
+const trusted_types_js_1 = require("./trusted_types.js");
 require("../environment/dev.js");
 const secrets_js_1 = require("./secrets.js");
-const trusted_types_js_1 = require("./trusted_types.js");
 /**
- * Runtime implementation of `TrustedScriptURL` in browsers that don't support
- * it.
+ * String that is safe to use in all URL contexts in DOM APIs and HTML
+ * documents; even as a reference to resources that may load in the current
+ * origin (e.g. scripts and stylesheets).
+ *
+ * @final
  */
-class ResourceUrlImpl {
-    constructor(url, token) {
-        (0, secrets_js_1.ensureTokenIsValid)(token);
-        this.privateDoNotAccessOrElseWrappedResourceUrl = url;
+class TrustedResourceUrl {
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            (0, secrets_js_1.ensureTokenIsValid)(token);
+        }
+        this.privateDoNotAccessOrElseWrappedResourceUrl = value;
     }
     toString() {
-        return this.privateDoNotAccessOrElseWrappedResourceUrl.toString();
+        // String coercion minimizes code size.
+        // tslint:disable-next-line:restrict-plus-operands
+        return this.privateDoNotAccessOrElseWrappedResourceUrl + '';
     }
 }
-const GlobalTrustedScriptURL = typeof window !== 'undefined' ? window.TrustedScriptURL : undefined;
+exports.TrustedResourceUrl = TrustedResourceUrl;
+const ResourceUrlImpl = TrustedResourceUrl;
+function constructResourceUrl(value) {
+    return new ResourceUrlImpl(secrets_js_1.secretToken, value);
+}
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `TrustedResourceUrl` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-exports.TrustedResourceUrl = (GlobalTrustedScriptURL !== null && GlobalTrustedScriptURL !== void 0 ? GlobalTrustedScriptURL : ResourceUrlImpl);
-/**
- * Builds a new `TrustedResourceUrl` from the given string, without
- * enforcing safety guarantees. It may cause side effects by creating a Trusted
- * Types policy. This shouldn't be exposed to application developers, and must
- * only be used as a step towards safe builders or safe constants.
- */
-function createResourceUrlInternal(url) {
-    var _a;
+function createResourceUrlInternal(value) {
+    // Inlining this variable can cause large codesize increases when it is a
+    // large constant string. See sizetests/examples/constants for an example.
     /** @noinline */
-    const noinlineUrl = url;
-    const trustedScriptURL = (_a = (0, trusted_types_js_1.getTrustedTypesPolicy)()) === null || _a === void 0 ? void 0 : _a.createScriptURL(noinlineUrl);
-    return (trustedScriptURL !== null && trustedScriptURL !== void 0 ? trustedScriptURL : new ResourceUrlImpl(noinlineUrl, secrets_js_1.secretToken));
+    const noinlineValue = value;
+    const policy = (0, trusted_types_js_1.getPolicy)();
+    return constructResourceUrl(policy ? policy.createScriptURL(noinlineValue) : noinlineValue);
 }
 exports.createResourceUrlInternal = createResourceUrlInternal;
-/**
- * Checks if the given value is a `TrustedResourceUrl` instance.
- */
+/** Checks if the given value is a `TrustedResourceUrl` instance */
 function isResourceUrl(value) {
-    var _a;
-    return (((_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.isScriptURL(value)) || value instanceof ResourceUrlImpl);
+    return value instanceof TrustedResourceUrl;
 }
@@ -56,14 +62,13 @@ exports.isResourceUrl = isResourceUrl;
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScriptURL` or a string if Trusted Types are
- * disabled.
+ * Returns a native `TrustedScriptURL` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
 function unwrapResourceUrl(value) {
-    var _a;
-    if ((_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.isScriptURL(value)) {
-        return value;
+    if (isResourceUrl(value)) {
+        return value
+            .privateDoNotAccessOrElseWrappedResourceUrl;
     }
-    else if (value instanceof ResourceUrlImpl) {
-        return value.privateDoNotAccessOrElseWrappedResourceUrl;
-    }
     else {
@@ -70,0 +75,0 @@ let message = '';

dist/cjs/internals/script_impl.d.ts

@@ -6,3 +6,5 @@ /**
  */
-/// <reference types="trusted-types" />
+/** @fileoverview Internal implementations of SafeScript. */
+import { UnwrapType } from './trusted_types.js';
+import { TrustedScript } from './trusted_types_typings.js';
 import '../environment/dev.js';
@@ -12,9 +14,11 @@ /**
  * script element.
+ *
+ * @final
  */
-export declare type SafeScript = TrustedScript;
+export declare class SafeScript {
+    private readonly privateDoNotAccessOrElseWrappedScript;
+    private constructor();
+    toString(): string;
+}
 /**
- * Also exports the constructor so that instanceof checks work.
- */
-export declare const SafeScript: TrustedScript;
-/**
  * Builds a new `SafeScript` from the given string, without enforcing
@@ -25,3 +29,3 @@ * safety guarantees. It may cause side effects by creating a Trusted Types
  */
-export declare function createScriptInternal(script: string): SafeScript;
+export declare function createScriptInternal(value: string): SafeScript;
 /**
@@ -32,5 +36,3 @@ * An empty `SafeScript` constant.
 export declare const EMPTY_SCRIPT: SafeScript;
-/**
- * Checks if the given value is a `SafeScript` instance.
- */
+/** Checks if the given value is a `SafeScript` instance */
 export declare function isScript(value: unknown): value is SafeScript;
@@ -40,5 +42,8 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScript` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedScript` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
-export declare function unwrapScript(value: SafeScript): TrustedScript | string;
+export declare function unwrapScript(value: SafeScript): UnwrapType<TrustedScript> | string;

dist/cjs/internals/script_impl.js

@@ -9,27 +9,32 @@ "use strict";
 exports.unwrapScript = exports.isScript = exports.EMPTY_SCRIPT = exports.createScriptInternal = exports.SafeScript = void 0;
+/** @fileoverview Internal implementations of SafeScript. */
+const trusted_types_js_1 = require("./trusted_types.js");
 require("../environment/dev.js");
+const pure_js_1 = require("./pure.js");
 const secrets_js_1 = require("./secrets.js");
-const trusted_types_js_1 = require("./trusted_types.js");
 /**
- * Runtime implementation of `TrustedScript` in browswers that don't support it.
+ * JavaScript code that is safe to evaluate and use as the content of an HTML
  * script element.
+ *
+ * @final
  */
-class ScriptImpl {
-    constructor(script, token) {
-        (0, secrets_js_1.ensureTokenIsValid)(token);
-        this.privateDoNotAccessOrElseWrappedScript = script;
+class SafeScript {
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            (0, secrets_js_1.ensureTokenIsValid)(token);
+        }
+        this.privateDoNotAccessOrElseWrappedScript = value;
     }
     toString() {
-        return this.privateDoNotAccessOrElseWrappedScript.toString();
+        // String coercion minimizes code size.
+        // tslint:disable-next-line:restrict-plus-operands
+        return this.privateDoNotAccessOrElseWrappedScript + '';
     }
 }
-function createTrustedScriptOrPolyfill(script, trusted) {
-    return (trusted !== null && trusted !== void 0 ? trusted : new ScriptImpl(script, secrets_js_1.secretToken));
+exports.SafeScript = SafeScript;
+const ScriptImpl = SafeScript;
+function constructScript(value) {
+    return new ScriptImpl(secrets_js_1.secretToken, value);
 }
-const GlobalTrustedScript = typeof window !== 'undefined' ? window.TrustedScript : undefined;
 /**
- * Also exports the constructor so that instanceof checks work.
- */
-exports.SafeScript = (GlobalTrustedScript !== null && GlobalTrustedScript !== void 0 ? GlobalTrustedScript : ScriptImpl);
-/**
  * Builds a new `SafeScript` from the given string, without enforcing
@@ -40,7 +45,9 @@ * safety guarantees. It may cause side effects by creating a Trusted Types
  */
-function createScriptInternal(script) {
-    var _a;
+function createScriptInternal(value) {
+    // Inlining this variable can cause large codesize increases when it is a
+    // large constant string. See sizetests/examples/constants for an example.
     /** @noinline */
-    const noinlineScript = script;
-    return createTrustedScriptOrPolyfill(noinlineScript, (_a = (0, trusted_types_js_1.getTrustedTypesPolicy)()) === null || _a === void 0 ? void 0 : _a.createScript(noinlineScript));
+    const noinlineValue = value;
+    const policy = (0, trusted_types_js_1.getPolicy)();
+    return constructScript(policy ? policy.createScript(noinlineValue) : noinlineValue);
 }
@@ -52,9 +59,6 @@ exports.createScriptInternal = createScriptInternal;
  */
-exports.EMPTY_SCRIPT = (() => { var _a; return createTrustedScriptOrPolyfill('', (_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.emptyScript); })();
-/**
- * Checks if the given value is a `SafeScript` instance.
- */
+exports.EMPTY_SCRIPT = (0, pure_js_1.pure)(() => constructScript(trusted_types_js_1.trustedTypes ? trusted_types_js_1.trustedTypes.emptyScript : ''));
+/** Checks if the given value is a `SafeScript` instance */
 function isScript(value) {
-    var _a;
-    return ((_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.isScript(value)) || value instanceof ScriptImpl;
+    return value instanceof SafeScript;
 }
@@ -65,13 +69,13 @@ exports.isScript = isScript;
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScript` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedScript` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
 function unwrapScript(value) {
-    var _a;
-    if ((_a = (0, trusted_types_js_1.getTrustedTypes)()) === null || _a === void 0 ? void 0 : _a.isScript(value)) {
-        return value;
+    if (isScript(value)) {
+        return value
+            .privateDoNotAccessOrElseWrappedScript;
     }
-    else if (value instanceof ScriptImpl) {
-        return value.privateDoNotAccessOrElseWrappedScript;
-    }
     else {
@@ -78,0 +82,0 @@ let message = '';

dist/cjs/internals/style_sheet_impl.d.ts

@@ -6,9 +6,14 @@ /**
  */
+/** @fileoverview Internal implementations of SafeStyleSheet. */
 import '../environment/dev.js';
 /**
- * A complete CSS style sheet, safe to use in style contexts in an HTML document
- * or DOM APIs.
+ * A complete CSS style sheet, safe to use in style contexts in an HTML
+ * document or DOM APIs.
+ *
+ * @final
  */
-export declare abstract class SafeStyleSheet {
-    private readonly brand;
+export declare class SafeStyleSheet {
+    private readonly privateDoNotAccessOrElseWrappedStyleSheet;
+    private constructor();
+    toString(): string;
 }
@@ -20,3 +25,3 @@ /**
  */
-export declare function createStyleSheetInternal(styleSheet: string): SafeStyleSheet;
+export declare function createStyleSheetInternal(value: string): SafeStyleSheet;
 /**
@@ -27,5 +32,5 @@ * Checks if the given value is a `SafeStyleSheet` instance.
 /**
- * Returns the string value of the passed `SafeStyleSheet` object while
- * ensuring it has the correct type.
+ * Returns the string value of the passed `SafeStyleSheet` object while ensuring it
+ * has the correct type.
  */
 export declare function unwrapStyleSheet(value: SafeStyleSheet): string;

dist/cjs/internals/style_sheet_impl.js

@@ -9,17 +9,17 @@ "use strict";
 exports.unwrapStyleSheet = exports.isStyleSheet = exports.createStyleSheetInternal = exports.SafeStyleSheet = void 0;
+/** @fileoverview Internal implementations of SafeStyleSheet. */
 require("../environment/dev.js");
 const secrets_js_1 = require("./secrets.js");
 /**
- * A complete CSS style sheet, safe to use in style contexts in an HTML document
- * or DOM APIs.
+ * A complete CSS style sheet, safe to use in style contexts in an HTML
+ * document or DOM APIs.
+ *
+ * @final
  */
 class SafeStyleSheet {
-}
-exports.SafeStyleSheet = SafeStyleSheet;
-/** Implementation for `SafeStyleSheet` */
-class StyleSheetImpl extends SafeStyleSheet {
-    constructor(styleSheet, token) {
-        super();
-        (0, secrets_js_1.ensureTokenIsValid)(token);
-        this.privateDoNotAccessOrElseWrappedStyleSheet = styleSheet;
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            (0, secrets_js_1.ensureTokenIsValid)(token);
+        }
+        this.privateDoNotAccessOrElseWrappedStyleSheet = value;
     }
@@ -30,2 +30,4 @@ toString() {
 }
+exports.SafeStyleSheet = SafeStyleSheet;
+const StyleSheetImpl = SafeStyleSheet;
 /**
@@ -36,4 +38,4 @@ * Builds a new `SafeStyleSheet` from the given string, without enforcing
  */
-function createStyleSheetInternal(styleSheet) {
-    return new StyleSheetImpl(styleSheet, secrets_js_1.secretToken);
+function createStyleSheetInternal(value) {
+    return new StyleSheetImpl(secrets_js_1.secretToken, value);
 }
@@ -45,21 +47,20 @@ exports.createStyleSheetInternal = createStyleSheetInternal;
 function isStyleSheet(value) {
-    return value instanceof StyleSheetImpl;
+    return value instanceof SafeStyleSheet;
 }
 exports.isStyleSheet = isStyleSheet;
 /**
- * Returns the string value of the passed `SafeStyleSheet` object while
- * ensuring it has the correct type.
+ * Returns the string value of the passed `SafeStyleSheet` object while ensuring it
+ * has the correct type.
  */
 function unwrapStyleSheet(value) {
-    if (value instanceof StyleSheetImpl) {
-        return value.privateDoNotAccessOrElseWrappedStyleSheet;
+    if (isStyleSheet(value)) {
+        return value
+            .privateDoNotAccessOrElseWrappedStyleSheet;
     }
-    else {
-        let message = '';
-        if (process.env.NODE_ENV !== 'production') {
-            message = 'Unexpected type when unwrapping SafeStyleSheet';
-        }
-        throw new Error(message);
+    let message = '';
+    if (process.env.NODE_ENV !== 'production') {
+        message = `Unexpected type when unwrapping SafeStyleSheet, got '${value}' of type '${typeof value}'`;
     }
+    throw new Error(message);
 }
 exports.unwrapStyleSheet = unwrapStyleSheet;

dist/cjs/internals/trusted_types.d.ts

@@ -6,18 +6,32 @@ /**
  */
-/// <reference types="trusted-types" />
 /**
- * Returns window.trustedTypes if Trusted Types are enabled and supported, or
- * null otherwise.
+ * @fileoverview Utilities for interacting with Trusted Types, create and/or
+ * retrieve the policy for the library.
  */
-export declare function getTrustedTypes(): TrustedTypePolicyFactory | null;
+import '../environment/dev.js';
+import { TrustedTypePolicy, TrustedTypePolicyFactory } from './trusted_types_typings.js';
+declare type ExposeTrustedTypes = false;
 /**
- * Returns the Trusted Types policy used by TS safevalues, or null if Trusted
- * Types are not enabled/supported. The first call to this function will
- * create the policy.
+ * Controls whether to expose Trusted Types to the user through unwrapper
+ * functions.
  */
-export declare function getTrustedTypesPolicy(): TrustedTypePolicy | null;
+export declare type UnwrapType<T> = ExposeTrustedTypes extends true ? T : {
+    toString(): string;
+};
+/** Re-exports the global trustedTypes object for convenience. */
+export declare const trustedTypes: TrustedTypePolicyFactory | undefined;
+/**
+ * Returns the Trusted Types policy used by safevalues, or null if Trusted
+ * Types are not enabled/supported.
+ *
+ * The first call to this function will create the policy, and all subsequent
+ * calls will return the same policy.
+ */
+export declare function getPolicy(): TrustedTypePolicy | null;
 /** Helpers for tests. */
 export declare const TEST_ONLY: {
+    setPolicyName(name: string): void;
+    setTrustedTypes(mockTrustedTypes: TrustedTypePolicyFactory | undefined): void;
     resetDefaults(): void;
-    setTrustedTypesPolicyName(name: string): void;
 };
+export {};

dist/cjs/internals/trusted_types.js

@@ -8,68 +8,86 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.TEST_ONLY = exports.getTrustedTypesPolicy = exports.getTrustedTypes = void 0;
+exports.TEST_ONLY = exports.getPolicy = exports.trustedTypes = void 0;
 /**
- * The name of the Trusted Types policy used by TS safevalues, or empty
- * to disable Trusted Types. This duplicates the 'google#safe', but
- * can be overridden in tests.
+ * @fileoverview Utilities for interacting with Trusted Types, create and/or
+ * retrieve the policy for the library.
  */
-let trustedTypesPolicyName = 'google#safe';
-/** Helper to retrieve the value of `window.trustedTypes`. */
-function trustedTypes() {
-    if (typeof window !== 'undefined') {
-        return window.trustedTypes;
-    }
-    return undefined;
-}
+require("../environment/dev.js");
 /**
- * Returns window.trustedTypes if Trusted Types are enabled and supported, or
- * null otherwise.
+ * The name of the Trusted Types policy used by the library, or empty
+ * to disable Trusted Types.
  */
-function getTrustedTypes() {
-    var _a;
-    return trustedTypesPolicyName !== '' ? (_a = trustedTypes()) !== null && _a !== void 0 ? _a : null : null;
-}
-exports.getTrustedTypes = getTrustedTypes;
+const configuredPolicyName = 'google#safe';
+/** Mutable version of the policy name so it is testable. */
+let policyName = configuredPolicyName;
+/** Re-exports the global trustedTypes object for convenience. */
+exports.trustedTypes = globalThis.trustedTypes;
 /**
- * The Trusted Types policy used by TS safevalues, or null if Trusted Types
- * are not enabled/supported, or undefined if the policy has not been created
- * yet.
+ * Mutable version of trustedTypes object so it is testable
+ *
+ * Note: we need to mark this as not inlineable to prevent the compiler from
+ * inlining it and causing soy conformance tests to fail.
+ * @noinline
  */
-let trustedTypesPolicy;
+let trustedTypesInternal = exports.trustedTypes;
 /**
- * Returns the Trusted Types policy used by TS safevalues, or null if Trusted
- * Types are not enabled/supported. The first call to this function will
- * create the policy.
+ * Cached Trusted Types policy:
+ *  - `null` if Trusted Types are not enabled/supported
+ *  - `undefined` if the policy has not been created yet.
  */
-function getTrustedTypesPolicy() {
-    var _a, _b;
-    if (trustedTypesPolicy === undefined) {
-        try {
-            trustedTypesPolicy =
-                (_b = (_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.createPolicy(trustedTypesPolicyName, {
-                    createHTML: (s) => s,
-                    createScript: (s) => s,
-                    createScriptURL: (s) => s,
-                })) !== null && _b !== void 0 ? _b : null;
+let policy;
+function createPolicy() {
+    let policy = null;
+    if (policyName === '') {
+        // Binary is not configured to use Trusted Types.
+        return policy;
+    }
+    if (!trustedTypesInternal) {
+        return policy;
+    }
+    // trustedTypes.createPolicy throws in some older versions of chrome if
+    // called with a name that is already registered, even in report-only mode.
+    // Until the API changes, catch the error not to break the applications
+    // functionally. In such case, the code will fall back to using strings.
+    try {
+        const identity = (x) => x;
+        policy = trustedTypesInternal.createPolicy(policyName, {
+            createHTML: identity,
+            createScript: identity,
+            createScriptURL: identity,
+        });
+    }
+    catch (e) {
+        if (process.env.NODE_ENV !== 'production') {
+            throw e;
         }
-        catch (_c) {
-            // In Chromium versions before 81, trustedTypes.createPolicy throws if
-            // called with a name that is already registered, even if no CSP is set.
-            // Until users have largely migrated to 81 or above, catch the error not
-            // to break the applications functionally. In such case, the code will
-            // fall back to using regular Safe Types.
-            trustedTypesPolicy = null;
-        }
     }
-    return trustedTypesPolicy;
+    return policy;
 }
-exports.getTrustedTypesPolicy = getTrustedTypesPolicy;
+/**
+ * Returns the Trusted Types policy used by safevalues, or null if Trusted
+ * Types are not enabled/supported.
+ *
+ * The first call to this function will create the policy, and all subsequent
+ * calls will return the same policy.
+ */
+function getPolicy() {
+    if (policy === undefined) {
+        policy = createPolicy();
+    }
+    return policy;
+}
+exports.getPolicy = getPolicy;
 /** Helpers for tests. */
 exports.TEST_ONLY = {
+    setPolicyName(name) {
+        policyName = name;
+    },
+    setTrustedTypes(mockTrustedTypes) {
+        trustedTypesInternal = mockTrustedTypes;
+    },
     resetDefaults() {
-        trustedTypesPolicy = undefined;
-        trustedTypesPolicyName = 'google#safe';
+        policy = undefined;
+        policyName = configuredPolicyName;
+        trustedTypesInternal = exports.trustedTypes;
     },
-    setTrustedTypesPolicyName(name) {
-        trustedTypesPolicyName = name;
-    },
 };

dist/mjs/builders/html_builders.d.ts

@@ -62,3 +62,3 @@ /**
  * Non-exported version of `nodeToHtml`, with an explicit temporary root to
- * accomodate for the sanitizer's user case.
+ * accommodate for the sanitizer's user case.
  */
@@ -65,0 +65,0 @@ export declare function nodeToHtmlInternal(node: Node, temporaryRoot: Element): SafeHtml;

dist/mjs/builders/html_builders.js

@@ -127,3 +127,3 @@ /**
  * Non-exported version of `nodeToHtml`, with an explicit temporary root to
- * accomodate for the sanitizer's user case.
+ * accommodate for the sanitizer's user case.
  */
@@ -130,0 +130,0 @@ export function nodeToHtmlInternal(node, temporaryRoot) {

dist/mjs/builders/html_sanitizer/css/sanitizer.js

@@ -34,8 +34,8 @@ /**
     getStyleSheet(cssText) {
-        const style = this.inertDocument.createElement('style');
-        const safeStyle = createStyleSheetInternal(cssText);
-        setTextContent(style, safeStyle);
-        this.inertDocument.head.appendChild(style);
-        const sheet = style.sheet; // guaranteed to be non-null
-        style.remove();
+        const styleEl = this.inertDocument.createElement('style');
+        const safeStyleSheet = createStyleSheetInternal(cssText);
+        setTextContent(styleEl, safeStyleSheet);
+        this.inertDocument.head.appendChild(styleEl);
+        const sheet = styleEl.sheet; // guaranteed to be non-null
+        styleEl.remove();
         return sheet;
@@ -42,0 +42,0 @@ }

dist/mjs/builders/html_sanitizer/default_css_sanitizer.d.ts

@@ -14,3 +14,6 @@ /**
  */
-/** Sanitizes untrusted CSS using the default sanitizer configuration. */
+/**
+ * Sanitizes untrusted CSS using the default sanitizer configuration.
+ *
+ */
 export declare function sanitizeHtmlWithCss(css: string): DocumentFragment;

dist/mjs/builders/html_sanitizer/default_css_sanitizer.js

@@ -17,5 +17,8 @@ /**
 const defaultCssSanitizer = /* #__PURE__ */ pure(() => new CssSanitizerBuilder().build());
-/** Sanitizes untrusted CSS using the default sanitizer configuration. */
+/**
+ * Sanitizes untrusted CSS using the default sanitizer configuration.
+ *
+ */
 export function sanitizeHtmlWithCss(css) {
     return defaultCssSanitizer.sanitizeToFragment(css);
 }

dist/mjs/dom/globals/location.js

@@ -14,3 +14,3 @@ /**
     if (sanitizedUrl !== undefined) {
-        loc.href = sanitizedUrl;
+        mockableLocation.setHref(loc, sanitizedUrl);
     }
@@ -25,3 +25,3 @@ }
     if (sanitizedUrl !== undefined) {
-        loc.replace(sanitizedUrl);
+        mockableLocation.replace(loc, sanitizedUrl);
     }
@@ -36,4 +36,23 @@ }
     if (sanitizedUrl !== undefined) {
-        loc.assign(sanitizedUrl);
+        mockableLocation.assign(loc, sanitizedUrl);
     }
 }
+/**
+ * Set of wrappers around the location object for tests to observe and mock it.
+ * Window.location is a read-only property. Users used to mock it with our
+ * former exports like safeLocation. This is not possible anymore now that
+ * functions are directly exported on the module.
+ * Ideally, we wouldn't provide this. It just happens that the safe wrappers are
+ * a handy plug-in point for mocks...
+ */
+const mockableLocation = {
+    setHref(loc, url) {
+        loc.href = url;
+    },
+    replace(loc, url) {
+        loc.replace(url);
+    },
+    assign(loc, url) {
+        loc.assign(url);
+    },
+};

dist/mjs/dom/index.d.ts

@@ -10,26 +10,2 @@ /**
  */
-export * as safeAnchorEl from './elements/anchor.js';
-export * as safeAreaEl from './elements/area.js';
-export * as safeBaseEl from './elements/base.js';
-export * as safeButtonEl from './elements/button.js';
-export * as safeElement from './elements/element.js';
-export * as safeEmbedEl from './elements/embed.js';
-export * as safeFormEl from './elements/form.js';
-export * as safeIframeEl from './elements/iframe.js';
-export * as safeInputEl from './elements/input.js';
-export * as safeLinkEl from './elements/link.js';
-export * as safeObjectEl from './elements/object.js';
-export * as safeScriptEl from './elements/script.js';
-export * as safeStyleEl from './elements/style.js';
-export * as safeSvgEl from './elements/svg.js';
-export * as safeSvgUseEl from './elements/svg_use.js';
-export * as safeDocument from './globals/document.js';
-export * as safeDomParser from './globals/dom_parser.js';
-export * as safeGlobal from './globals/global.js';
-export * as safeLocation from './globals/location.js';
-export * as safeRange from './globals/range.js';
-export * as safeServiceWorkerContainer from './globals/service_worker_container.js';
-export * as safeUrl from './globals/url.js';
-export * as safeWindow from './globals/window.js';
-export * as safeWorker from './globals/worker.js';
 export { setHref as setAnchorHref } from './elements/anchor.js';
@@ -36,0 +12,0 @@ export { setHref as setAreaHref } from './elements/area.js';

dist/mjs/dom/index.js

@@ -10,27 +10,2 @@ /**
  */
-// Old names. These are deprecated. Use the function directly defined on safevalues.dom instead.
-export * as safeAnchorEl from './elements/anchor.js';
-export * as safeAreaEl from './elements/area.js';
-export * as safeBaseEl from './elements/base.js';
-export * as safeButtonEl from './elements/button.js';
-export * as safeElement from './elements/element.js';
-export * as safeEmbedEl from './elements/embed.js';
-export * as safeFormEl from './elements/form.js';
-export * as safeIframeEl from './elements/iframe.js';
-export * as safeInputEl from './elements/input.js';
-export * as safeLinkEl from './elements/link.js';
-export * as safeObjectEl from './elements/object.js';
-export * as safeScriptEl from './elements/script.js';
-export * as safeStyleEl from './elements/style.js';
-export * as safeSvgEl from './elements/svg.js';
-export * as safeSvgUseEl from './elements/svg_use.js';
-export * as safeDocument from './globals/document.js';
-export * as safeDomParser from './globals/dom_parser.js';
-export * as safeGlobal from './globals/global.js';
-export * as safeLocation from './globals/location.js';
-export * as safeRange from './globals/range.js';
-export * as safeServiceWorkerContainer from './globals/service_worker_container.js';
-export * as safeUrl from './globals/url.js';
-export * as safeWindow from './globals/window.js';
-export * as safeWorker from './globals/worker.js';
 // Re-export functions with new names that don't conflict with browser APIs.
@@ -37,0 +12,0 @@ export { setHref as setAnchorHref } from './elements/anchor.js';

dist/mjs/internals/html_impl.d.ts

@@ -6,28 +6,29 @@ /**
  */
-/// <reference types="trusted-types" />
+/** @fileoverview Internal implementations of SafeHtml. */
+import { UnwrapType } from './trusted_types.js';
+import { TrustedHTML } from './trusted_types_typings.js';
 import '../environment/dev.js';
 /**
- * String that is safe to use in HTML contexts in DOM APIs and HTML
- documents.
+ * String that is safe to use in HTML contexts in DOM APIs and HTML documents.
+ *
+ * @final
  */
-export declare type SafeHtml = TrustedHTML;
+export declare class SafeHtml {
+    private readonly privateDoNotAccessOrElseWrappedHtml;
+    private constructor();
+    toString(): string;
+}
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `SafeHtml` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-export declare const SafeHtml: TrustedHTML;
+export declare function createHtmlInternal(value: string): SafeHtml;
 /**
- * Builds a new `SafeHtml` from the given string, without enforcing safety
- * guarantees. It may cause side effects by creating a Trusted Types policy.
- * This shouldn't be exposed to application developers, and must only be used as
- * a step towards safe builders or safe constants.
- */
-export declare function createHtmlInternal(html: string): SafeHtml;
-/**
  * An empty `SafeHtml` constant.
- * Unlike the function above, using this will not create a policy.
+ * Unlike the functions above, using this will not create a policy.
  */
 export declare const EMPTY_HTML: SafeHtml;
-/**
- * Checks if the given value is a `SafeHtml` instance.
- */
+/** Checks if the given value is a `SafeHtml` instance */
 export declare function isHtml(value: unknown): value is SafeHtml;
@@ -37,5 +38,8 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedHTML` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedHTML` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
-export declare function unwrapHtml(value: SafeHtml): TrustedHTML | string;
+export declare function unwrapHtml(value: SafeHtml): UnwrapType<TrustedHTML> | string;

dist/mjs/internals/html_impl.js

@@ -6,48 +6,51 @@ /**
  */
+/** @fileoverview Internal implementations of SafeHtml. */
+import { getPolicy, trustedTypes } from './trusted_types.js';
 import '../environment/dev.js';
+import { pure } from './pure.js';
 import { ensureTokenIsValid, secretToken } from './secrets.js';
-import { getTrustedTypes, getTrustedTypesPolicy } from './trusted_types.js';
 /**
- * Runtime implementation of `TrustedHTML` in browsers that don't support it.
+ * String that is safe to use in HTML contexts in DOM APIs and HTML documents.
+ *
+ * @final
  */
-class HtmlImpl {
-    constructor(html, token) {
-        ensureTokenIsValid(token);
-        this.privateDoNotAccessOrElseWrappedHtml = html;
+export class SafeHtml {
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            ensureTokenIsValid(token);
+        }
+        this.privateDoNotAccessOrElseWrappedHtml = value;
     }
     toString() {
-        return this.privateDoNotAccessOrElseWrappedHtml.toString();
+        // String coercion minimizes code size.
+        // tslint:disable-next-line:restrict-plus-operands
+        return this.privateDoNotAccessOrElseWrappedHtml + '';
     }
 }
-function createTrustedHtmlOrPolyfill(html, trusted) {
-    return (trusted !== null && trusted !== void 0 ? trusted : new HtmlImpl(html, secretToken));
+const HtmlImpl = SafeHtml;
+function constructHtml(value) {
+    return new HtmlImpl(secretToken, value);
 }
-const GlobalTrustedHTML = typeof window !== 'undefined' ? window.TrustedHTML : undefined;
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `SafeHtml` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-export const SafeHtml = (GlobalTrustedHTML !== null && GlobalTrustedHTML !== void 0 ? GlobalTrustedHTML : HtmlImpl);
-/**
- * Builds a new `SafeHtml` from the given string, without enforcing safety
- * guarantees. It may cause side effects by creating a Trusted Types policy.
- * This shouldn't be exposed to application developers, and must only be used as
- * a step towards safe builders or safe constants.
- */
-export function createHtmlInternal(html) {
-    var _a;
+export function createHtmlInternal(value) {
+    // Inlining this variable can cause large codesize increases when it is a
+    // large constant string. See sizetests/examples/constants for an example.
     /** @noinline */
-    const noinlineHtml = html;
-    return createTrustedHtmlOrPolyfill(noinlineHtml, (_a = getTrustedTypesPolicy()) === null || _a === void 0 ? void 0 : _a.createHTML(noinlineHtml));
+    const noinlineValue = value;
+    const policy = getPolicy();
+    return constructHtml(policy ? policy.createHTML(noinlineValue) : noinlineValue);
 }
 /**
  * An empty `SafeHtml` constant.
- * Unlike the function above, using this will not create a policy.
+ * Unlike the functions above, using this will not create a policy.
  */
-export const EMPTY_HTML = /* #__PURE__ */ (() => { var _a; return createTrustedHtmlOrPolyfill('', (_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.emptyHTML); })();
-/**
- * Checks if the given value is a `SafeHtml` instance.
- */
+export const EMPTY_HTML = /* #__PURE__ */ pure(() => constructHtml(trustedTypes ? trustedTypes.emptyHTML : ''));
+/** Checks if the given value is a `SafeHtml` instance */
 export function isHtml(value) {
-    var _a;
-    return ((_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.isHTML(value)) || value instanceof HtmlImpl;
+    return value instanceof SafeHtml;
 }
@@ -57,11 +60,10 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedHTML` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedHTML` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
 export function unwrapHtml(value) {
-    var _a;
-    if ((_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.isHTML(value)) {
-        return value;
-    }
-    else if (value instanceof HtmlImpl) {
+    if (isHtml(value)) {
         return value.privateDoNotAccessOrElseWrappedHtml;
@@ -68,0 +70,0 @@ }

dist/mjs/internals/resource_url_impl.d.ts

@@ -6,3 +6,5 @@ /**
  */
-/// <reference types="trusted-types" />
+/** @fileoverview Internal implementations of TrustedResourceUrl. */
+import { UnwrapType } from './trusted_types.js';
+import { TrustedScriptURL } from './trusted_types_typings.js';
 import '../environment/dev.js';
@@ -13,18 +15,18 @@ /**
  * origin (e.g. scripts and stylesheets).
+ *
+ * @final
  */
-export declare type TrustedResourceUrl = TrustedScriptURL;
+export declare class TrustedResourceUrl {
+    private readonly privateDoNotAccessOrElseWrappedResourceUrl;
+    private constructor();
+    toString(): string;
+}
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `TrustedResourceUrl` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-export declare const TrustedResourceUrl: TrustedScriptURL;
-/**
- * Builds a new `TrustedResourceUrl` from the given string, without
- * enforcing safety guarantees. It may cause side effects by creating a Trusted
- * Types policy. This shouldn't be exposed to application developers, and must
- * only be used as a step towards safe builders or safe constants.
- */
-export declare function createResourceUrlInternal(url: string): TrustedResourceUrl;
-/**
- * Checks if the given value is a `TrustedResourceUrl` instance.
- */
+export declare function createResourceUrlInternal(value: string): TrustedResourceUrl;
+/** Checks if the given value is a `TrustedResourceUrl` instance */
 export declare function isResourceUrl(value: unknown): value is TrustedResourceUrl;
@@ -34,6 +36,8 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScriptURL` or a string if Trusted Types are
- * disabled.
+ * Returns a native `TrustedScriptURL` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
-export declare function unwrapResourceUrl(value: TrustedResourceUrl): TrustedScriptURL | string;
+export declare function unwrapResourceUrl(value: TrustedResourceUrl): UnwrapType<TrustedScriptURL> | string;

dist/mjs/internals/resource_url_impl.js

@@ -6,42 +6,47 @@ /**
  */
+/** @fileoverview Internal implementations of TrustedResourceUrl. */
+import { getPolicy } from './trusted_types.js';
 import '../environment/dev.js';
 import { ensureTokenIsValid, secretToken } from './secrets.js';
-import { getTrustedTypes, getTrustedTypesPolicy } from './trusted_types.js';
 /**
- * Runtime implementation of `TrustedScriptURL` in browsers that don't support
- * it.
+ * String that is safe to use in all URL contexts in DOM APIs and HTML
+ * documents; even as a reference to resources that may load in the current
+ * origin (e.g. scripts and stylesheets).
+ *
+ * @final
  */
-class ResourceUrlImpl {
-    constructor(url, token) {
-        ensureTokenIsValid(token);
-        this.privateDoNotAccessOrElseWrappedResourceUrl = url;
+export class TrustedResourceUrl {
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            ensureTokenIsValid(token);
+        }
+        this.privateDoNotAccessOrElseWrappedResourceUrl = value;
     }
     toString() {
-        return this.privateDoNotAccessOrElseWrappedResourceUrl.toString();
+        // String coercion minimizes code size.
+        // tslint:disable-next-line:restrict-plus-operands
+        return this.privateDoNotAccessOrElseWrappedResourceUrl + '';
     }
 }
-const GlobalTrustedScriptURL = typeof window !== 'undefined' ? window.TrustedScriptURL : undefined;
+const ResourceUrlImpl = TrustedResourceUrl;
+function constructResourceUrl(value) {
+    return new ResourceUrlImpl(secretToken, value);
+}
 /**
- * Also exports the constructor so that instanceof checks work.
+ * Builds a new `TrustedResourceUrl` from the given string, without enforcing
+ * safety guarantees. It may cause side effects by creating a Trusted Types
+ * policy. This shouldn't be exposed to application developers, and must only be
+ * used as a step towards safe builders or safe constants.
  */
-export const TrustedResourceUrl = (GlobalTrustedScriptURL !== null && GlobalTrustedScriptURL !== void 0 ? GlobalTrustedScriptURL : ResourceUrlImpl);
-/**
- * Builds a new `TrustedResourceUrl` from the given string, without
- * enforcing safety guarantees. It may cause side effects by creating a Trusted
- * Types policy. This shouldn't be exposed to application developers, and must
- * only be used as a step towards safe builders or safe constants.
- */
-export function createResourceUrlInternal(url) {
-    var _a;
+export function createResourceUrlInternal(value) {
+    // Inlining this variable can cause large codesize increases when it is a
+    // large constant string. See sizetests/examples/constants for an example.
     /** @noinline */
-    const noinlineUrl = url;
-    const trustedScriptURL = (_a = getTrustedTypesPolicy()) === null || _a === void 0 ? void 0 : _a.createScriptURL(noinlineUrl);
-    return (trustedScriptURL !== null && trustedScriptURL !== void 0 ? trustedScriptURL : new ResourceUrlImpl(noinlineUrl, secretToken));
+    const noinlineValue = value;
+    const policy = getPolicy();
+    return constructResourceUrl(policy ? policy.createScriptURL(noinlineValue) : noinlineValue);
 }
-/**
- * Checks if the given value is a `TrustedResourceUrl` instance.
- */
+/** Checks if the given value is a `TrustedResourceUrl` instance */
 export function isResourceUrl(value) {
-    var _a;
-    return (((_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.isScriptURL(value)) || value instanceof ResourceUrlImpl);
+    return value instanceof TrustedResourceUrl;
 }
@@ -51,14 +56,13 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScriptURL` or a string if Trusted Types are
- * disabled.
+ * Returns a native `TrustedScriptURL` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
 export function unwrapResourceUrl(value) {
-    var _a;
-    if ((_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.isScriptURL(value)) {
-        return value;
+    if (isResourceUrl(value)) {
+        return value
+            .privateDoNotAccessOrElseWrappedResourceUrl;
     }
-    else if (value instanceof ResourceUrlImpl) {
-        return value.privateDoNotAccessOrElseWrappedResourceUrl;
-    }
     else {
@@ -65,0 +69,0 @@ let message = '';

dist/mjs/internals/script_impl.d.ts

@@ -6,3 +6,5 @@ /**
  */
-/// <reference types="trusted-types" />
+/** @fileoverview Internal implementations of SafeScript. */
+import { UnwrapType } from './trusted_types.js';
+import { TrustedScript } from './trusted_types_typings.js';
 import '../environment/dev.js';
@@ -12,9 +14,11 @@ /**
  * script element.
+ *
+ * @final
  */
-export declare type SafeScript = TrustedScript;
+export declare class SafeScript {
+    private readonly privateDoNotAccessOrElseWrappedScript;
+    private constructor();
+    toString(): string;
+}
 /**
- * Also exports the constructor so that instanceof checks work.
- */
-export declare const SafeScript: TrustedScript;
-/**
  * Builds a new `SafeScript` from the given string, without enforcing
@@ -25,3 +29,3 @@ * safety guarantees. It may cause side effects by creating a Trusted Types
  */
-export declare function createScriptInternal(script: string): SafeScript;
+export declare function createScriptInternal(value: string): SafeScript;
 /**
@@ -32,5 +36,3 @@ * An empty `SafeScript` constant.
 export declare const EMPTY_SCRIPT: SafeScript;
-/**
- * Checks if the given value is a `SafeScript` instance.
- */
+/** Checks if the given value is a `SafeScript` instance */
 export declare function isScript(value: unknown): value is SafeScript;
@@ -40,5 +42,8 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScript` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedScript` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
-export declare function unwrapScript(value: SafeScript): TrustedScript | string;
+export declare function unwrapScript(value: SafeScript): UnwrapType<TrustedScript> | string;

dist/mjs/internals/script_impl.js

@@ -6,27 +6,31 @@ /**
  */
+/** @fileoverview Internal implementations of SafeScript. */
+import { getPolicy, trustedTypes } from './trusted_types.js';
 import '../environment/dev.js';
+import { pure } from './pure.js';
 import { ensureTokenIsValid, secretToken } from './secrets.js';
-import { getTrustedTypes, getTrustedTypesPolicy } from './trusted_types.js';
 /**
- * Runtime implementation of `TrustedScript` in browswers that don't support it.
+ * JavaScript code that is safe to evaluate and use as the content of an HTML
  * script element.
+ *
+ * @final
  */
-class ScriptImpl {
-    constructor(script, token) {
-        ensureTokenIsValid(token);
-        this.privateDoNotAccessOrElseWrappedScript = script;
+export class SafeScript {
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            ensureTokenIsValid(token);
+        }
+        this.privateDoNotAccessOrElseWrappedScript = value;
     }
     toString() {
-        return this.privateDoNotAccessOrElseWrappedScript.toString();
+        // String coercion minimizes code size.
+        // tslint:disable-next-line:restrict-plus-operands
+        return this.privateDoNotAccessOrElseWrappedScript + '';
     }
 }
-function createTrustedScriptOrPolyfill(script, trusted) {
-    return (trusted !== null && trusted !== void 0 ? trusted : new ScriptImpl(script, secretToken));
+const ScriptImpl = SafeScript;
+function constructScript(value) {
+    return new ScriptImpl(secretToken, value);
 }
-const GlobalTrustedScript = typeof window !== 'undefined' ? window.TrustedScript : undefined;
 /**
- * Also exports the constructor so that instanceof checks work.
- */
-export const SafeScript = (GlobalTrustedScript !== null && GlobalTrustedScript !== void 0 ? GlobalTrustedScript : ScriptImpl);
-/**
  * Builds a new `SafeScript` from the given string, without enforcing
@@ -37,7 +41,9 @@ * safety guarantees. It may cause side effects by creating a Trusted Types
  */
-export function createScriptInternal(script) {
-    var _a;
+export function createScriptInternal(value) {
+    // Inlining this variable can cause large codesize increases when it is a
+    // large constant string. See sizetests/examples/constants for an example.
     /** @noinline */
-    const noinlineScript = script;
-    return createTrustedScriptOrPolyfill(noinlineScript, (_a = getTrustedTypesPolicy()) === null || _a === void 0 ? void 0 : _a.createScript(noinlineScript));
+    const noinlineValue = value;
+    const policy = getPolicy();
+    return constructScript(policy ? policy.createScript(noinlineValue) : noinlineValue);
 }
@@ -48,9 +54,6 @@ /**
  */
-export const EMPTY_SCRIPT = /* #__PURE__ */ (() => { var _a; return createTrustedScriptOrPolyfill('', (_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.emptyScript); })();
-/**
- * Checks if the given value is a `SafeScript` instance.
- */
+export const EMPTY_SCRIPT = /* #__PURE__ */ pure(() => constructScript(trustedTypes ? trustedTypes.emptyScript : ''));
+/** Checks if the given value is a `SafeScript` instance */
 export function isScript(value) {
-    var _a;
-    return ((_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.isScript(value)) || value instanceof ScriptImpl;
+    return value instanceof SafeScript;
 }
@@ -60,13 +63,13 @@ /**
  * has the correct type.
+ * Using this function directly is not common. Safe types are not meant to be
+ * unwrapped, but rather passed to other APIs that consume them, like the DOM
+ * wrappers in safevalues/dom.
  *
- * Returns a native `TrustedScript` or a string if Trusted Types are disabled.
+ * Returns a native `TrustedScript` instance typed as {toString(): string} or a string if Trusted Types are disabled.
  */
 export function unwrapScript(value) {
-    var _a;
-    if ((_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.isScript(value)) {
-        return value;
+    if (isScript(value)) {
+        return value
+            .privateDoNotAccessOrElseWrappedScript;
     }
-    else if (value instanceof ScriptImpl) {
-        return value.privateDoNotAccessOrElseWrappedScript;
-    }
     else {
@@ -73,0 +76,0 @@ let message = '';

dist/mjs/internals/style_sheet_impl.d.ts

@@ -6,9 +6,14 @@ /**
  */
+/** @fileoverview Internal implementations of SafeStyleSheet. */
 import '../environment/dev.js';
 /**
- * A complete CSS style sheet, safe to use in style contexts in an HTML document
- * or DOM APIs.
+ * A complete CSS style sheet, safe to use in style contexts in an HTML
+ * document or DOM APIs.
+ *
+ * @final
  */
-export declare abstract class SafeStyleSheet {
-    private readonly brand;
+export declare class SafeStyleSheet {
+    private readonly privateDoNotAccessOrElseWrappedStyleSheet;
+    private constructor();
+    toString(): string;
 }
@@ -20,3 +25,3 @@ /**
  */
-export declare function createStyleSheetInternal(styleSheet: string): SafeStyleSheet;
+export declare function createStyleSheetInternal(value: string): SafeStyleSheet;
 /**
@@ -27,5 +32,5 @@ * Checks if the given value is a `SafeStyleSheet` instance.
 /**
- * Returns the string value of the passed `SafeStyleSheet` object while
- * ensuring it has the correct type.
+ * Returns the string value of the passed `SafeStyleSheet` object while ensuring it
+ * has the correct type.
  */
 export declare function unwrapStyleSheet(value: SafeStyleSheet): string;

dist/mjs/internals/style_sheet_impl.js

@@ -6,16 +6,17 @@ /**
  */
+/** @fileoverview Internal implementations of SafeStyleSheet. */
 import '../environment/dev.js';
 import { ensureTokenIsValid, secretToken } from './secrets.js';
 /**
- * A complete CSS style sheet, safe to use in style contexts in an HTML document
- * or DOM APIs.
+ * A complete CSS style sheet, safe to use in style contexts in an HTML
+ * document or DOM APIs.
+ *
+ * @final
  */
 export class SafeStyleSheet {
-}
-/** Implementation for `SafeStyleSheet` */
-class StyleSheetImpl extends SafeStyleSheet {
-    constructor(styleSheet, token) {
-        super();
-        ensureTokenIsValid(token);
-        this.privateDoNotAccessOrElseWrappedStyleSheet = styleSheet;
+    constructor(token, value) {
+        if (process.env.NODE_ENV !== 'production') {
+            ensureTokenIsValid(token);
+        }
+        this.privateDoNotAccessOrElseWrappedStyleSheet = value;
     }
@@ -26,2 +27,3 @@ toString() {
 }
+const StyleSheetImpl = SafeStyleSheet;
 /**
@@ -32,4 +34,4 @@ * Builds a new `SafeStyleSheet` from the given string, without enforcing
  */
-export function createStyleSheetInternal(styleSheet) {
-    return new StyleSheetImpl(styleSheet, secretToken);
+export function createStyleSheetInternal(value) {
+    return new StyleSheetImpl(secretToken, value);
 }
@@ -40,19 +42,18 @@ /**
 export function isStyleSheet(value) {
-    return value instanceof StyleSheetImpl;
+    return value instanceof SafeStyleSheet;
 }
 /**
- * Returns the string value of the passed `SafeStyleSheet` object while
- * ensuring it has the correct type.
+ * Returns the string value of the passed `SafeStyleSheet` object while ensuring it
+ * has the correct type.
  */
 export function unwrapStyleSheet(value) {
-    if (value instanceof StyleSheetImpl) {
-        return value.privateDoNotAccessOrElseWrappedStyleSheet;
+    if (isStyleSheet(value)) {
+        return value
+            .privateDoNotAccessOrElseWrappedStyleSheet;
     }
-    else {
-        let message = '';
-        if (process.env.NODE_ENV !== 'production') {
-            message = 'Unexpected type when unwrapping SafeStyleSheet';
-        }
-        throw new Error(message);
+    let message = '';
+    if (process.env.NODE_ENV !== 'production') {
+        message = `Unexpected type when unwrapping SafeStyleSheet, got '${value}' of type '${typeof value}'`;
     }
+    throw new Error(message);
 }

dist/mjs/internals/trusted_types.d.ts

@@ -6,18 +6,32 @@ /**
  */
-/// <reference types="trusted-types" />
 /**
- * Returns window.trustedTypes if Trusted Types are enabled and supported, or
- * null otherwise.
+ * @fileoverview Utilities for interacting with Trusted Types, create and/or
+ * retrieve the policy for the library.
  */
-export declare function getTrustedTypes(): TrustedTypePolicyFactory | null;
+import '../environment/dev.js';
+import { TrustedTypePolicy, TrustedTypePolicyFactory } from './trusted_types_typings.js';
+declare type ExposeTrustedTypes = false;
 /**
- * Returns the Trusted Types policy used by TS safevalues, or null if Trusted
- * Types are not enabled/supported. The first call to this function will
- * create the policy.
+ * Controls whether to expose Trusted Types to the user through unwrapper
+ * functions.
  */
-export declare function getTrustedTypesPolicy(): TrustedTypePolicy | null;
+export declare type UnwrapType<T> = ExposeTrustedTypes extends true ? T : {
+    toString(): string;
+};
+/** Re-exports the global trustedTypes object for convenience. */
+export declare const trustedTypes: TrustedTypePolicyFactory | undefined;
+/**
+ * Returns the Trusted Types policy used by safevalues, or null if Trusted
+ * Types are not enabled/supported.
+ *
+ * The first call to this function will create the policy, and all subsequent
+ * calls will return the same policy.
+ */
+export declare function getPolicy(): TrustedTypePolicy | null;
 /** Helpers for tests. */
 export declare const TEST_ONLY: {
+    setPolicyName(name: string): void;
+    setTrustedTypes(mockTrustedTypes: TrustedTypePolicyFactory | undefined): void;
     resetDefaults(): void;
-    setTrustedTypesPolicyName(name: string): void;
 };
+export {};

dist/mjs/internals/trusted_types.js

@@ -7,64 +7,83 @@ /**
 /**
- * The name of the Trusted Types policy used by TS safevalues, or empty
- * to disable Trusted Types. This duplicates the 'google#safe', but
- * can be overridden in tests.
+ * @fileoverview Utilities for interacting with Trusted Types, create and/or
+ * retrieve the policy for the library.
  */
-let trustedTypesPolicyName = 'google#safe';
-/** Helper to retrieve the value of `window.trustedTypes`. */
-function trustedTypes() {
-    if (typeof window !== 'undefined') {
-        return window.trustedTypes;
-    }
-    return undefined;
-}
+import '../environment/dev.js';
 /**
- * Returns window.trustedTypes if Trusted Types are enabled and supported, or
- * null otherwise.
+ * The name of the Trusted Types policy used by the library, or empty
+ * to disable Trusted Types.
  */
-export function getTrustedTypes() {
-    var _a;
-    return trustedTypesPolicyName !== '' ? (_a = trustedTypes()) !== null && _a !== void 0 ? _a : null : null;
-}
+const configuredPolicyName = 'google#safe';
+/** Mutable version of the policy name so it is testable. */
+let policyName = configuredPolicyName;
+/** Re-exports the global trustedTypes object for convenience. */
+export const trustedTypes = globalThis.trustedTypes;
 /**
- * The Trusted Types policy used by TS safevalues, or null if Trusted Types
- * are not enabled/supported, or undefined if the policy has not been created
- * yet.
+ * Mutable version of trustedTypes object so it is testable
+ *
+ * Note: we need to mark this as not inlineable to prevent the compiler from
+ * inlining it and causing soy conformance tests to fail.
+ * @noinline
  */
-let trustedTypesPolicy;
+let trustedTypesInternal = trustedTypes;
 /**
- * Returns the Trusted Types policy used by TS safevalues, or null if Trusted
- * Types are not enabled/supported. The first call to this function will
- * create the policy.
+ * Cached Trusted Types policy:
+ *  - `null` if Trusted Types are not enabled/supported
+ *  - `undefined` if the policy has not been created yet.
  */
-export function getTrustedTypesPolicy() {
-    var _a, _b;
-    if (trustedTypesPolicy === undefined) {
-        try {
-            trustedTypesPolicy =
-                (_b = (_a = getTrustedTypes()) === null || _a === void 0 ? void 0 : _a.createPolicy(trustedTypesPolicyName, {
-                    createHTML: (s) => s,
-                    createScript: (s) => s,
-                    createScriptURL: (s) => s,
-                })) !== null && _b !== void 0 ? _b : null;
+let policy;
+function createPolicy() {
+    let policy = null;
+    if (policyName === '') {
+        // Binary is not configured to use Trusted Types.
+        return policy;
+    }
+    if (!trustedTypesInternal) {
+        return policy;
+    }
+    // trustedTypes.createPolicy throws in some older versions of chrome if
+    // called with a name that is already registered, even in report-only mode.
+    // Until the API changes, catch the error not to break the applications
+    // functionally. In such case, the code will fall back to using strings.
+    try {
+        const identity = (x) => x;
+        policy = trustedTypesInternal.createPolicy(policyName, {
+            createHTML: identity,
+            createScript: identity,
+            createScriptURL: identity,
+        });
+    }
+    catch (e) {
+        if (process.env.NODE_ENV !== 'production') {
+            throw e;
         }
-        catch (_c) {
-            // In Chromium versions before 81, trustedTypes.createPolicy throws if
-            // called with a name that is already registered, even if no CSP is set.
-            // Until users have largely migrated to 81 or above, catch the error not
-            // to break the applications functionally. In such case, the code will
-            // fall back to using regular Safe Types.
-            trustedTypesPolicy = null;
-        }
     }
-    return trustedTypesPolicy;
+    return policy;
 }
+/**
+ * Returns the Trusted Types policy used by safevalues, or null if Trusted
+ * Types are not enabled/supported.
+ *
+ * The first call to this function will create the policy, and all subsequent
+ * calls will return the same policy.
+ */
+export function getPolicy() {
+    if (policy === undefined) {
+        policy = createPolicy();
+    }
+    return policy;
+}
 /** Helpers for tests. */
 export const TEST_ONLY = {
+    setPolicyName(name) {
+        policyName = name;
+    },
+    setTrustedTypes(mockTrustedTypes) {
+        trustedTypesInternal = mockTrustedTypes;
+    },
     resetDefaults() {
-        trustedTypesPolicy = undefined;
-        trustedTypesPolicyName = 'google#safe';
+        policy = undefined;
+        policyName = configuredPolicyName;
+        trustedTypesInternal = trustedTypes;
     },
-    setTrustedTypesPolicyName(name) {
-        trustedTypesPolicyName = name;
-    },
 };

dom/package.json

 {
     "name": "dom",
     "description": "Safe DOM API wrappers",
+    "license": "Apache-2.0",
     "main": "../dist/cjs/dom/index.js",
@@ -5,0 +6,0 @@ "module": "../dist/mjs/dom/index.js",

package.json

 {
   "name": "safevalues",
-  "version": "0.7.0",
+  "version": "1.0.0-rc.1",
   "description": "Safe builders for Trusted Types values",
   "repository": "https://github.com/google/safevalues",
-  "author": "ISE Hardening",
+  "author": "ISE Web Hardening Team",
   "license": "Apache-2.0",
@@ -50,3 +50,2 @@ "publishConfig":{
     "@types/node": "*",
-    "@types/trusted-types": "^1.0.6",
     "jasmine-core": "^3.6.0",
@@ -53,0 +52,0 @@ "karma": "^6.3.17",

README.md

@@ -5,3 +5,3 @@ # safevalues
 in TypeScript (and JavaScript). It is meant to be used together with
-[tsec](https://github.com/googleinterns/tsec) to provide strong security
+[safety-web](https://github.com/google/safety-web) to provide strong security
 guarantees and help you deploy
@@ -44,9 +44,10 @@ [Trusted Types](https://w3c.github.io/trusted-types/dist/spec/) and
 To build a Trusted Type-compatible app and surface potential violations at
-compile time, we recommend that you compile your code with
-[tsec](https://github.com/googleinterns/tsec). tsec bans certain DOM APIs.
-`safevalues` defines wrappers around these APIs which lets you assign Trusted
-Types with them.
+compile time, we recommend that you lint your code with
+[safety-web](https://github.com/google/safety-web). safety-web bans certain DOM
+APIs. `safevalues` defines wrappers around these APIs which lets you assign
+Trusted Types with them.
 
 Some wrappers don't require a particular type, but sanitize the argument they
-get before they assign it to the DOM sink (e.g. `safeLocation.setHref`).
+get before they assign it to the DOM sink (e.g. `setLocationHref` from
+`safevalues/dom`).
 
@@ -76,3 +77,3 @@ ### Trusted Type polyfills
 
-[Read on](https://github.com/google/safevalues/tree/main/src) about for more
+[Read on](https://github.com/google/safevalues/tree/main/src) for more
 information on our APIs.
@@ -79,0 +80,0 @@

restricted/legacy/package.json

 {
     "name": "restricted/legacy",
     "description": "Restricted APIs, used to mark legacy usages of unsafe APIs",
+    "license": "Apache-2.0",
     "main": "../../dist/cjs/restricted/legacy.js",
@@ -5,0 +6,0 @@ "module": "../../dist/mjs/restricted/legacy.js",

restricted/reviewed/package.json

 {
     "name": "restricted/reviewed",
     "description": "Restricted APIs, used to mark reviewed usages of unsafe APIs for which no safe equivalent exists.",
+    "license": "Apache-2.0",
     "main": "../../dist/cjs/restricted/reviewed.js",
@@ -5,0 +6,0 @@ "module": "../../dist/mjs/restricted/reviewed.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

591064

increased by0.43%

Dev dependency count

10

decreased by-9.09%

Number of package files

258

increased by0.78%

Lines of code

15019

increased by1.02%

Number of lines in readme file

81

increased by1.25%

Worsened metrics

Number of low supply chain risk alerts

85

increased by13.33%

No dependency changes