@dr.pogodin/react-utils 1.47.3 → 1.47.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/development/client/getInj.js +13 -6
- package/build/development/client/getInj.js.map +1 -1
- package/build/production/client/getInj.js +2 -7
- package/build/production/client/getInj.js.map +1 -1
- package/build/web/client/getInj.js +12 -6
- package/build/web/client/getInj.js.map +1 -1
- package/config/jest/setup.js +1 -0
- package/package.json +2 -2
|
@@ -8,6 +8,8 @@ import "core-js/modules/web.dom-exception.stack.js";
|
|
|
8
8
|
// Encapsulates retrieval of server-side data injection into HTML template.
|
|
9
9
|
|
|
10
10
|
/* global document */
|
|
11
|
+
|
|
12
|
+
import { SEC_MS, timer } from '@dr.pogodin/js-utils';
|
|
11
13
|
import { getBuildInfo } from "../shared/utils/isomorphy/buildInfo.js";
|
|
12
14
|
let inj;
|
|
13
15
|
export default function getInj() {
|
|
@@ -19,12 +21,17 @@ export default function getInj() {
|
|
|
19
21
|
// NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be
|
|
20
22
|
// preferred, but it is not supported by older environments yet.
|
|
21
23
|
const data = atob(metaElement.content);
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
24
|
+
if (!window.isSecureContext) {
|
|
25
|
+
if (window.location.protocol === 'https:') {
|
|
26
|
+
throw Error('Loaded via HTTPS, but it is not considered a secure context');
|
|
27
|
+
} else if (window.location.protocol !== 'http:') {
|
|
28
|
+
throw Error('Unexpected protocol');
|
|
29
|
+
}
|
|
30
|
+
const target = window.location.href.replace(/^http:/, 'https:');
|
|
31
|
+
window.location.replace(target);
|
|
32
|
+
await timer(3 * SEC_MS);
|
|
33
|
+
throw Error('Failed to move into secure context');
|
|
34
|
+
}
|
|
28
35
|
const {
|
|
29
36
|
key
|
|
30
37
|
} = getBuildInfo();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getInj.js","names":["getBuildInfo","inj","getInj","metaElement","document","querySelector","remove","data","atob","content","key","code","x","charCodeAt","dataBuffer","Uint8Array","from","slice","ivBuffer","keyBuffer","cKey","
|
|
1
|
+
{"version":3,"file":"getInj.js","names":["SEC_MS","timer","getBuildInfo","inj","getInj","metaElement","document","querySelector","remove","data","atob","content","window","isSecureContext","location","protocol","Error","target","href","replace","key","code","x","charCodeAt","dataBuffer","Uint8Array","from","slice","ivBuffer","keyBuffer","cKey","crypto","subtle","importKey","name","buffer","decrypt","iv","decoder","TextDecoder","res","eval","decode","REACT_UTILS_INJECTION"],"sources":["../../../src/client/getInj.ts"],"sourcesContent":["// Encapsulates retrieval of server-side data injection into HTML template.\n\n/* global document */\n\nimport { SEC_MS, timer } from '@dr.pogodin/js-utils';\n\nimport type { InjT } from 'utils/globalState';\n\nimport { getBuildInfo } from 'utils/isomorphy/buildInfo';\n\nlet inj: InjT | Promise<InjT> | undefined;\n\nexport default function getInj(): InjT | Promise<InjT> {\n inj ??= (async () => {\n const metaElement: HTMLMetaElement | null = typeof document === 'undefined'\n ? null : document.querySelector('meta[itemprop=\"drpruinj\"]');\n\n if (metaElement) {\n metaElement.remove();\n\n // NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be\n // preferred, but it is not supported by older environments yet.\n const data = atob(metaElement.content);\n\n if (!window.isSecureContext) {\n if (window.location.protocol === 'https:') {\n throw Error('Loaded via HTTPS, but it is not considered a secure context');\n } else if (window.location.protocol !== 'http:') {\n throw Error('Unexpected protocol');\n }\n\n const target = window.location.href.replace(/^http:/, 'https:');\n window.location.replace(target);\n\n await timer(3 * SEC_MS);\n throw Error('Failed to move into secure context');\n }\n\n const { key } = getBuildInfo();\n\n const code = (x: string) => x.charCodeAt(0);\n const dataBuffer = Uint8Array.from(data.slice(16), code);\n const ivBuffer = Uint8Array.from(data.slice(0, 16), code);\n const keyBuffer = Uint8Array.from(atob(key), code);\n\n const cKey = await window.crypto.subtle.importKey(\n 'raw',\n keyBuffer,\n { name: 'AES-CBC' },\n false,\n ['decrypt'],\n );\n\n const buffer = await window.crypto.subtle.decrypt({\n iv: ivBuffer,\n name: 'AES-CBC',\n }, cKey, dataBuffer);\n\n const decoder = new TextDecoder();\n\n // eslint-disable-next-line no-eval\n const res = eval(`(${decoder.decode(buffer)})`) as InjT;\n\n // NOTE: This is important, to be able to return the injection\n // synchronously once it is initialized.\n inj = res;\n\n return res;\n } else if (typeof window !== 'undefined' && window.REACT_UTILS_INJECTION) {\n const res = window.REACT_UTILS_INJECTION;\n delete window.REACT_UTILS_INJECTION;\n return res;\n }\n\n // Otherwise, a bunch of dependent stuff will easily fail in non-standard\n // environments, where no client-side initialization is performed. Like tests,\n // Docusaurus examples, etc.\n return {};\n })();\n\n return inj;\n}\n"],"mappings":";;;;;;;AAAA;;AAEA;;AAEA,SAASA,MAAM,EAAEC,KAAK,QAAQ,sBAAsB;AAAA,SAI3CC,YAAY;AAErB,IAAIC,GAAqC;AAEzC,eAAe,SAASC,MAAMA,CAAA,EAAyB;EACrDD,GAAG,KAAK,CAAC,YAAY;IACnB,MAAME,WAAmC,GAAG,OAAOC,QAAQ,KAAK,WAAW,GACvE,IAAI,GAAGA,QAAQ,CAACC,aAAa,CAAC,2BAA2B,CAAC;IAE9D,IAAIF,WAAW,EAAE;MACfA,WAAW,CAACG,MAAM,CAAC,CAAC;;MAEpB;MACA;MACA,MAAMC,IAAI,GAAGC,IAAI,CAACL,WAAW,CAACM,OAAO,CAAC;MAEtC,IAAI,CAACC,MAAM,CAACC,eAAe,EAAE;QAC3B,IAAID,MAAM,CAACE,QAAQ,CAACC,QAAQ,KAAK,QAAQ,EAAE;UACzC,MAAMC,KAAK,CAAC,6DAA6D,CAAC;QAC5E,CAAC,MAAM,IAAIJ,MAAM,CAACE,QAAQ,CAACC,QAAQ,KAAK,OAAO,EAAE;UAC/C,MAAMC,KAAK,CAAC,qBAAqB,CAAC;QACpC;QAEA,MAAMC,MAAM,GAAGL,MAAM,CAACE,QAAQ,CAACI,IAAI,CAACC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC/DP,MAAM,CAACE,QAAQ,CAACK,OAAO,CAACF,MAAM,CAAC;QAE/B,MAAMhB,KAAK,CAAC,CAAC,GAAGD,MAAM,CAAC;QACvB,MAAMgB,KAAK,CAAC,oCAAoC,CAAC;MACnD;MAEA,MAAM;QAAEI;MAAI,CAAC,GAAGlB,YAAY,CAAC,CAAC;MAE9B,MAAMmB,IAAI,GAAIC,CAAS,IAAKA,CAAC,CAACC,UAAU,CAAC,CAAC,CAAC;MAC3C,MAAMC,UAAU,GAAGC,UAAU,CAACC,IAAI,CAACjB,IAAI,CAACkB,KAAK,CAAC,EAAE,CAAC,EAAEN,IAAI,CAAC;MACxD,MAAMO,QAAQ,GAAGH,UAAU,CAACC,IAAI,CAACjB,IAAI,CAACkB,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAEN,IAAI,CAAC;MACzD,MAAMQ,SAAS,GAAGJ,UAAU,CAACC,IAAI,CAAChB,IAAI,CAACU,GAAG,CAAC,EAAEC,IAAI,CAAC;MAElD,MAAMS,IAAI,GAAG,MAAMlB,MAAM,CAACmB,MAAM,CAACC,MAAM,CAACC,SAAS,CAC/C,KAAK,EACLJ,SAAS,EACT;QAAEK,IAAI,EAAE;MAAU,CAAC,EACnB,KAAK,EACL,CAAC,SAAS,CACZ,CAAC;MAED,MAAMC,MAAM,GAAG,MAAMvB,MAAM,CAACmB,MAAM,CAACC,MAAM,CAACI,OAAO,CAAC;QAChDC,EAAE,EAAET,QAAQ;QACZM,IAAI,EAAE;MACR,CAAC,EAAEJ,IAAI,EAAEN,UAAU,CAAC;MAEpB,MAAMc,OAAO,GAAG,IAAIC,WAAW,CAAC,CAAC;;MAEjC;MACA,MAAMC,GAAG,GAAGC,IAAI,CAAC,IAAIH,OAAO,CAACI,MAAM,CAACP,MAAM,CAAC,GAAG,CAAS;;MAEvD;MACA;MACAhC,GAAG,GAAGqC,GAAG;MAET,OAAOA,GAAG;IACZ,CAAC,MAAM,IAAI,OAAO5B,MAAM,KAAK,WAAW,IAAIA,MAAM,CAAC+B,qBAAqB,EAAE;MACxE,MAAMH,GAAG,GAAG5B,MAAM,CAAC+B,qBAAqB;MACxC,OAAO/B,MAAM,CAAC+B,qBAAqB;MACnC,OAAOH,GAAG;IACZ;;IAEA;IACA;IACA;IACA,OAAO,CAAC,CAAC;EACX,CAAC,EAAE,CAAC;EAEJ,OAAOrC,GAAG;AACZ","ignoreList":[]}
|
|
@@ -1,12 +1,7 @@
|
|
|
1
1
|
import"core-js/modules/es.array-buffer.detached.js";import"core-js/modules/es.array-buffer.transfer.js";import"core-js/modules/es.array-buffer.transfer-to-fixed-length.js";import"core-js/modules/es.typed-array.to-reversed.js";import"core-js/modules/es.typed-array.to-sorted.js";import"core-js/modules/es.typed-array.with.js";import"core-js/modules/web.dom-exception.stack.js";// Encapsulates retrieval of server-side data injection into HTML template.
|
|
2
|
-
/* global document */import{getBuildInfo}from"../shared/utils/isomorphy/buildInfo.js";let inj;export default function getInj(){inj??=(async()=>{const metaElement=typeof document==="undefined"?null:document.querySelector("meta[itemprop=\"drpruinj\"]");if(metaElement){metaElement.remove();// NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be
|
|
2
|
+
/* global document */import{SEC_MS,timer}from"@dr.pogodin/js-utils";import{getBuildInfo}from"../shared/utils/isomorphy/buildInfo.js";let inj;export default function getInj(){inj??=(async()=>{const metaElement=typeof document==="undefined"?null:document.querySelector("meta[itemprop=\"drpruinj\"]");if(metaElement){metaElement.remove();// NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be
|
|
3
3
|
// preferred, but it is not supported by older environments yet.
|
|
4
|
-
const data=atob(metaElement.content)
|
|
5
|
-
// a legacy approach, and can be enhanced by using Crypto features.
|
|
6
|
-
// Though, this is not strictly intended to be secure (it is more
|
|
7
|
-
// to obfurscate injected data, rather than really keeping them
|
|
8
|
-
// secure), thus it is fine like this for now.
|
|
9
|
-
const{key}=getBuildInfo();const code=x=>x.charCodeAt(0);const dataBuffer=Uint8Array.from(data.slice(16),code);const ivBuffer=Uint8Array.from(data.slice(0,16),code);const keyBuffer=Uint8Array.from(atob(key),code);const cKey=await window.crypto.subtle.importKey("raw",keyBuffer,{name:"AES-CBC"},false,["decrypt"]);const buffer=await window.crypto.subtle.decrypt({iv:ivBuffer,name:"AES-CBC"},cKey,dataBuffer);const decoder=new TextDecoder;// eslint-disable-next-line no-eval
|
|
4
|
+
const data=atob(metaElement.content);if(!window.isSecureContext){if(window.location.protocol==="https:"){throw Error("Loaded via HTTPS, but it is not considered a secure context")}else if(window.location.protocol!=="http:"){throw Error("Unexpected protocol")}const target=window.location.href.replace(/^http:/,"https:");window.location.replace(target);await timer(3*SEC_MS);throw Error("Failed to move into secure context")}const{key}=getBuildInfo();const code=x=>x.charCodeAt(0);const dataBuffer=Uint8Array.from(data.slice(16),code);const ivBuffer=Uint8Array.from(data.slice(0,16),code);const keyBuffer=Uint8Array.from(atob(key),code);const cKey=await window.crypto.subtle.importKey("raw",keyBuffer,{name:"AES-CBC"},false,["decrypt"]);const buffer=await window.crypto.subtle.decrypt({iv:ivBuffer,name:"AES-CBC"},cKey,dataBuffer);const decoder=new TextDecoder;// eslint-disable-next-line no-eval
|
|
10
5
|
const res=eval(`(${decoder.decode(buffer)})`);// NOTE: This is important, to be able to return the injection
|
|
11
6
|
// synchronously once it is initialized.
|
|
12
7
|
inj=res;return res}else if(typeof window!=="undefined"&&window.REACT_UTILS_INJECTION){const res=window.REACT_UTILS_INJECTION;delete window.REACT_UTILS_INJECTION;return res}// Otherwise, a bunch of dependent stuff will easily fail in non-standard
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getInj.js","names":["getBuildInfo","inj","getInj","metaElement","document","querySelector","remove","data","atob","content","key","code","x","charCodeAt","dataBuffer","Uint8Array","from","slice","ivBuffer","keyBuffer","cKey","
|
|
1
|
+
{"version":3,"file":"getInj.js","names":["SEC_MS","timer","getBuildInfo","inj","getInj","metaElement","document","querySelector","remove","data","atob","content","window","isSecureContext","location","protocol","Error","target","href","replace","key","code","x","charCodeAt","dataBuffer","Uint8Array","from","slice","ivBuffer","keyBuffer","cKey","crypto","subtle","importKey","name","buffer","decrypt","iv","decoder","TextDecoder","res","eval","decode","REACT_UTILS_INJECTION"],"sources":["../../../src/client/getInj.ts"],"sourcesContent":["// Encapsulates retrieval of server-side data injection into HTML template.\n\n/* global document */\n\nimport { SEC_MS, timer } from '@dr.pogodin/js-utils';\n\nimport type { InjT } from 'utils/globalState';\n\nimport { getBuildInfo } from 'utils/isomorphy/buildInfo';\n\nlet inj: InjT | Promise<InjT> | undefined;\n\nexport default function getInj(): InjT | Promise<InjT> {\n inj ??= (async () => {\n const metaElement: HTMLMetaElement | null = typeof document === 'undefined'\n ? null : document.querySelector('meta[itemprop=\"drpruinj\"]');\n\n if (metaElement) {\n metaElement.remove();\n\n // NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be\n // preferred, but it is not supported by older environments yet.\n const data = atob(metaElement.content);\n\n if (!window.isSecureContext) {\n if (window.location.protocol === 'https:') {\n throw Error('Loaded via HTTPS, but it is not considered a secure context');\n } else if (window.location.protocol !== 'http:') {\n throw Error('Unexpected protocol');\n }\n\n const target = window.location.href.replace(/^http:/, 'https:');\n window.location.replace(target);\n\n await timer(3 * SEC_MS);\n throw Error('Failed to move into secure context');\n }\n\n const { key } = getBuildInfo();\n\n const code = (x: string) => x.charCodeAt(0);\n const dataBuffer = Uint8Array.from(data.slice(16), code);\n const ivBuffer = Uint8Array.from(data.slice(0, 16), code);\n const keyBuffer = Uint8Array.from(atob(key), code);\n\n const cKey = await window.crypto.subtle.importKey(\n 'raw',\n keyBuffer,\n { name: 'AES-CBC' },\n false,\n ['decrypt'],\n );\n\n const buffer = await window.crypto.subtle.decrypt({\n iv: ivBuffer,\n name: 'AES-CBC',\n }, cKey, dataBuffer);\n\n const decoder = new TextDecoder();\n\n // eslint-disable-next-line no-eval\n const res = eval(`(${decoder.decode(buffer)})`) as InjT;\n\n // NOTE: This is important, to be able to return the injection\n // synchronously once it is initialized.\n inj = res;\n\n return res;\n } else if (typeof window !== 'undefined' && window.REACT_UTILS_INJECTION) {\n const res = window.REACT_UTILS_INJECTION;\n delete window.REACT_UTILS_INJECTION;\n return res;\n }\n\n // Otherwise, a bunch of dependent stuff will easily fail in non-standard\n // environments, where no client-side initialization is performed. Like tests,\n // Docusaurus examples, etc.\n return {};\n })();\n\n return inj;\n}\n"],"mappings":"wXAAA;AAEA,qBAEA,OAASA,MAAM,CAAEC,KAAK,KAAQ,sBAAsB,QAI3CC,YAAY,8CAErB,GAAI,CAAAC,GAAqC,CAEzC,cAAe,SAAS,CAAAC,MAAMA,CAAA,CAAyB,CACrDD,GAAG,GAAK,CAAC,SAAY,CACnB,KAAM,CAAAE,WAAmC,CAAG,MAAO,CAAAC,QAAQ,GAAK,WAAW,CACvE,IAAI,CAAGA,QAAQ,CAACC,aAAa,CAAC,6BAA2B,CAAC,CAE9D,GAAIF,WAAW,CAAE,CACfA,WAAW,CAACG,MAAM,CAAC,CAAC,CAEpB;AACA;AACA,KAAM,CAAAC,IAAI,CAAGC,IAAI,CAACL,WAAW,CAACM,OAAO,CAAC,CAEtC,GAAI,CAACC,MAAM,CAACC,eAAe,CAAE,CAC3B,GAAID,MAAM,CAACE,QAAQ,CAACC,QAAQ,GAAK,QAAQ,CAAE,CACzC,KAAM,CAAAC,KAAK,CAAC,6DAA6D,CAC3E,CAAC,IAAM,IAAIJ,MAAM,CAACE,QAAQ,CAACC,QAAQ,GAAK,OAAO,CAAE,CAC/C,KAAM,CAAAC,KAAK,CAAC,qBAAqB,CACnC,CAEA,KAAM,CAAAC,MAAM,CAAGL,MAAM,CAACE,QAAQ,CAACI,IAAI,CAACC,OAAO,CAAC,QAAQ,CAAE,QAAQ,CAAC,CAC/DP,MAAM,CAACE,QAAQ,CAACK,OAAO,CAACF,MAAM,CAAC,CAE/B,KAAM,CAAAhB,KAAK,CAAC,CAAC,CAAGD,MAAM,CAAC,CACvB,KAAM,CAAAgB,KAAK,CAAC,oCAAoC,CAClD,CAEA,KAAM,CAAEI,GAAI,CAAC,CAAGlB,YAAY,CAAC,CAAC,CAE9B,KAAM,CAAAmB,IAAI,CAAIC,CAAS,EAAKA,CAAC,CAACC,UAAU,CAAC,CAAC,CAAC,CAC3C,KAAM,CAAAC,UAAU,CAAGC,UAAU,CAACC,IAAI,CAACjB,IAAI,CAACkB,KAAK,CAAC,EAAE,CAAC,CAAEN,IAAI,CAAC,CACxD,KAAM,CAAAO,QAAQ,CAAGH,UAAU,CAACC,IAAI,CAACjB,IAAI,CAACkB,KAAK,CAAC,CAAC,CAAE,EAAE,CAAC,CAAEN,IAAI,CAAC,CACzD,KAAM,CAAAQ,SAAS,CAAGJ,UAAU,CAACC,IAAI,CAAChB,IAAI,CAACU,GAAG,CAAC,CAAEC,IAAI,CAAC,CAElD,KAAM,CAAAS,IAAI,CAAG,KAAM,CAAAlB,MAAM,CAACmB,MAAM,CAACC,MAAM,CAACC,SAAS,CAC/C,KAAK,CACLJ,SAAS,CACT,CAAEK,IAAI,CAAE,SAAU,CAAC,CACnB,KAAK,CACL,CAAC,SAAS,CACZ,CAAC,CAED,KAAM,CAAAC,MAAM,CAAG,KAAM,CAAAvB,MAAM,CAACmB,MAAM,CAACC,MAAM,CAACI,OAAO,CAAC,CAChDC,EAAE,CAAET,QAAQ,CACZM,IAAI,CAAE,SACR,CAAC,CAAEJ,IAAI,CAAEN,UAAU,CAAC,CAEpB,KAAM,CAAAc,OAAO,CAAG,GAAI,CAAAC,WAAa,CAEjC;AACA,KAAM,CAAAC,GAAG,CAAGC,IAAI,CAAC,IAAIH,OAAO,CAACI,MAAM,CAACP,MAAM,CAAC,GAAG,CAAS,CAEvD;AACA;AACAhC,GAAG,CAAGqC,GAAG,CAET,MAAO,CAAAA,GACT,CAAC,IAAM,IAAI,MAAO,CAAA5B,MAAM,GAAK,WAAW,EAAIA,MAAM,CAAC+B,qBAAqB,CAAE,CACxE,KAAM,CAAAH,GAAG,CAAG5B,MAAM,CAAC+B,qBAAqB,CACxC,MAAO,CAAA/B,MAAM,CAAC+B,qBAAqB,CACnC,MAAO,CAAAH,GACT,CAEA;AACA;AACA;AACA,MAAO,CAAC,CACV,CAAC,EAAE,CAAC,CAEJ,MAAO,CAAArC,GACT","ignoreList":[]}
|
|
@@ -9,6 +9,7 @@ import "core-js/modules/web.dom-exception.stack.js";
|
|
|
9
9
|
|
|
10
10
|
/* global document */
|
|
11
11
|
|
|
12
|
+
import { SEC_MS, timer } from '@dr.pogodin/js-utils';
|
|
12
13
|
import { getBuildInfo } from "../shared/utils/isomorphy/buildInfo";
|
|
13
14
|
let inj;
|
|
14
15
|
export default function getInj() {
|
|
@@ -20,12 +21,17 @@ export default function getInj() {
|
|
|
20
21
|
// NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be
|
|
21
22
|
// preferred, but it is not supported by older environments yet.
|
|
22
23
|
const data = atob(metaElement.content);
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
24
|
+
if (!window.isSecureContext) {
|
|
25
|
+
if (window.location.protocol === 'https:') {
|
|
26
|
+
throw Error('Loaded via HTTPS, but it is not considered a secure context');
|
|
27
|
+
} else if (window.location.protocol !== 'http:') {
|
|
28
|
+
throw Error('Unexpected protocol');
|
|
29
|
+
}
|
|
30
|
+
const target = window.location.href.replace(/^http:/, 'https:');
|
|
31
|
+
window.location.replace(target);
|
|
32
|
+
await timer(3 * SEC_MS);
|
|
33
|
+
throw Error('Failed to move into secure context');
|
|
34
|
+
}
|
|
29
35
|
const {
|
|
30
36
|
key
|
|
31
37
|
} = getBuildInfo();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getInj.js","names":["getBuildInfo","inj","getInj","metaElement","document","querySelector","remove","data","atob","content","key","code","x","charCodeAt","dataBuffer","Uint8Array","from","slice","ivBuffer","keyBuffer","cKey","
|
|
1
|
+
{"version":3,"file":"getInj.js","names":["SEC_MS","timer","getBuildInfo","inj","getInj","metaElement","document","querySelector","remove","data","atob","content","window","isSecureContext","location","protocol","Error","target","href","replace","key","code","x","charCodeAt","dataBuffer","Uint8Array","from","slice","ivBuffer","keyBuffer","cKey","crypto","subtle","importKey","name","buffer","decrypt","iv","decoder","TextDecoder","res","eval","decode","REACT_UTILS_INJECTION"],"sources":["../../../src/client/getInj.ts"],"sourcesContent":["// Encapsulates retrieval of server-side data injection into HTML template.\n\n/* global document */\n\nimport { SEC_MS, timer } from '@dr.pogodin/js-utils';\n\nimport type { InjT } from 'utils/globalState';\n\nimport { getBuildInfo } from 'utils/isomorphy/buildInfo';\n\nlet inj: InjT | Promise<InjT> | undefined;\n\nexport default function getInj(): InjT | Promise<InjT> {\n inj ??= (async () => {\n const metaElement: HTMLMetaElement | null = typeof document === 'undefined'\n ? null : document.querySelector('meta[itemprop=\"drpruinj\"]');\n\n if (metaElement) {\n metaElement.remove();\n\n // NOTE: Since 2025 there is Uint8Array.fromBase64(), which should be\n // preferred, but it is not supported by older environments yet.\n const data = atob(metaElement.content);\n\n if (!window.isSecureContext) {\n if (window.location.protocol === 'https:') {\n throw Error('Loaded via HTTPS, but it is not considered a secure context');\n } else if (window.location.protocol !== 'http:') {\n throw Error('Unexpected protocol');\n }\n\n const target = window.location.href.replace(/^http:/, 'https:');\n window.location.replace(target);\n\n await timer(3 * SEC_MS);\n throw Error('Failed to move into secure context');\n }\n\n const { key } = getBuildInfo();\n\n const code = (x: string) => x.charCodeAt(0);\n const dataBuffer = Uint8Array.from(data.slice(16), code);\n const ivBuffer = Uint8Array.from(data.slice(0, 16), code);\n const keyBuffer = Uint8Array.from(atob(key), code);\n\n const cKey = await window.crypto.subtle.importKey(\n 'raw',\n keyBuffer,\n { name: 'AES-CBC' },\n false,\n ['decrypt'],\n );\n\n const buffer = await window.crypto.subtle.decrypt({\n iv: ivBuffer,\n name: 'AES-CBC',\n }, cKey, dataBuffer);\n\n const decoder = new TextDecoder();\n\n // eslint-disable-next-line no-eval\n const res = eval(`(${decoder.decode(buffer)})`) as InjT;\n\n // NOTE: This is important, to be able to return the injection\n // synchronously once it is initialized.\n inj = res;\n\n return res;\n } else if (typeof window !== 'undefined' && window.REACT_UTILS_INJECTION) {\n const res = window.REACT_UTILS_INJECTION;\n delete window.REACT_UTILS_INJECTION;\n return res;\n }\n\n // Otherwise, a bunch of dependent stuff will easily fail in non-standard\n // environments, where no client-side initialization is performed. Like tests,\n // Docusaurus examples, etc.\n return {};\n })();\n\n return inj;\n}\n"],"mappings":";;;;;;;AAAA;;AAEA;;AAEA,SAASA,MAAM,EAAEC,KAAK,QAAQ,sBAAsB;AAIpD,SAASC,YAAY;AAErB,IAAIC,GAAqC;AAEzC,eAAe,SAASC,MAAMA,CAAA,EAAyB;EACrDD,GAAG,KAAK,CAAC,YAAY;IACnB,MAAME,WAAmC,GAAG,OAAOC,QAAQ,KAAK,WAAW,GACvE,IAAI,GAAGA,QAAQ,CAACC,aAAa,CAAC,2BAA2B,CAAC;IAE9D,IAAIF,WAAW,EAAE;MACfA,WAAW,CAACG,MAAM,CAAC,CAAC;;MAEpB;MACA;MACA,MAAMC,IAAI,GAAGC,IAAI,CAACL,WAAW,CAACM,OAAO,CAAC;MAEtC,IAAI,CAACC,MAAM,CAACC,eAAe,EAAE;QAC3B,IAAID,MAAM,CAACE,QAAQ,CAACC,QAAQ,KAAK,QAAQ,EAAE;UACzC,MAAMC,KAAK,CAAC,6DAA6D,CAAC;QAC5E,CAAC,MAAM,IAAIJ,MAAM,CAACE,QAAQ,CAACC,QAAQ,KAAK,OAAO,EAAE;UAC/C,MAAMC,KAAK,CAAC,qBAAqB,CAAC;QACpC;QAEA,MAAMC,MAAM,GAAGL,MAAM,CAACE,QAAQ,CAACI,IAAI,CAACC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC/DP,MAAM,CAACE,QAAQ,CAACK,OAAO,CAACF,MAAM,CAAC;QAE/B,MAAMhB,KAAK,CAAC,CAAC,GAAGD,MAAM,CAAC;QACvB,MAAMgB,KAAK,CAAC,oCAAoC,CAAC;MACnD;MAEA,MAAM;QAAEI;MAAI,CAAC,GAAGlB,YAAY,CAAC,CAAC;MAE9B,MAAMmB,IAAI,GAAIC,CAAS,IAAKA,CAAC,CAACC,UAAU,CAAC,CAAC,CAAC;MAC3C,MAAMC,UAAU,GAAGC,UAAU,CAACC,IAAI,CAACjB,IAAI,CAACkB,KAAK,CAAC,EAAE,CAAC,EAAEN,IAAI,CAAC;MACxD,MAAMO,QAAQ,GAAGH,UAAU,CAACC,IAAI,CAACjB,IAAI,CAACkB,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAEN,IAAI,CAAC;MACzD,MAAMQ,SAAS,GAAGJ,UAAU,CAACC,IAAI,CAAChB,IAAI,CAACU,GAAG,CAAC,EAAEC,IAAI,CAAC;MAElD,MAAMS,IAAI,GAAG,MAAMlB,MAAM,CAACmB,MAAM,CAACC,MAAM,CAACC,SAAS,CAC/C,KAAK,EACLJ,SAAS,EACT;QAAEK,IAAI,EAAE;MAAU,CAAC,EACnB,KAAK,EACL,CAAC,SAAS,CACZ,CAAC;MAED,MAAMC,MAAM,GAAG,MAAMvB,MAAM,CAACmB,MAAM,CAACC,MAAM,CAACI,OAAO,CAAC;QAChDC,EAAE,EAAET,QAAQ;QACZM,IAAI,EAAE;MACR,CAAC,EAAEJ,IAAI,EAAEN,UAAU,CAAC;MAEpB,MAAMc,OAAO,GAAG,IAAIC,WAAW,CAAC,CAAC;;MAEjC;MACA,MAAMC,GAAG,GAAGC,IAAI,CAAC,IAAIH,OAAO,CAACI,MAAM,CAACP,MAAM,CAAC,GAAG,CAAS;;MAEvD;MACA;MACAhC,GAAG,GAAGqC,GAAG;MAET,OAAOA,GAAG;IACZ,CAAC,MAAM,IAAI,OAAO5B,MAAM,KAAK,WAAW,IAAIA,MAAM,CAAC+B,qBAAqB,EAAE;MACxE,MAAMH,GAAG,GAAG5B,MAAM,CAAC+B,qBAAqB;MACxC,OAAO/B,MAAM,CAAC+B,qBAAqB;MACnC,OAAOH,GAAG;IACZ;;IAEA;IACA;IACA;IACA,OAAO,CAAC,CAAC;EACX,CAAC,EAAE,CAAC;EAEJ,OAAOrC,GAAG;AACZ","ignoreList":[]}
|
package/config/jest/setup.js
CHANGED
package/package.json
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"version": "1.47.
|
|
2
|
+
"version": "1.47.5",
|
|
3
3
|
"bin": {
|
|
4
4
|
"react-utils-build": "bin/build.js",
|
|
5
5
|
"react-utils-setup": "bin/setup.js"
|
|
@@ -72,7 +72,7 @@
|
|
|
72
72
|
"@types/lodash-es": "^4.17.12",
|
|
73
73
|
"@types/morgan": "^1.9.10",
|
|
74
74
|
"@types/pretty": "^2.0.3",
|
|
75
|
-
"@types/react": "^19.2.
|
|
75
|
+
"@types/react": "^19.2.5",
|
|
76
76
|
"@types/react-dom": "^19.2.3",
|
|
77
77
|
"@types/request-ip": "^0.0.41",
|
|
78
78
|
"@types/serialize-javascript": "^5.0.4",
|