@gravitee/ui-components 3.41.0 → 3.41.1-renovate-codemirror-149d189
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +10 -8
- package/src/lib/text-format.js +4 -1
- package/src/lib/text-format.js.map +1 -1
- package/src/organisms/gv-documentation/gv-documentation.stories.d.ts +19 -0
- package/src/organisms/gv-documentation/gv-documentation.stories.js +4 -0
- package/src/organisms/gv-documentation/gv-documentation.stories.js.map +1 -1
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gravitee/ui-components",
|
|
3
|
-
"version": "3.41.
|
|
3
|
+
"version": "3.41.1-renovate-codemirror-149d189",
|
|
4
4
|
"description": "Gravitee.io UI Components library, based on Web Components",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -53,8 +53,8 @@
|
|
|
53
53
|
"colors": "1.4.0"
|
|
54
54
|
},
|
|
55
55
|
"dependencies": {
|
|
56
|
-
"@codemirror/basic-setup": "^0.
|
|
57
|
-
"@codemirror/language-data": "^0.
|
|
56
|
+
"@codemirror/basic-setup": "^0.20.0",
|
|
57
|
+
"@codemirror/language-data": "^0.20.0",
|
|
58
58
|
"@codemirror/stream-parser": "^0.19.3",
|
|
59
59
|
"@formatjs/intl-locale": "^2.4.40",
|
|
60
60
|
"@formatjs/intl-relativetimeformat": "^9.3.2",
|
|
@@ -62,6 +62,7 @@
|
|
|
62
62
|
"clipboard-copy": "^4.0.0",
|
|
63
63
|
"codemirror-asciidoc": "^2.0.0",
|
|
64
64
|
"date-fns": "^2.26.0",
|
|
65
|
+
"dompurify": "^3.0.3",
|
|
65
66
|
"jdenticon": "^3.1.0",
|
|
66
67
|
"jsonschema": "^1.4.0",
|
|
67
68
|
"lit": "^2.0.2",
|
|
@@ -79,11 +80,12 @@
|
|
|
79
80
|
"@highcharts/map-collection": "2.0.1",
|
|
80
81
|
"@semantic-release/changelog": "6.0.2",
|
|
81
82
|
"@semantic-release/git": "10.0.1",
|
|
82
|
-
"@storybook/addon-a11y": "6.
|
|
83
|
-
"@storybook/addon-essentials": "6.
|
|
84
|
-
"@storybook/components": "6.
|
|
85
|
-
"@storybook/theming": "6.
|
|
86
|
-
"@storybook/web-components": "6.
|
|
83
|
+
"@storybook/addon-a11y": "6.4.22",
|
|
84
|
+
"@storybook/addon-essentials": "6.4.22",
|
|
85
|
+
"@storybook/components": "6.4.22",
|
|
86
|
+
"@storybook/theming": "6.4.22",
|
|
87
|
+
"@storybook/web-components": "6.4.22",
|
|
88
|
+
"@types/dompurify": "^3.0.2",
|
|
87
89
|
"asciidoctor": "2.2.6",
|
|
88
90
|
"asciidoctor-highlight.js": "0.4.0",
|
|
89
91
|
"babel-jest": "27.5.1",
|
package/src/lib/text-format.js
CHANGED
|
@@ -22,6 +22,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
22
22
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
23
23
|
});
|
|
24
24
|
};
|
|
25
|
+
import { sanitize } from 'dompurify';
|
|
25
26
|
export function loadAsciiDoctor() {
|
|
26
27
|
return __awaiter(this, void 0, void 0, function* () {
|
|
27
28
|
let _gvAsciidoctor = window._gvAsciidoctor;
|
|
@@ -44,7 +45,7 @@ export function toDom(text, type = 'adoc', small = false) {
|
|
|
44
45
|
if (text) {
|
|
45
46
|
let innerHTML = '';
|
|
46
47
|
if (type === 'adoc') {
|
|
47
|
-
|
|
48
|
+
const htmlContent = asciidoctor
|
|
48
49
|
.convert(text, {
|
|
49
50
|
attributes: {
|
|
50
51
|
showtitle: true,
|
|
@@ -55,6 +56,8 @@ export function toDom(text, type = 'adoc', small = false) {
|
|
|
55
56
|
// any other routing framework. By default, href will have the following format:
|
|
56
57
|
// href="[SERVER_BASE]/#a_link" i.e. href="https://apim-master-portal.cloud.gravitee.io/#a_link"
|
|
57
58
|
.replace(/href="#/g, `href="${window.location.href}#`);
|
|
59
|
+
// Sanitize HTML content to avoid XSS attacks
|
|
60
|
+
innerHTML = sanitize(htmlContent);
|
|
58
61
|
}
|
|
59
62
|
else {
|
|
60
63
|
throw new Error(`Library not found for type : '${type}' | ${text}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"text-format.js","sourceRoot":"","sources":["../../../src/lib/text-format.js"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;AAEH,MAAM,UAAgB,eAAe;;QACnC,IAAI,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAE3C,4CAA4C;QAC5C,IAAI,cAAc,IAAI,IAAI,EAAE;YAC1B,cAAc,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;YACzD,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC;SACxC;QAED,sDAAsD;QACtD,IAAI,MAAM,CAAC,uBAAuB,IAAI,IAAI,EAAE;YAC1C,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;YAChE,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YAC3D,MAAM,CAAC,uBAAuB,GAAG,IAAI,CAAC;SACvC;QACD,OAAO,cAAc,CAAC;IACxB,CAAC;CAAA;AAED,MAAM,UAAU,KAAK,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM,EAAE,KAAK,GAAG,KAAK;IACtD,OAAO,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;QAC5C,IAAI,IAAI,EAAE;YACR,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,IAAI,KAAK,MAAM,EAAE;gBACnB,
|
|
1
|
+
{"version":3,"file":"text-format.js","sourceRoot":"","sources":["../../../src/lib/text-format.js"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAErC,MAAM,UAAgB,eAAe;;QACnC,IAAI,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAE3C,4CAA4C;QAC5C,IAAI,cAAc,IAAI,IAAI,EAAE;YAC1B,cAAc,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;YACzD,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC;SACxC;QAED,sDAAsD;QACtD,IAAI,MAAM,CAAC,uBAAuB,IAAI,IAAI,EAAE;YAC1C,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;YAChE,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YAC3D,MAAM,CAAC,uBAAuB,GAAG,IAAI,CAAC;SACvC;QACD,OAAO,cAAc,CAAC;IACxB,CAAC;CAAA;AAED,MAAM,UAAU,KAAK,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM,EAAE,KAAK,GAAG,KAAK;IACtD,OAAO,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;QAC5C,IAAI,IAAI,EAAE;YACR,IAAI,SAAS,GAAG,EAAE,CAAC;YACnB,IAAI,IAAI,KAAK,MAAM,EAAE;gBACnB,MAAM,WAAW,GAAG,WAAW;qBAC5B,OAAO,CAAC,IAAI,EAAE;oBACb,UAAU,EAAE;wBACV,SAAS,EAAE,IAAI;wBACf,oBAAoB,EAAE,iBAAiB;qBACxC;iBACF,CAAC;oBACF,gGAAgG;oBAChG,gFAAgF;oBAChF,gGAAgG;qBAC/F,OAAO,CAAC,UAAU,EAAE,SAAS,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC;gBACzD,6CAA6C;gBAC7C,SAAS,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC;aACnC;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,OAAO,IAAI,EAAE,CAAC,CAAC;aACrE;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAC9C,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC;YAC9B,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,MAAM,CAAC;YAC7B,OAAO,CAAC,KAAK,CAAC,QAAQ,GAAG,QAAQ,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,QAAQ,CAAC;YAChC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YACvC,IAAI,KAAK,EAAE;gBACT,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;aAChC;YACD,MAAM,YAAY,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YACjD,IAAI,KAAK,GAAG,EAAE,CAAC;YACf,IAAI,YAAY,EAAE;gBAChB,KAAK,GAAG,YAAY,CAAC,WAAW,CAAC;aAClC;YAED,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;SAC3B;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -103,3 +103,22 @@ export const Async: {
|
|
|
103
103
|
};
|
|
104
104
|
render: (args: any) => HTMLDivElement;
|
|
105
105
|
};
|
|
106
|
+
export const SanitizedMaliciousDoc: {
|
|
107
|
+
docs: any;
|
|
108
|
+
css: any;
|
|
109
|
+
component: any;
|
|
110
|
+
items: any;
|
|
111
|
+
parameters: {
|
|
112
|
+
actions: {
|
|
113
|
+
handles: any[];
|
|
114
|
+
};
|
|
115
|
+
docsOnly: any;
|
|
116
|
+
docs: {
|
|
117
|
+
storyDescription: any;
|
|
118
|
+
};
|
|
119
|
+
storySource: {
|
|
120
|
+
source: any;
|
|
121
|
+
};
|
|
122
|
+
};
|
|
123
|
+
render: (args: any) => HTMLDivElement;
|
|
124
|
+
};
|
|
@@ -58,4 +58,8 @@ export const Async = makeStory(conf, {
|
|
|
58
58
|
}),
|
|
59
59
|
],
|
|
60
60
|
});
|
|
61
|
+
const maliciousAsciidoc = '```test"><img src=x onerror=alert(1)></img>';
|
|
62
|
+
export const SanitizedMaliciousDoc = makeStory(conf, {
|
|
63
|
+
items: [{ text: maliciousAsciidoc }],
|
|
64
|
+
});
|
|
61
65
|
//# sourceMappingURL=gv-documentation.stories.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gv-documentation.stories.js","sourceRoot":"","sources":["../../../../src/organisms/gv-documentation/gv-documentation.stories.js"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,OAAO,oBAAoB,CAAC;AAC5B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oDAAoD,CAAC;AACtF,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAEvE,eAAe;IACb,KAAK,EAAE,4BAA4B;IACnC,SAAS,EAAE,kBAAkB;IAC7B,UAAU,EAAE;QACV,OAAO,EAAE;YACP,SAAS,EAAE,KAAK;SACjB;KACF;CACF,CAAC;AAEF,MAAM,IAAI,GAAG;IACX,SAAS,EAAE,kBAAkB;CAC9B,CAAC;AAEF,MAAM,CAAC,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,EAAE;IACnC,KAAK,EAAE,CAAC,EAAE,CAAC;CACZ,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,SAAS,CAAC,IAAI,EAAE;IAC9C,KAAK,EAAE;QACL;YACE,SAAS,EAAE;;;;;KAKZ;SACA;KACF;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,EAAE;IAC1C,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,CAAC;CACpC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,EAAE;IAC3C,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;CAC5D,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,EAAE;IACnC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IACrC,WAAW,EAAE;QACX,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE;YAC9B,SAAS,CAAC,IAAI,GAAG,gBAAgB,CAAC;YAClC,SAAS,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC,CAAC;KACH;CACF,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"gv-documentation.stories.js","sourceRoot":"","sources":["../../../../src/organisms/gv-documentation/gv-documentation.stories.js"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,OAAO,oBAAoB,CAAC;AAC5B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oDAAoD,CAAC;AACtF,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAEvE,eAAe;IACb,KAAK,EAAE,4BAA4B;IACnC,SAAS,EAAE,kBAAkB;IAC7B,UAAU,EAAE;QACV,OAAO,EAAE;YACP,SAAS,EAAE,KAAK;SACjB;KACF;CACF,CAAC;AAEF,MAAM,IAAI,GAAG;IACX,SAAS,EAAE,kBAAkB;CAC9B,CAAC;AAEF,MAAM,CAAC,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,EAAE;IACnC,KAAK,EAAE,CAAC,EAAE,CAAC;CACZ,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG,SAAS,CAAC,IAAI,EAAE;IAC9C,KAAK,EAAE;QACL;YACE,SAAS,EAAE;;;;;KAKZ;SACA;KACF;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,EAAE;IAC1C,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,CAAC;CACpC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,EAAE;IAC3C,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;CAC5D,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,EAAE;IACnC,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IACrC,WAAW,EAAE;QACX,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE;YAC9B,SAAS,CAAC,IAAI,GAAG,gBAAgB,CAAC;YAClC,SAAS,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC,CAAC;KACH;CACF,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,6CAA6C,CAAC;AACxE,MAAM,CAAC,MAAM,qBAAqB,GAAG,SAAS,CAAC,IAAI,EAAE;IACnD,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC;CACrC,CAAC,CAAC"}
|