@heliosgraphics/utils 6.0.0-alpha.14 → 6.0.0-alpha.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/clipboard.ts +5 -1
- package/colors.ts +14 -14
- package/equals.ts +1 -1
- package/package.json +1 -1
- package/sanitize.ts +16 -2
package/clipboard.ts
CHANGED
|
@@ -1,9 +1,13 @@
|
|
|
1
1
|
export const copyValue = async (text: string): Promise<void> => {
|
|
2
|
-
if (navigator
|
|
2
|
+
if (typeof navigator !== "undefined" && navigator.clipboard?.writeText) {
|
|
3
3
|
await navigator.clipboard.writeText(text)
|
|
4
4
|
return
|
|
5
5
|
}
|
|
6
6
|
|
|
7
|
+
if (typeof document === "undefined" || !document.body || typeof document.execCommand !== "function") {
|
|
8
|
+
return
|
|
9
|
+
}
|
|
10
|
+
|
|
7
11
|
const input: HTMLTextAreaElement = document.createElement("textarea")
|
|
8
12
|
|
|
9
13
|
document.body.appendChild(input)
|
package/colors.ts
CHANGED
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
type TypeRGB = [number, number, number]
|
|
2
2
|
|
|
3
|
+
const toHex = (c: unknown): string => {
|
|
4
|
+
if (c === null || c === undefined) return "ff"
|
|
5
|
+
|
|
6
|
+
const value: number = Math.round(Number(c))
|
|
7
|
+
const isInvalid: boolean = isNaN(value) || value < 0 || value > 255
|
|
8
|
+
|
|
9
|
+
if (isInvalid) return "ff"
|
|
10
|
+
|
|
11
|
+
const hex: string = value.toString(16)
|
|
12
|
+
|
|
13
|
+
return hex.length === 1 ? `0${hex}` : hex
|
|
14
|
+
}
|
|
15
|
+
|
|
3
16
|
export const hexToRgb = (hex?: string | null): TypeRGB | null => {
|
|
4
17
|
const isValid: boolean = !!hex && typeof hex === "string"
|
|
5
18
|
|
|
@@ -23,18 +36,5 @@ export const hexToRgb = (hex?: string | null): TypeRGB | null => {
|
|
|
23
36
|
}
|
|
24
37
|
|
|
25
38
|
export const rgbToHex = (r: number | string = 255, g: number | string = 255, b: number | string = 255): string => {
|
|
26
|
-
|
|
27
|
-
if (c === null || c === undefined) return "ff"
|
|
28
|
-
|
|
29
|
-
const value: number = Math.round(Number(c))
|
|
30
|
-
const isInvalid: boolean = isNaN(value) || value < 0 || value > 255
|
|
31
|
-
|
|
32
|
-
if (isInvalid) return "ff"
|
|
33
|
-
|
|
34
|
-
const hex: string = value.toString(16)
|
|
35
|
-
|
|
36
|
-
return hex.length === 1 ? `0${hex}` : hex
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
return `#${_toHex(r)}${_toHex(g)}${_toHex(b)}`
|
|
39
|
+
return `#${toHex(r)}${toHex(g)}${toHex(b)}`
|
|
40
40
|
}
|
package/equals.ts
CHANGED
|
@@ -27,7 +27,7 @@ export const getAreSetsEqual = <T>(setA: Set<T>, setB: Set<T>): boolean => {
|
|
|
27
27
|
|
|
28
28
|
const arrA: Array<T> = Array.from(setA)
|
|
29
29
|
const arrB: Array<T> = Array.from(setB)
|
|
30
|
-
const matched: Array<boolean> =
|
|
30
|
+
const matched: Array<boolean> = Array.from({ length: arrB.length }, () => false)
|
|
31
31
|
|
|
32
32
|
for (let i: number = 0; i < arrA.length; i++) {
|
|
33
33
|
let foundMatch: boolean = false
|
package/package.json
CHANGED
package/sanitize.ts
CHANGED
|
@@ -26,6 +26,10 @@ const ALLOWED_ATTRIBUTES = new Set(["class", "id", "title"])
|
|
|
26
26
|
|
|
27
27
|
const SAFE_PROTOCOLS = /^(https?|mailto|tel|ftp):/i
|
|
28
28
|
|
|
29
|
+
interface SanitizeTextOptions {
|
|
30
|
+
allowLinks?: boolean
|
|
31
|
+
}
|
|
32
|
+
|
|
29
33
|
const DANGEROUS_FUNCTIONS: Array<RegExp> = [
|
|
30
34
|
/alert(?=\s*\()/gi,
|
|
31
35
|
/eval(?=\s*\()/gi,
|
|
@@ -81,9 +85,11 @@ const DANGEROUS_FUNCTIONS: Array<RegExp> = [
|
|
|
81
85
|
/createElement\s*\(\s*["']script["']\s*\)/gi,
|
|
82
86
|
]
|
|
83
87
|
|
|
84
|
-
export const sanitizeText = (input: string = ""): string => {
|
|
88
|
+
export const sanitizeText = (input: string = "", options: SanitizeTextOptions = {}): string => {
|
|
85
89
|
if (!input) return ""
|
|
86
90
|
|
|
91
|
+
const { allowLinks = false } = options
|
|
92
|
+
|
|
87
93
|
// First remove dangerous patterns before decoding
|
|
88
94
|
let sanitized = input
|
|
89
95
|
.replace(/<!--[\s\S]*?-->/g, "")
|
|
@@ -162,7 +168,7 @@ export const sanitizeText = (input: string = ""): string => {
|
|
|
162
168
|
(_fullMatch: string, closing: string, tagName: string, attributes: string) => {
|
|
163
169
|
const tag = tagName.toLowerCase()
|
|
164
170
|
|
|
165
|
-
if (!ALLOWED_TAGS.has(tag)) {
|
|
171
|
+
if (!ALLOWED_TAGS.has(tag) && !(allowLinks && tag === "a")) {
|
|
166
172
|
return ""
|
|
167
173
|
}
|
|
168
174
|
|
|
@@ -193,6 +199,10 @@ export const sanitizeText = (input: string = ""): string => {
|
|
|
193
199
|
|
|
194
200
|
cleanAttributes += ` ${attrName}="${cleanValue}"`
|
|
195
201
|
}
|
|
202
|
+
|
|
203
|
+
if (allowLinks && tag === "a" && attrName === "href" && SAFE_PROTOCOLS.test(attrValue)) {
|
|
204
|
+
cleanAttributes += ` href="${attrValue}"`
|
|
205
|
+
}
|
|
196
206
|
}
|
|
197
207
|
})
|
|
198
208
|
}
|
|
@@ -208,6 +218,10 @@ export const sanitizeText = (input: string = ""): string => {
|
|
|
208
218
|
sanitized = sanitized.replace(pattern, "")
|
|
209
219
|
})
|
|
210
220
|
|
|
221
|
+
if (allowLinks) {
|
|
222
|
+
sanitized = sanitized.replace(/<a>(.*?)<\/a>/gi, "$1")
|
|
223
|
+
}
|
|
224
|
+
|
|
211
225
|
// Additional targeted cleanup for specific dangerous contexts
|
|
212
226
|
sanitized = sanitized.replace(/\balert\s*(?=[,)])/gi, "")
|
|
213
227
|
sanitized = sanitized.replace(/\bjavascript\s*(?=:)/gi, "")
|