@localnerve/csp-hashes 0.1.6 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +0 -2
- package/dist/lib/index.js +1 -20
- package/package.json +6 -6
package/dist/index.js
CHANGED
package/dist/lib/index.js
CHANGED
|
@@ -4,15 +4,10 @@ Object.defineProperty(exports, "__esModule", {
|
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
6
|
exports.default = hashstream;
|
|
7
|
-
|
|
8
7
|
var _cheerio = _interopRequireDefault(require("cheerio"));
|
|
9
|
-
|
|
10
8
|
var _through = _interopRequireDefault(require("through2"));
|
|
11
|
-
|
|
12
9
|
var _crypto = _interopRequireDefault(require("crypto"));
|
|
13
|
-
|
|
14
10
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
15
|
-
|
|
16
11
|
/**
|
|
17
12
|
* CSP Hashes.
|
|
18
13
|
*
|
|
@@ -32,7 +27,6 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de
|
|
|
32
27
|
*/
|
|
33
28
|
function collectHashes(hashFn, html, hashes) {
|
|
34
29
|
const $ = _cheerio.default.load(html);
|
|
35
|
-
|
|
36
30
|
Object.keys(hashes).forEach(what => {
|
|
37
31
|
hashes[what].elements = $(`${what}:not([src])`).map((i, el) => hashFn($(el).html())).toArray();
|
|
38
32
|
});
|
|
@@ -44,13 +38,13 @@ function collectHashes(hashFn, html, hashes) {
|
|
|
44
38
|
if (eventHandlerRe.test(attrName)) {
|
|
45
39
|
hashes.script.attributes.push(hashFn(el.attribs[attrName]));
|
|
46
40
|
}
|
|
47
|
-
|
|
48
41
|
if (jsUrlRe.test(el.attribs[attrName])) {
|
|
49
42
|
hashes.script.attributes.push(hashFn(el.attribs[attrName].split(jsUrlRe)[1]));
|
|
50
43
|
}
|
|
51
44
|
}
|
|
52
45
|
});
|
|
53
46
|
}
|
|
47
|
+
|
|
54
48
|
/**
|
|
55
49
|
* hashstream
|
|
56
50
|
* Accepts the processing options and returns the Vinyl transform object stream.
|
|
@@ -61,8 +55,6 @@ function collectHashes(hashFn, html, hashes) {
|
|
|
61
55
|
* @param {Boolean} [options.replace] - True if callback is used for meta html replacements, defaults to false.
|
|
62
56
|
* @returns Transform object stream to process Vinyl objects.
|
|
63
57
|
*/
|
|
64
|
-
|
|
65
|
-
|
|
66
58
|
function hashstream({
|
|
67
59
|
algo = 'sha256',
|
|
68
60
|
replace = false,
|
|
@@ -71,17 +63,12 @@ function hashstream({
|
|
|
71
63
|
if (!/^sha(256|384|512)$/.test(algo)) {
|
|
72
64
|
throw new Error('algo option must be one of "sha256", "sha384", or "sha512" only.');
|
|
73
65
|
}
|
|
74
|
-
|
|
75
66
|
if (typeof callback !== 'function') {
|
|
76
67
|
throw new Error('callback option must be a valid function.');
|
|
77
68
|
}
|
|
78
|
-
|
|
79
69
|
const createHash = r => _crypto.default.createHash(algo).update(r).digest('base64');
|
|
80
|
-
|
|
81
70
|
const formatHash = h => `'${algo}-${h}'`;
|
|
82
|
-
|
|
83
71
|
const makeCSPHash = s => formatHash(createHash(s));
|
|
84
|
-
|
|
85
72
|
return _through.default.obj((vinyl, enc, done) => {
|
|
86
73
|
const path = vinyl.path;
|
|
87
74
|
const content = vinyl.contents;
|
|
@@ -89,31 +76,25 @@ function hashstream({
|
|
|
89
76
|
script: {
|
|
90
77
|
elements: [],
|
|
91
78
|
attributes: [],
|
|
92
|
-
|
|
93
79
|
get all() {
|
|
94
80
|
return this.elements.concat(this.attributes);
|
|
95
81
|
}
|
|
96
|
-
|
|
97
82
|
},
|
|
98
83
|
style: {
|
|
99
84
|
elements: [],
|
|
100
85
|
attributes: [],
|
|
101
|
-
|
|
102
86
|
get all() {
|
|
103
87
|
return this.elements.concat(this.attributes);
|
|
104
88
|
}
|
|
105
|
-
|
|
106
89
|
}
|
|
107
90
|
};
|
|
108
91
|
collectHashes(makeCSPHash, content, hashes);
|
|
109
|
-
|
|
110
92
|
if (replace) {
|
|
111
93
|
const s = callback(path, hashes, content.toString());
|
|
112
94
|
vinyl.contents = Buffer.from(s, enc);
|
|
113
95
|
} else {
|
|
114
96
|
callback(path, hashes);
|
|
115
97
|
}
|
|
116
|
-
|
|
117
98
|
done(null, vinyl);
|
|
118
99
|
});
|
|
119
100
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@localnerve/csp-hashes",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.7",
|
|
4
4
|
"description": "Flexible library to generate CSP hashes",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -12,11 +12,11 @@
|
|
|
12
12
|
"test:debug": "node --inspect-brk ./node_modules/.bin/jest"
|
|
13
13
|
},
|
|
14
14
|
"devDependencies": {
|
|
15
|
-
"@babel/cli": "^7.
|
|
16
|
-
"@babel/preset-env": "^7.
|
|
15
|
+
"@babel/cli": "^7.19.3",
|
|
16
|
+
"@babel/preset-env": "^7.19.4",
|
|
17
17
|
"@babel/register": "^7.18.9",
|
|
18
|
-
"eslint": "^8.
|
|
19
|
-
"jest": "^29.
|
|
18
|
+
"eslint": "^8.25.0",
|
|
19
|
+
"jest": "^29.1.2",
|
|
20
20
|
"rimraf": "^3.0.2",
|
|
21
21
|
"vinyl": "^2.2.1"
|
|
22
22
|
},
|
|
@@ -50,6 +50,6 @@
|
|
|
50
50
|
},
|
|
51
51
|
"homepage": "https://github.com/localnerve/csp-hashes#readme",
|
|
52
52
|
"engines": {
|
|
53
|
-
"node": "14
|
|
53
|
+
"node": ">=14"
|
|
54
54
|
}
|
|
55
55
|
}
|