@microsoft/teams-js 2.49.0-beta.0 → 2.49.0

package/README.md

@@ -24,7 +24,7 @@ To install the stable [version](https://learn.microsoft.com/javascript/api/overv
 
 ### Production
 
-You can reference these files directly [from here](https://res.cdn.office.net/teams-js/2.48.1/js/MicrosoftTeams.min.js) or point your package manager at them.
+You can reference these files directly [from here](https://res.cdn.office.net/teams-js/2.49.0/js/MicrosoftTeams.min.js) or point your package manager at them.
 
 ## Usage
 
@@ -45,13 +45,13 @@ Reference the library inside of your `.html` page using:
 ```html
 <!-- Microsoft Teams JavaScript API (via CDN) -->
 <script
-  src="https://res.cdn.office.net/teams-js/2.48.1/js/MicrosoftTeams.min.js"
-  integrity="sha384-opiKcSoAwE9QEI+cc408L9oI0NWev5vi/CLyCCX57M7GuRKrXlC4nOxJ9z6cBoXS"
+  src="https://res.cdn.office.net/teams-js/2.49.0/js/MicrosoftTeams.min.js"
+  integrity="sha384-7wAL7GWYFgbQUP3f6/vtioav57bCRJ7ndOZUan7+vnCnuM5fPwvCzX+W5DzyjBJ5"
   crossorigin="anonymous"
 ></script>
 
 <!-- Microsoft Teams JavaScript API (via npm) -->
-<script src="node_modules/@microsoft/teams-js@2.48.1/dist/MicrosoftTeams.min.js"></script>
+<script src="node_modules/@microsoft/teams-js@2.49.0/dist/MicrosoftTeams.min.js"></script>
 
 <!-- Microsoft Teams JavaScript API (via local) -->
 <script src="MicrosoftTeams.min.js"></script>

package/dist/esm/packages/teams-js/dts/internal/urlPattern.d.ts

@@ -15,13 +15,16 @@ export interface URLVerifier {
     test: (url: URL) => boolean;
 }
 /**
+ * Checks if the provided host matches the given pattern, which may include a single wildcard segment.
  * @param pattern - reference pattern
  * @param host - candidate string
  * @returns returns true if host matches pre-know valid pattern
  *
  * @example
  *    validateHostAgainstPattern('*.teams.microsoft.com', 'subdomain.teams.microsoft.com') returns true
+ *    validateHostAgainstPattern('test.*.teams.microsoft.com', 'test.subdomain.teams.microsoft.com') returns true
  *    validateHostAgainstPattern('teams.microsoft.com', 'team.microsoft.com') returns false
+ *    validateHostAgainstPattern('*.*.microsoft.com', 'test.team.microsoft.com') returns false
  *
  * @internal
  * Limited to Microsoft-internal use

package/dist/esm/packages/teams-js/dts/private/interfaces.d.ts

@@ -211,6 +211,30 @@ export interface FilePreviewParameters {
      * Limited to Microsoft-internal use
      */
     conversationId?: string;
+    /**
+     * @hidden
+     * Optional; id of message where this file is shared (if applicable)
+     *
+     * @internal
+     * Limited to Microsoft-internal use
+     */
+    messageId?: string;
+    /**
+     * @hidden
+     * Optional; used internally to differentiate different callers from within an app
+     *
+     * @internal
+     * Limited to Microsoft-internal use
+     */
+    callerInfo?: string;
+    /**
+     * @hidden
+     * Optional; serialised string of atp data which the apps may pass to expediate safelink validations that run when a file is opened
+     *
+     * @internal
+     * Limited to Microsoft-internal use
+     */
+    atpData?: string;
 }
 /**
  * @hidden

package/dist/esm/packages/teams-js/src/internal/urlPattern.js

@@ -1 +1 @@
-const t=/^[A-Za-z][A-Za-z\d+.-]*:\/\//;function s(t,s){const n=t.substring(1);return t===s||"*."===t.substring(0,2)&&s.length>n.length&&s.split(".").length===n.split(".").length&&s.substring(s.length-n.length)===n}class n{constructor(t,s,n){this.protocol=t,this.host=s,this.logger=n}static canUse(s){return t.test(s)}static create(t,s){const e=t.split("://");return new n(e[0],e[1],s.extend("InternalURLPattern"))}test(t){return this.logger("Testing URL %s against pattern protocol: %s, host: %s",t,this.protocol,this.host),t.protocol===`${this.protocol}:`&&(!t.host||s(this.host,t.host))}}function e(t){return n.canUse(t)}function o(t,s){if(n.canUse(t))return n.create(t,s);s("No URL verifier available for pattern: %s",t)}export{o as createURLVerifier,e as isValidPatternUrl,s as validateHostAgainstPattern};
+const t=/^[A-Za-z][A-Za-z\d+.-]*:\/\//;function e(t,e){const r=t.split("."),s=e.split(".");if(s.length!==r.length)return!1;let n=!1;for(let t=0;t<r.length;t++)if(r[t]!==s[t]){if("*"!==r[t])return!1;if(t===r.length-1||n)return!1;n=!0}return!0}class r{constructor(t,e,r){this.protocol=t,this.host=e,this.logger=r}static canUse(e){return t.test(e)}static create(t,e){const s=t.split("://");return new r(s[0],s[1],e.extend("InternalURLPattern"))}test(t){return this.logger("Testing URL %s against pattern protocol: %s, host: %s",t,this.protocol,this.host),t.protocol===`${this.protocol}:`&&(!t.host||e(this.host,t.host))}}function s(t){return r.canUse(t)}function n(t,e){if(r.canUse(t))return r.create(t,e);e("No URL verifier available for pattern: %s",t)}export{n as createURLVerifier,s as isValidPatternUrl,e as validateHostAgainstPattern};

package/dist/esm/packages/teams-js/src/private/privateAPIs.js

@@ -1 +1 @@
-import{shouldEventBeRelayedToChild as e,sendMessageEventToChild as t}from"../internal/childCommunication.js";import{sendMessageToParent as n}from"../internal/communication.js";import{registerHandler as i}from"../internal/handlers.js";import{ensureInitialized as r}from"../internal/internalAPIs.js";import{getApiVersionTag as o}from"../internal/telemetry.js";import{getGenericOnCompleteHandler as s}from"../internal/utils.js";import{FrameContexts as l}from"../public/constants.js";import{runtime as a}from"../public/runtime.js";const m="v1";function p(e,t){r(a),n(o(m,"uploadCustomApp"),"uploadCustomApp",[e],t||s())}function c(e,t,i){r(a),n(o(m,"sendCustomMessage"),e,t,i)}function u(n,i){if(r(a),!e())throw new Error("The child window has not yet been initialized or is not present");t(n,i)}function d(e,t){r(a),i(o(m,"registerCustomHandler"),e,(...e)=>t.apply(this,e))}function f(e,t){r(a),i(o(m,"registerUserSettingsChangeHandler"),"userSettingsChange",t,!0,[e])}function w(e){r(a,l.content,l.sidePanel,l.task);const t=[e.entityId,e.title,e.description,e.type,e.objectUrl,e.downloadUrl,e.webPreviewUrl,e.webEditUrl,e.baseUrl,e.editFile,e.subEntityId,e.viewerAction,e.fileOpenPreference,e.conversationId,e.sizeInBytes];n(o(m,"openFilePreview"),"openFilePreview",t)}export{w as openFilePreview,d as registerCustomHandler,f as registerUserSettingsChangeHandler,u as sendCustomEvent,c as sendCustomMessage,p as uploadCustomApp};
+import{shouldEventBeRelayedToChild as e,sendMessageEventToChild as t}from"../internal/childCommunication.js";import{sendMessageToParent as n}from"../internal/communication.js";import{registerHandler as i}from"../internal/handlers.js";import{ensureInitialized as r}from"../internal/internalAPIs.js";import{getApiVersionTag as o}from"../internal/telemetry.js";import{getGenericOnCompleteHandler as s}from"../internal/utils.js";import{FrameContexts as l}from"../public/constants.js";import{runtime as a}from"../public/runtime.js";const m="v1";function p(e,t){r(a),n(o(m,"uploadCustomApp"),"uploadCustomApp",[e],t||s())}function c(e,t,i){r(a),n(o(m,"sendCustomMessage"),e,t,i)}function d(n,i){if(r(a),!e())throw new Error("The child window has not yet been initialized or is not present");t(n,i)}function u(e,t){r(a),i(o(m,"registerCustomHandler"),e,(...e)=>t.apply(this,e))}function f(e,t){r(a),i(o(m,"registerUserSettingsChangeHandler"),"userSettingsChange",t,!0,[e])}function w(e){r(a,l.content,l.sidePanel,l.task);const t=[e.entityId,e.title,e.description,e.type,e.objectUrl,e.downloadUrl,e.webPreviewUrl,e.webEditUrl,e.baseUrl,e.editFile,e.subEntityId,e.viewerAction,e.fileOpenPreference,e.conversationId,e.sizeInBytes,e.messageId,e.callerInfo,e.atpData];n(o(m,"openFilePreview"),"openFilePreview",t)}export{w as openFilePreview,u as registerCustomHandler,f as registerUserSettingsChangeHandler,d as sendCustomEvent,c as sendCustomMessage,p as uploadCustomApp};

package/dist/esm/packages/teams-js/src/public/version.js

@@ -1 +1 @@
-const t="2.49.0-beta.0";export{t as version};
+const o="2.49.0";export{o as version};

package/dist/umd/MicrosoftTeams.js

@@ -4669,7 +4669,7 @@ function isSerializable(arg) {
  * @hidden
  *  Package version.
  */
-const version = "2.49.0-beta.0";
+const version = "2.49.0";
 
 ;// ./src/public/featureFlags.ts
 // All build feature flags are defined inside this object. Any build feature flag must have its own unique getter and setter function. This pattern allows for client apps to treeshake unused code and avoid including code guarded by this feature flags in the final bundle. If this property isn't desired, use the below runtime feature flags object.
@@ -4808,24 +4808,42 @@ function flushMessageQueue(targetWindow, targetOrigin, targetMessageQueue, targe
  */
 const userOriginUrlValidationRegExp = /^[A-Za-z][A-Za-z\d+.-]*:\/\//;
 /**
+ * Checks if the provided host matches the given pattern, which may include a single wildcard segment.
  * @param pattern - reference pattern
  * @param host - candidate string
  * @returns returns true if host matches pre-know valid pattern
  *
  * @example
  *    validateHostAgainstPattern('*.teams.microsoft.com', 'subdomain.teams.microsoft.com') returns true
+ *    validateHostAgainstPattern('test.*.teams.microsoft.com', 'test.subdomain.teams.microsoft.com') returns true
  *    validateHostAgainstPattern('teams.microsoft.com', 'team.microsoft.com') returns false
+ *    validateHostAgainstPattern('*.*.microsoft.com', 'test.team.microsoft.com') returns false
  *
  * @internal
  * Limited to Microsoft-internal use
  */
 function validateHostAgainstPattern(pattern, host) {
-    const suffix = pattern.substring(1);
-    return (pattern === host ||
-        (pattern.substring(0, 2) === '*.' &&
-            host.length > suffix.length &&
-            host.split('.').length === suffix.split('.').length &&
-            host.substring(host.length - suffix.length) === suffix));
+    const patternSegments = pattern.split('.');
+    const hostSegments = host.split('.');
+    if (hostSegments.length !== patternSegments.length) {
+        return false;
+    }
+    let hasUsedWildcard = false;
+    for (let i = 0; i < patternSegments.length; i++) {
+        if (patternSegments[i] === hostSegments[i]) {
+            continue;
+        }
+        if (patternSegments[i] !== '*') {
+            return false;
+        }
+        // Wildcard in the last segment (TLD position) is not allowed for security reasons. Additionally, only one wildcard segment is allowed to prevent overly permissive patterns.
+        if (i === patternSegments.length - 1 || hasUsedWildcard) {
+            return false;
+        }
+        hasUsedWildcard = true;
+        continue;
+    }
+    return true;
 }
 /**
  * @hidden
@@ -9374,6 +9392,9 @@ function openFilePreview(filePreviewParameters) {
         filePreviewParameters.fileOpenPreference,
         filePreviewParameters.conversationId,
         filePreviewParameters.sizeInBytes,
+        filePreviewParameters.messageId,
+        filePreviewParameters.callerInfo,
+        filePreviewParameters.atpData,
     ];
     sendMessageToParent(getApiVersionTag(privateAPIsTelemetryVersionNumber, "openFilePreview" /* ApiName.PrivateAPIs_OpenFilePreview */), 'openFilePreview', params);
 }