@mintlify/validation 0.1.573 → 0.1.574
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/mint-config/schemas/v2/index.d.ts +16 -16
- package/dist/mint-config/schemas/v2/properties/footer.d.ts +5 -5
- package/dist/mint-config/schemas/v2/properties/footer.js +4 -3
- package/dist/mint-config/schemas/v2/properties/reusable/href.d.ts +6 -0
- package/dist/mint-config/schemas/v2/properties/reusable/href.js +63 -0
- package/dist/mint-config/schemas/v2/properties/reusable/safeUrl.d.ts +6 -0
- package/dist/mint-config/schemas/v2/properties/reusable/safeUrl.js +24 -0
- package/dist/mint-config/schemas/v2/themes/almond.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/aspen.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/linden.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/maple.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/mint.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/palm.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/reusable/index.d.ts +2 -2
- package/dist/mint-config/schemas/v2/themes/willow.d.ts +2 -2
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +2 -2
|
@@ -683,12 +683,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
683
683
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
684
684
|
}>]>;
|
|
685
685
|
footer: z.ZodOptional<z.ZodObject<{
|
|
686
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
686
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
687
687
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
688
688
|
header: z.ZodOptional<z.ZodString>;
|
|
689
689
|
items: z.ZodArray<z.ZodObject<{
|
|
690
690
|
label: z.ZodString;
|
|
691
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
691
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
692
692
|
}, "strip", z.ZodTypeAny, {
|
|
693
693
|
href: string;
|
|
694
694
|
label: string;
|
|
@@ -2787,12 +2787,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
2787
2787
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
2788
2788
|
}>]>;
|
|
2789
2789
|
footer: z.ZodOptional<z.ZodObject<{
|
|
2790
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
2790
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
2791
2791
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
2792
2792
|
header: z.ZodOptional<z.ZodString>;
|
|
2793
2793
|
items: z.ZodArray<z.ZodObject<{
|
|
2794
2794
|
label: z.ZodString;
|
|
2795
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
2795
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
2796
2796
|
}, "strip", z.ZodTypeAny, {
|
|
2797
2797
|
href: string;
|
|
2798
2798
|
label: string;
|
|
@@ -4891,12 +4891,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
4891
4891
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
4892
4892
|
}>]>;
|
|
4893
4893
|
footer: z.ZodOptional<z.ZodObject<{
|
|
4894
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
4894
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
4895
4895
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
4896
4896
|
header: z.ZodOptional<z.ZodString>;
|
|
4897
4897
|
items: z.ZodArray<z.ZodObject<{
|
|
4898
4898
|
label: z.ZodString;
|
|
4899
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
4899
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
4900
4900
|
}, "strip", z.ZodTypeAny, {
|
|
4901
4901
|
href: string;
|
|
4902
4902
|
label: string;
|
|
@@ -6995,12 +6995,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
6995
6995
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
6996
6996
|
}>]>;
|
|
6997
6997
|
footer: z.ZodOptional<z.ZodObject<{
|
|
6998
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
6998
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
6999
6999
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
7000
7000
|
header: z.ZodOptional<z.ZodString>;
|
|
7001
7001
|
items: z.ZodArray<z.ZodObject<{
|
|
7002
7002
|
label: z.ZodString;
|
|
7003
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
7003
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
7004
7004
|
}, "strip", z.ZodTypeAny, {
|
|
7005
7005
|
href: string;
|
|
7006
7006
|
label: string;
|
|
@@ -9099,12 +9099,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
9099
9099
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
9100
9100
|
}>]>;
|
|
9101
9101
|
footer: z.ZodOptional<z.ZodObject<{
|
|
9102
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
9102
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
9103
9103
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
9104
9104
|
header: z.ZodOptional<z.ZodString>;
|
|
9105
9105
|
items: z.ZodArray<z.ZodObject<{
|
|
9106
9106
|
label: z.ZodString;
|
|
9107
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
9107
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
9108
9108
|
}, "strip", z.ZodTypeAny, {
|
|
9109
9109
|
href: string;
|
|
9110
9110
|
label: string;
|
|
@@ -11203,12 +11203,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
11203
11203
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
11204
11204
|
}>]>;
|
|
11205
11205
|
footer: z.ZodOptional<z.ZodObject<{
|
|
11206
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
11206
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
11207
11207
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
11208
11208
|
header: z.ZodOptional<z.ZodString>;
|
|
11209
11209
|
items: z.ZodArray<z.ZodObject<{
|
|
11210
11210
|
label: z.ZodString;
|
|
11211
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
11211
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
11212
11212
|
}, "strip", z.ZodTypeAny, {
|
|
11213
11213
|
href: string;
|
|
11214
11214
|
label: string;
|
|
@@ -13307,12 +13307,12 @@ export declare const docsConfigSchema: z.ZodDiscriminatedUnion<"theme", [z.ZodOb
|
|
|
13307
13307
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
13308
13308
|
}>]>;
|
|
13309
13309
|
footer: z.ZodOptional<z.ZodObject<{
|
|
13310
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
13310
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
13311
13311
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
13312
13312
|
header: z.ZodOptional<z.ZodString>;
|
|
13313
13313
|
items: z.ZodArray<z.ZodObject<{
|
|
13314
13314
|
label: z.ZodString;
|
|
13315
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
13315
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
13316
13316
|
}, "strip", z.ZodTypeAny, {
|
|
13317
13317
|
href: string;
|
|
13318
13318
|
label: string;
|
|
@@ -15412,12 +15412,12 @@ export declare const docsConfigUnifiedSchema: z.ZodObject<{
|
|
|
15412
15412
|
global?: import("./properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
15413
15413
|
}>]>;
|
|
15414
15414
|
footer: z.ZodOptional<z.ZodObject<{
|
|
15415
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
15415
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
15416
15416
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
15417
15417
|
header: z.ZodOptional<z.ZodString>;
|
|
15418
15418
|
items: z.ZodArray<z.ZodObject<{
|
|
15419
15419
|
label: z.ZodString;
|
|
15420
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
15420
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
15421
15421
|
}, "strip", z.ZodTypeAny, {
|
|
15422
15422
|
href: string;
|
|
15423
15423
|
label: string;
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
2
|
export declare const footerLinkSchema: z.ZodObject<{
|
|
3
3
|
label: z.ZodString;
|
|
4
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
4
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
5
5
|
}, "strip", z.ZodTypeAny, {
|
|
6
6
|
href: string;
|
|
7
7
|
label: string;
|
|
@@ -13,7 +13,7 @@ export declare const footerLinksColumnSchema: z.ZodObject<{
|
|
|
13
13
|
header: z.ZodOptional<z.ZodString>;
|
|
14
14
|
items: z.ZodArray<z.ZodObject<{
|
|
15
15
|
label: z.ZodString;
|
|
16
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
16
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
17
17
|
}, "strip", z.ZodTypeAny, {
|
|
18
18
|
href: string;
|
|
19
19
|
label: string;
|
|
@@ -34,14 +34,14 @@ export declare const footerLinksColumnSchema: z.ZodObject<{
|
|
|
34
34
|
}[];
|
|
35
35
|
header?: string | undefined;
|
|
36
36
|
}>;
|
|
37
|
-
export declare const footerSocialsSchema: z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
37
|
+
export declare const footerSocialsSchema: z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>;
|
|
38
38
|
export declare const footerSchema: z.ZodObject<{
|
|
39
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
39
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
40
40
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
41
41
|
header: z.ZodOptional<z.ZodString>;
|
|
42
42
|
items: z.ZodArray<z.ZodObject<{
|
|
43
43
|
label: z.ZodString;
|
|
44
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
44
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
45
45
|
}, "strip", z.ZodTypeAny, {
|
|
46
46
|
href: string;
|
|
47
47
|
label: string;
|
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
import { footerSocialKeys } from '@mintlify/models';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
-
import {
|
|
3
|
+
import { secureHrefSchema } from './reusable/href.js';
|
|
4
|
+
import { secureUrlSchema } from './reusable/safeUrl.js';
|
|
4
5
|
export const footerLinkSchema = z.object({
|
|
5
6
|
label: z.string().nonempty('Link must have a non-empty label').describe('The label of the link'),
|
|
6
|
-
href:
|
|
7
|
+
href: secureHrefSchema.describe('The url of the link'),
|
|
7
8
|
});
|
|
8
9
|
export const footerLinksColumnSchema = z.object({
|
|
9
10
|
header: z
|
|
@@ -17,7 +18,7 @@ export const footerLinksColumnSchema = z.object({
|
|
|
17
18
|
.describe('The links to be displayed in the column'),
|
|
18
19
|
});
|
|
19
20
|
export const footerSocialsSchema = z
|
|
20
|
-
.record(z.enum(footerSocialKeys),
|
|
21
|
+
.record(z.enum(footerSocialKeys), secureUrlSchema.describe('Must be a valid URL'))
|
|
21
22
|
.describe('An object in which each key is the name of a social media platform, and each value is the url to your profile. For example: { "x": "https://x.com/mintlify" }');
|
|
22
23
|
export const footerSchema = z
|
|
23
24
|
.object({
|
|
@@ -1,2 +1,8 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
+
export declare function normalizeUrl(value: string): string;
|
|
2
3
|
export declare const hrefSchema: z.ZodEffects<z.ZodString, string, string>;
|
|
4
|
+
/**
|
|
5
|
+
* Allows relative paths, mailto, and secure absolute URLs (https), while blocking
|
|
6
|
+
* dangerous file extensions.
|
|
7
|
+
*/
|
|
8
|
+
export declare const secureHrefSchema: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
@@ -1,4 +1,42 @@
|
|
|
1
1
|
import { z } from 'zod';
|
|
2
|
+
const ALLOWED_PROTOCOLS = ['https:'];
|
|
3
|
+
const DANGEROUS_FILE_EXTENSIONS = ['.svg', '.exe', '.zip'];
|
|
4
|
+
// Normalizes a URL by removing trailing slashes and anchor links
|
|
5
|
+
export function normalizeUrl(value) {
|
|
6
|
+
let normalized = value;
|
|
7
|
+
const hashIndex = normalized.indexOf('#');
|
|
8
|
+
if (hashIndex !== -1) {
|
|
9
|
+
normalized = normalized.substring(0, hashIndex);
|
|
10
|
+
}
|
|
11
|
+
try {
|
|
12
|
+
const url = new URL(normalized);
|
|
13
|
+
if (url.pathname !== '/' && url.pathname.endsWith('/')) {
|
|
14
|
+
url.pathname = url.pathname.replace(/\/+$/, '');
|
|
15
|
+
normalized = url.toString();
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
catch (_a) {
|
|
19
|
+
// Handle relative paths that can't be parsed by URL constructor
|
|
20
|
+
if (!normalized.startsWith('mailto:')) {
|
|
21
|
+
// Split on query parameter to handle paths with query strings
|
|
22
|
+
const queryIndex = normalized.indexOf('?');
|
|
23
|
+
if (queryIndex !== -1) {
|
|
24
|
+
const pathPart = normalized.substring(0, queryIndex);
|
|
25
|
+
const queryPart = normalized.substring(queryIndex);
|
|
26
|
+
// Remove trailing slashes from path part (but preserve single slash)
|
|
27
|
+
const normalizedPath = pathPart.length > 1 && pathPart.endsWith('/') ? pathPart.replace(/\/+$/, '') : pathPart;
|
|
28
|
+
normalized = normalizedPath + queryPart;
|
|
29
|
+
}
|
|
30
|
+
else {
|
|
31
|
+
// No query params, just check for trailing slash
|
|
32
|
+
if (normalized.length > 1 && normalized.endsWith('/')) {
|
|
33
|
+
normalized = normalized.replace(/\/+$/, '');
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
return normalized;
|
|
39
|
+
}
|
|
2
40
|
export const hrefSchema = z
|
|
3
41
|
.string()
|
|
4
42
|
.refine((value) => {
|
|
@@ -18,3 +56,28 @@ export const hrefSchema = z
|
|
|
18
56
|
}
|
|
19
57
|
}, { message: 'Must be a valid URL or relative path' })
|
|
20
58
|
.describe('A valid path or external link');
|
|
59
|
+
/**
|
|
60
|
+
* Allows relative paths, mailto, and secure absolute URLs (https), while blocking
|
|
61
|
+
* dangerous file extensions.
|
|
62
|
+
*/
|
|
63
|
+
export const secureHrefSchema = z
|
|
64
|
+
.string()
|
|
65
|
+
.transform(normalizeUrl)
|
|
66
|
+
.refine((value) => {
|
|
67
|
+
if (value.startsWith('//'))
|
|
68
|
+
return false;
|
|
69
|
+
if (value.startsWith('/'))
|
|
70
|
+
return true;
|
|
71
|
+
if (value.startsWith('mailto:'))
|
|
72
|
+
return true;
|
|
73
|
+
try {
|
|
74
|
+
const url = new URL(value);
|
|
75
|
+
const isAllowedProtocol = ALLOWED_PROTOCOLS.includes(url.protocol);
|
|
76
|
+
const decodedPathname = decodeURIComponent(url.pathname).toLowerCase();
|
|
77
|
+
const isSafeExtension = !DANGEROUS_FILE_EXTENSIONS.some((ext) => decodedPathname.endsWith(ext));
|
|
78
|
+
return isAllowedProtocol && isSafeExtension;
|
|
79
|
+
}
|
|
80
|
+
catch (_a) {
|
|
81
|
+
return false;
|
|
82
|
+
}
|
|
83
|
+
}, { message: 'Must be a valid url or relative path.' });
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
/**
|
|
3
|
+
* Allows only safe absolute URLs (https), while blocking dangerous file extensions.
|
|
4
|
+
* Relative paths and mailto links are not allowed.
|
|
5
|
+
*/
|
|
6
|
+
export declare const secureUrlSchema: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
import { normalizeUrl } from './href.js';
|
|
3
|
+
const ALLOWED_PROTOCOLS = ['https:'];
|
|
4
|
+
const DANGEROUS_FILE_EXTENSIONS = ['.svg', '.exe', '.zip'];
|
|
5
|
+
/**
|
|
6
|
+
* Allows only safe absolute URLs (https), while blocking dangerous file extensions.
|
|
7
|
+
* Relative paths and mailto links are not allowed.
|
|
8
|
+
*/
|
|
9
|
+
export const secureUrlSchema = z
|
|
10
|
+
.string()
|
|
11
|
+
.url()
|
|
12
|
+
.transform(normalizeUrl)
|
|
13
|
+
.refine((value) => {
|
|
14
|
+
try {
|
|
15
|
+
const url = new URL(value);
|
|
16
|
+
const isAllowedProtocol = ALLOWED_PROTOCOLS.includes(url.protocol);
|
|
17
|
+
const decodedPathname = decodeURIComponent(url.pathname).toLowerCase();
|
|
18
|
+
const isSafeExtension = !DANGEROUS_FILE_EXTENSIONS.some((ext) => decodedPathname.endsWith(ext));
|
|
19
|
+
return isAllowedProtocol && isSafeExtension;
|
|
20
|
+
}
|
|
21
|
+
catch (_a) {
|
|
22
|
+
return false;
|
|
23
|
+
}
|
|
24
|
+
}, { message: 'Must be a valid HTTPS URL.' });
|
|
@@ -680,12 +680,12 @@ export declare const almondConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|
|
@@ -680,12 +680,12 @@ export declare const aspenConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|
|
@@ -680,12 +680,12 @@ export declare const lindenConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|
|
@@ -680,12 +680,12 @@ export declare const mapleConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|
|
@@ -680,12 +680,12 @@ export declare const mintConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|
|
@@ -680,12 +680,12 @@ export declare const palmConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|
|
@@ -679,12 +679,12 @@ export declare const standardConfigSchema: {
|
|
|
679
679
|
global?: import("../../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
680
680
|
}>]>;
|
|
681
681
|
footer: import("zod").ZodOptional<import("zod").ZodObject<{
|
|
682
|
-
socials: import("zod").ZodOptional<import("zod").ZodRecord<import("zod").ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, import("zod").ZodString
|
|
682
|
+
socials: import("zod").ZodOptional<import("zod").ZodRecord<import("zod").ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, import("zod").ZodEffects<import("zod").ZodEffects<import("zod").ZodString, string, string>, string, string>>>;
|
|
683
683
|
links: import("zod").ZodOptional<import("zod").ZodArray<import("zod").ZodObject<{
|
|
684
684
|
header: import("zod").ZodOptional<import("zod").ZodString>;
|
|
685
685
|
items: import("zod").ZodArray<import("zod").ZodObject<{
|
|
686
686
|
label: import("zod").ZodString;
|
|
687
|
-
href: import("zod").ZodEffects<import("zod").ZodString, string, string>;
|
|
687
|
+
href: import("zod").ZodEffects<import("zod").ZodEffects<import("zod").ZodString, string, string>, string, string>;
|
|
688
688
|
}, "strip", import("zod").ZodTypeAny, {
|
|
689
689
|
href: string;
|
|
690
690
|
label: string;
|
|
@@ -680,12 +680,12 @@ export declare const willowConfigSchema: z.ZodObject<{
|
|
|
680
680
|
global?: import("../properties/navigation/divisionNav.js").GlobalNavigation | undefined;
|
|
681
681
|
}>]>;
|
|
682
682
|
footer: z.ZodOptional<z.ZodObject<{
|
|
683
|
-
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodString
|
|
683
|
+
socials: z.ZodOptional<z.ZodRecord<z.ZodEnum<["x", "website", "facebook", "youtube", "discord", "slack", "github", "linkedin", "instagram", "hacker-news", "medium", "telegram", "twitter", "x-twitter", "earth-americas", "bluesky", "threads", "reddit", "podcast"]>, z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>>>;
|
|
684
684
|
links: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
685
685
|
header: z.ZodOptional<z.ZodString>;
|
|
686
686
|
items: z.ZodArray<z.ZodObject<{
|
|
687
687
|
label: z.ZodString;
|
|
688
|
-
href: z.ZodEffects<z.ZodString, string, string>;
|
|
688
|
+
href: z.ZodEffects<z.ZodEffects<z.ZodString, string, string>, string, string>;
|
|
689
689
|
}, "strip", z.ZodTypeAny, {
|
|
690
690
|
href: string;
|
|
691
691
|
label: string;
|