@plasius/images 1.0.0 → 1.0.1

package/dist-cjs/validators/index.js

@@ -1,18 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./svgValidator.js"), exports);
-__exportStar(require("./avatarValidator.js"), exports);

package/dist-cjs/validators/svgValidator.d.ts

@@ -1,18 +0,0 @@
-import type { ImageValidationResult } from "./avatarValidator.js";
-export declare function sanitiseSVG(svgText: string, options: {
-    allowedTags: string[];
-    allowedAttributes: {
-        "*": string[];
-    };
-    allowComments: boolean;
-    allowUnknownElements: boolean;
-    allowUnknownAttributes: boolean;
-}): {
-    svg: string;
-    audit: {
-        strippedTags: string[];
-        strippedAttributes: string[];
-    };
-};
-export declare function validateSvgAvatar(buffer: Buffer): Promise<ImageValidationResult>;
-//# sourceMappingURL=svgValidator.d.ts.map

package/dist-cjs/validators/svgValidator.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"svgValidator.d.ts","sourceRoot":"","sources":["../../src/validators/svgValidator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAIlE,wBAAgB,WAAW,CACzB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE;IACP,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,iBAAiB,EAAE;QAAE,GAAG,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IACrC,aAAa,EAAE,OAAO,CAAC;IACvB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,sBAAsB,EAAE,OAAO,CAAC;CACjC,GACA;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE;QAAE,YAAY,EAAE,MAAM,EAAE,CAAC;QAAC,kBAAkB,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CACjE,CA+FA;AAED,wBAAgB,iBAAiB,CAC/B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,qBAAqB,CAAC,CAkEhC"}

package/dist-cjs/validators/svgValidator.js

@@ -1,143 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.sanitiseSVG = sanitiseSVG;
-exports.validateSvgAvatar = validateSvgAvatar;
-const xmldom_1 = require("@xmldom/xmldom");
-function sanitiseSVG(svgText, options) {
-    const strippedTags = [];
-    const strippedAttributes = [];
-    const parser = new xmldom_1.DOMParser({
-        onError: (level, msg) => {
-            switch (level) {
-                case "warning":
-                    break;
-                default:
-                    throw new Error(msg);
-            }
-        },
-    });
-    const serializer = new xmldom_1.XMLSerializer();
-    const doc = parser.parseFromString(svgText, "image/svg+xml");
-    function cleanNode(node) {
-        // TODO: optionally sanitize <style> elements and inline style attributes
-        if (node === null)
-            return;
-        if (node.nodeType === 8 /* Comment */ && !options.allowComments) {
-            node.parentNode?.removeChild(node);
-            return;
-        }
-        if (node.nodeType === 1 /* Element */) {
-            const el = node;
-            const tagName = el.tagName.toLowerCase();
-            // Strip <style> elements entirely
-            if (tagName === "style") {
-                strippedTags.push(tagName);
-                node.parentNode?.removeChild(node);
-                return;
-            }
-            if (!options.allowedTags.includes(tagName) &&
-                !options.allowUnknownElements) {
-                strippedTags.push(tagName);
-                node.parentNode?.removeChild(node);
-                return;
-            }
-            // Clean attributes
-            const allowedAttrs = options.allowedAttributes["*"] || [];
-            const toRemove = [];
-            for (const attr of Array.from(el.attributes)) {
-                const attrName = attr.name.toLowerCase();
-                if (attrName.startsWith("on")) {
-                    toRemove.push(attr.name);
-                    strippedAttributes.push(`${tagName}.${attr.name}`);
-                    continue;
-                }
-                if (attrName === "xlink:href" || attrName === "xmlns:xlink") {
-                    toRemove.push(attr.name);
-                    strippedAttributes.push(`${tagName}.${attr.name}`);
-                    continue;
-                }
-                if (attrName === "style") {
-                    toRemove.push(attr.name);
-                    strippedAttributes.push(`${tagName}.${attr.name}`);
-                    continue;
-                }
-                if (!allowedAttrs.includes(attr.name) &&
-                    !options.allowUnknownAttributes) {
-                    toRemove.push(attr.name);
-                    strippedAttributes.push(`${tagName}.${attr.name}`);
-                }
-            }
-            toRemove.forEach((attrName) => el.removeAttribute(attrName));
-        }
-        // Recursively clean children
-        const children = Array.from(node.childNodes);
-        children.forEach((child) => cleanNode(child));
-    }
-    cleanNode(doc.documentElement);
-    return {
-        svg: serializer.serializeToString(doc),
-        audit: { strippedTags, strippedAttributes },
-    };
-}
-function validateSvgAvatar(buffer) {
-    const svgText = buffer.toString("utf8");
-    const { svg: cleanSvg } = sanitiseSVG(svgText, {
-        allowedTags: [
-            "svg",
-            "g",
-            "rect",
-            "circle",
-            "ellipse",
-            "line",
-            "polygon",
-            "polyline",
-            "path",
-            "text",
-            "title",
-            "desc",
-        ],
-        allowedAttributes: {
-            "*": [
-                "width",
-                "height",
-                "viewBox",
-                "xmlns",
-                "transform",
-                "x",
-                "y",
-                "cx",
-                "cy",
-                "r",
-                "rx",
-                "ry",
-                "x1",
-                "y1",
-                "x2",
-                "y2",
-                "points",
-                "d",
-                "fill",
-                "stroke",
-                "stroke-width",
-                "font-family",
-                "font-size",
-                "text-anchor",
-            ],
-        },
-        allowComments: false,
-        allowUnknownElements: false,
-        allowUnknownAttributes: false,
-    });
-    const cleanBuffer = Buffer.from(cleanSvg, "utf8");
-    // Basic sanity checks
-    if (cleanBuffer.length > 256 * 1024) {
-        throw new Error("SVG too large (max 256 KB)");
-    }
-    return Promise.resolve({
-        width: 0, // SVG is scalable, can’t guarantee pixel dimensions
-        height: 0,
-        format: "svg",
-        size: cleanBuffer.length,
-        safeBuffer: cleanBuffer,
-    });
-}