@schukai/monster 4.25.5 → 4.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,25 @@
|
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
|
|
5
|
+
## [4.27.0] - 2025-07-03
|
|
6
|
+
|
|
7
|
+
### Add Features
|
|
8
|
+
|
|
9
|
+
- Increase digits option and improve attribute observation [#330](https://gitlab.schukai.com/oss/libraries/javascript/monster/issues/330)
|
|
10
|
+
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
## [4.26.0] - 2025-07-03
|
|
14
|
+
|
|
15
|
+
### Add Features
|
|
16
|
+
|
|
17
|
+
- Improve random UUID generation check [#330](https://gitlab.schukai.com/oss/libraries/javascript/monster/issues/330)
|
|
18
|
+
### Bug Fixes
|
|
19
|
+
|
|
20
|
+
- Add HTML escaping for message headers to prevent XSS
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
|
|
5
24
|
## [4.25.5] - 2025-07-03
|
|
6
25
|
|
|
7
26
|
### Bug Fixes
|
package/package.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"author":"schukai GmbH","dependencies":{"@floating-ui/dom":"^1.7.2","@popperjs/core":"^2.11.8"},"description":"Monster is a simple library for creating fast, robust and lightweight websites.","homepage":"https://monsterjs.org/","keywords":["framework","web","dom","css","sass","mobile-first","app","front-end","templates","schukai","core","shopcloud","alvine","monster","buildmap","stack","observer","observable","uuid","node","nodelist","css-in-js","logger","log","theme"],"license":"AGPL 3.0","main":"source/monster.mjs","module":"source/monster.mjs","name":"@schukai/monster","repository":{"type":"git","url":"https://gitlab.schukai.com/oss/libraries/javascript/monster.git"},"type":"module","version":"4.
|
|
1
|
+
{"author":"schukai GmbH","dependencies":{"@floating-ui/dom":"^1.7.2","@popperjs/core":"^2.11.8"},"description":"Monster is a simple library for creating fast, robust and lightweight websites.","homepage":"https://monsterjs.org/","keywords":["framework","web","dom","css","sass","mobile-first","app","front-end","templates","schukai","core","shopcloud","alvine","monster","buildmap","stack","observer","observable","uuid","node","nodelist","css-in-js","logger","log","theme"],"license":"AGPL 3.0","main":"source/monster.mjs","module":"source/monster.mjs","name":"@schukai/monster","repository":{"type":"git","url":"https://gitlab.schukai.com/oss/libraries/javascript/monster.git"},"type":"module","version":"4.27.0"}
|
|
@@ -193,6 +193,15 @@ class MessageContent extends CustomElement {
|
|
|
193
193
|
this.setOption("message.subject", message?.subject || null);
|
|
194
194
|
this.setOption("message.messageID", message?.messageID || null);
|
|
195
195
|
|
|
196
|
+
function escapeHTML(str) {
|
|
197
|
+
return str
|
|
198
|
+
.replace(/&/g, "&")
|
|
199
|
+
.replace(/</g, "<")
|
|
200
|
+
.replace(/>/g, ">")
|
|
201
|
+
.replace(/"/g, """)
|
|
202
|
+
.replace(/'/g, "'");
|
|
203
|
+
}
|
|
204
|
+
|
|
196
205
|
const headers = [];
|
|
197
206
|
for (const [key, value] of Object.entries(message?.headers || {})) {
|
|
198
207
|
if (key && value) {
|
|
@@ -200,7 +209,8 @@ class MessageContent extends CustomElement {
|
|
|
200
209
|
if (isArray(valueString)) {
|
|
201
210
|
valueString = "<ul>";
|
|
202
211
|
for (const item of value) {
|
|
203
|
-
|
|
212
|
+
const escapedItem = escapeHTML(item);
|
|
213
|
+
valueString += `<li>${escapedItem}</li>`;
|
|
204
214
|
}
|
|
205
215
|
valueString += "</ul>";
|
|
206
216
|
}
|
|
@@ -132,7 +132,7 @@ class Digits extends CustomControl {
|
|
|
132
132
|
main: getTemplate(),
|
|
133
133
|
},
|
|
134
134
|
|
|
135
|
-
digits:
|
|
135
|
+
digits: 6,
|
|
136
136
|
characterSet: "0123456789",
|
|
137
137
|
|
|
138
138
|
digitsControls: [],
|
|
@@ -184,13 +184,20 @@ function initOptionObserver() {
|
|
|
184
184
|
const self = this;
|
|
185
185
|
|
|
186
186
|
let lastValue = this.getOption("value");
|
|
187
|
+
let lastDigits = this.getOption("digits");
|
|
187
188
|
|
|
188
189
|
self.attachObserver(
|
|
189
190
|
new Observer(function () {
|
|
191
|
+
|
|
190
192
|
if (lastValue !== self.getOption("value")) {
|
|
191
193
|
lastValue = self.getOption("value");
|
|
192
194
|
updateDigitControls.call(self);
|
|
193
195
|
}
|
|
196
|
+
|
|
197
|
+
if (lastDigits !== self.getOption("digits")) {
|
|
198
|
+
lastDigits = self.getOption("digits");
|
|
199
|
+
updateDigitControls.call(self);
|
|
200
|
+
}
|
|
194
201
|
}),
|
|
195
202
|
);
|
|
196
203
|
}
|
|
@@ -237,6 +244,10 @@ function initEventHandler() {
|
|
|
237
244
|
const self = this;
|
|
238
245
|
const element = this[digitsElementSymbol];
|
|
239
246
|
|
|
247
|
+
// this[attributeObserverSymbol]['data-monster-option-digits'] = () => {
|
|
248
|
+
// this.setOption("digits", );
|
|
249
|
+
// }
|
|
250
|
+
|
|
240
251
|
element.addEventListener("keydown", function (event) {
|
|
241
252
|
if (event.target.tagName !== "INPUT") return;
|
|
242
253
|
const inputControl = event.target;
|
package/source/types/uuid.mjs
CHANGED
|
@@ -78,6 +78,6 @@ function createWithRandom() {
|
|
|
78
78
|
function createWithCrypto() {
|
|
79
79
|
const crypt = getGlobalObject("crypto");
|
|
80
80
|
if (!isObject(crypt)) return;
|
|
81
|
-
if (typeof crypt?.["randomUUID"]) return;
|
|
81
|
+
if (typeof crypt?.["randomUUID"] !== "function") return;
|
|
82
82
|
return crypt.randomUUID();
|
|
83
83
|
}
|