@trackunit/iris-app-api 0.0.171 → 0.0.172
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
This file was generated using [@jscutlery/semver](https://github.com/jscutlery/semver).
|
|
4
4
|
|
|
5
|
+
## [0.0.172](https://github.com/Trackunit/manager/compare/iris-app-api/0.0.171...iris-app-api/0.0.172) (2024-06-21)
|
|
6
|
+
|
|
5
7
|
## [0.0.171](https://github.com/Trackunit/manager/compare/iris-app-api/0.0.170...iris-app-api/0.0.171) (2024-06-11)
|
|
6
8
|
|
|
7
9
|
## [0.0.170](https://github.com/Trackunit/manager/compare/iris-app-api/0.0.169...iris-app-api/0.0.170) (2024-05-21)
|
package/package.json
CHANGED
|
@@ -29,7 +29,6 @@ export declare const WASM_UNSAFE_EVAL = "'wasm-unsafe-eval'";
|
|
|
29
29
|
export type CSPDirectives = {
|
|
30
30
|
"child-src": TFetchDirective[];
|
|
31
31
|
"connect-src": TFetchDirective[];
|
|
32
|
-
"default-src": (TFetchDirective | typeof STRICT_DYNAMIC)[];
|
|
33
32
|
"font-src": TFetchDirective[];
|
|
34
33
|
"form-action": TNavigationDirective[];
|
|
35
34
|
"frame-src": TFetchDirective[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cspDirectives.js","sourceRoot":"","sources":["../../../../../../libs/iris-app-sdk/iris-app-api/src/types/cspDirectives.ts"],"names":[],"mappings":";AAAA,EAAE;AACF,yFAAyF;AACzF,EAAE;;;AAEW,QAAA,uCAAuC,GAAG,yCAAyC,CAAC;AACpF,QAAA,gBAAgB,GAAG,oBAAoB,CAAC;AACxC,QAAA,WAAW,GAAG,aAAa,CAAC;AAC5B,QAAA,YAAY,GAAG,cAAc,CAAC;AAC9B,QAAA,sBAAsB,GAAG,wBAAwB,CAAC;AAClD,QAAA,kBAAkB,GAAG,oBAAoB,CAAC;AAC1C,QAAA,YAAY,GAAG,cAAc,CAAC;AAC9B,QAAA,8BAA8B,GAAG,gCAAgC,CAAC;AAClE,QAAA,kBAAkB,GAAG,oBAAoB,CAAC;AAC1C,QAAA,iBAAiB,GAAG,mBAAmB,CAAC;AACxC,QAAA,uCAAuC,GAAG,yCAAyC,CAAC;AACpF,QAAA,aAAa,GAAG,qBAAqB,CAAC;AACtC,QAAA,oBAAoB,GAAG,sBAAsB,CAAC;AAC9C,QAAA,uCAAuC,GAAG,yCAAyC,CAAC;AA0BpF,QAAA,IAAI,GAAG,QAAQ,CAAC;AAChB,QAAA,IAAI,GAAG,QAAQ,CAAC;AAChB,QAAA,cAAc,GAAG,kBAAkB,CAAC;AACpC,QAAA,aAAa,GAAG,iBAAiB,CAAC;AAClC,QAAA,WAAW,GAAG,eAAe,CAAC;AAC9B,QAAA,aAAa,GAAG,iBAAiB,CAAC;AAClC,QAAA,aAAa,GAAG,iBAAiB,CAAC;AAClC,QAAA,gBAAgB,GAAG,oBAAoB,CAAC","sourcesContent":["//\n// Based on types from https://www.npmjs.com/package/csp-header but adjusted to our needs\n//\n\nexport const ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = \"allow-downloads-without-user-activation\";\nexport const ALLOW_DUPLICATES = \"'allow-duplicates'\";\nexport const ALLOW_FORMS = \"allow-forms\";\nexport const ALLOW_MODALS = \"allow-modals\";\nexport const ALLOW_ORIENTATION_LOCK = \"allow-orientation-lock\";\nexport const ALLOW_POINTER_LOCK = \"allow-pointer-lock\";\nexport const ALLOW_POPUPS = \"allow-popups\";\nexport const ALLOW_POPUPS_TO_ESCAPE_SANDBOX = \"allow-popups-to-escape-sandbox\";\nexport const ALLOW_PRESENTATION = \"allow-presentation\";\nexport const ALLOW_SAME_ORIGIN = \"allow-same-origin\";\nexport const ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION = \"allow-storage-access-by-user-activation\";\nexport const ALLOW_SCRIPTS = \"allow-allow-scripts\";\nexport const ALLOW_TOP_NAVIGATION = \"allow-top-navigation\";\nexport const ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION = \"allow-top-navigation-by-user-activation\";\n\ntype TSource = string;\ntype TNonce = `nonce-${string}`;\ntype THash = `sha${\"256\" | \"384\" | \"512\"}-${string}`;\ntype TAttrDirective = THash | typeof NONE | typeof UNSAFE_INLINE | typeof UNSAFE_HASHES;\ntype TFetchDirective =\n | TSource\n | TNonce\n | THash\n | typeof NONE\n | typeof SELF\n | typeof UNSAFE_EVAL\n | typeof UNSAFE_HASHES\n | typeof UNSAFE_INLINE;\ntype TNavigationDirective =\n | TSource\n | TNonce\n | THash\n | typeof NONE\n | typeof SELF\n | typeof UNSAFE_EVAL\n | typeof UNSAFE_HASHES\n | typeof UNSAFE_INLINE\n | typeof STRICT_DYNAMIC;\n\nexport const NONE = \"'none'\";\nexport const SELF = \"'self'\";\nexport const STRICT_DYNAMIC = \"'strict-dynamic'\";\nexport const REPORT_SAMPLE = \"'report-sample'\";\nexport const UNSAFE_EVAL = \"'unsafe-eval'\";\nexport const UNSAFE_HASHES = \"'unsafe-hashes'\";\nexport const UNSAFE_INLINE = \"'unsafe-inline'\";\nexport const WASM_UNSAFE_EVAL = \"'wasm-unsafe-eval'\";\n\nexport type CSPDirectives = {\n \"child-src\": TFetchDirective[];\n \"connect-src\": TFetchDirective[];\n \"
|
|
1
|
+
{"version":3,"file":"cspDirectives.js","sourceRoot":"","sources":["../../../../../../libs/iris-app-sdk/iris-app-api/src/types/cspDirectives.ts"],"names":[],"mappings":";AAAA,EAAE;AACF,yFAAyF;AACzF,EAAE;;;AAEW,QAAA,uCAAuC,GAAG,yCAAyC,CAAC;AACpF,QAAA,gBAAgB,GAAG,oBAAoB,CAAC;AACxC,QAAA,WAAW,GAAG,aAAa,CAAC;AAC5B,QAAA,YAAY,GAAG,cAAc,CAAC;AAC9B,QAAA,sBAAsB,GAAG,wBAAwB,CAAC;AAClD,QAAA,kBAAkB,GAAG,oBAAoB,CAAC;AAC1C,QAAA,YAAY,GAAG,cAAc,CAAC;AAC9B,QAAA,8BAA8B,GAAG,gCAAgC,CAAC;AAClE,QAAA,kBAAkB,GAAG,oBAAoB,CAAC;AAC1C,QAAA,iBAAiB,GAAG,mBAAmB,CAAC;AACxC,QAAA,uCAAuC,GAAG,yCAAyC,CAAC;AACpF,QAAA,aAAa,GAAG,qBAAqB,CAAC;AACtC,QAAA,oBAAoB,GAAG,sBAAsB,CAAC;AAC9C,QAAA,uCAAuC,GAAG,yCAAyC,CAAC;AA0BpF,QAAA,IAAI,GAAG,QAAQ,CAAC;AAChB,QAAA,IAAI,GAAG,QAAQ,CAAC;AAChB,QAAA,cAAc,GAAG,kBAAkB,CAAC;AACpC,QAAA,aAAa,GAAG,iBAAiB,CAAC;AAClC,QAAA,WAAW,GAAG,eAAe,CAAC;AAC9B,QAAA,aAAa,GAAG,iBAAiB,CAAC;AAClC,QAAA,aAAa,GAAG,iBAAiB,CAAC;AAClC,QAAA,gBAAgB,GAAG,oBAAoB,CAAC","sourcesContent":["//\n// Based on types from https://www.npmjs.com/package/csp-header but adjusted to our needs\n//\n\nexport const ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = \"allow-downloads-without-user-activation\";\nexport const ALLOW_DUPLICATES = \"'allow-duplicates'\";\nexport const ALLOW_FORMS = \"allow-forms\";\nexport const ALLOW_MODALS = \"allow-modals\";\nexport const ALLOW_ORIENTATION_LOCK = \"allow-orientation-lock\";\nexport const ALLOW_POINTER_LOCK = \"allow-pointer-lock\";\nexport const ALLOW_POPUPS = \"allow-popups\";\nexport const ALLOW_POPUPS_TO_ESCAPE_SANDBOX = \"allow-popups-to-escape-sandbox\";\nexport const ALLOW_PRESENTATION = \"allow-presentation\";\nexport const ALLOW_SAME_ORIGIN = \"allow-same-origin\";\nexport const ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION = \"allow-storage-access-by-user-activation\";\nexport const ALLOW_SCRIPTS = \"allow-allow-scripts\";\nexport const ALLOW_TOP_NAVIGATION = \"allow-top-navigation\";\nexport const ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION = \"allow-top-navigation-by-user-activation\";\n\ntype TSource = string;\ntype TNonce = `nonce-${string}`;\ntype THash = `sha${\"256\" | \"384\" | \"512\"}-${string}`;\ntype TAttrDirective = THash | typeof NONE | typeof UNSAFE_INLINE | typeof UNSAFE_HASHES;\ntype TFetchDirective =\n | TSource\n | TNonce\n | THash\n | typeof NONE\n | typeof SELF\n | typeof UNSAFE_EVAL\n | typeof UNSAFE_HASHES\n | typeof UNSAFE_INLINE;\ntype TNavigationDirective =\n | TSource\n | TNonce\n | THash\n | typeof NONE\n | typeof SELF\n | typeof UNSAFE_EVAL\n | typeof UNSAFE_HASHES\n | typeof UNSAFE_INLINE\n | typeof STRICT_DYNAMIC;\n\nexport const NONE = \"'none'\";\nexport const SELF = \"'self'\";\nexport const STRICT_DYNAMIC = \"'strict-dynamic'\";\nexport const REPORT_SAMPLE = \"'report-sample'\";\nexport const UNSAFE_EVAL = \"'unsafe-eval'\";\nexport const UNSAFE_HASHES = \"'unsafe-hashes'\";\nexport const UNSAFE_INLINE = \"'unsafe-inline'\";\nexport const WASM_UNSAFE_EVAL = \"'wasm-unsafe-eval'\";\n\nexport type CSPDirectives = {\n \"child-src\": TFetchDirective[];\n \"connect-src\": TFetchDirective[];\n \"font-src\": TFetchDirective[];\n \"form-action\": TNavigationDirective[];\n \"frame-src\": TFetchDirective[];\n \"img-src\": (TFetchDirective | typeof STRICT_DYNAMIC)[];\n \"media-src\": TFetchDirective[];\n sandbox: (\n | typeof ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION\n | typeof ALLOW_FORMS\n | typeof ALLOW_MODALS\n | typeof ALLOW_ORIENTATION_LOCK\n | typeof ALLOW_POINTER_LOCK\n | typeof ALLOW_POPUPS\n | typeof ALLOW_POPUPS_TO_ESCAPE_SANDBOX\n | typeof ALLOW_PRESENTATION\n | typeof ALLOW_SAME_ORIGIN\n | typeof ALLOW_SCRIPTS\n | typeof ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION\n | typeof ALLOW_TOP_NAVIGATION\n | typeof ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION\n )[];\n \"script-src\": (TFetchDirective | typeof STRICT_DYNAMIC | typeof REPORT_SAMPLE | typeof WASM_UNSAFE_EVAL)[];\n \"script-src-attr\": (TAttrDirective | typeof REPORT_SAMPLE)[];\n \"script-src-elem\": (TFetchDirective | typeof STRICT_DYNAMIC | typeof REPORT_SAMPLE)[];\n \"style-src\": TFetchDirective[] | typeof REPORT_SAMPLE;\n \"style-src-attr\": (TAttrDirective | typeof REPORT_SAMPLE)[];\n \"style-src-elem\": (TFetchDirective | typeof REPORT_SAMPLE)[];\n \"upgrade-insecure-requests\": boolean;\n \"worker-src\": TFetchDirective[];\n};\n"]}
|
|
@@ -27,7 +27,6 @@ const irisAppCspInput = (validDomains, cspHeader) => {
|
|
|
27
27
|
}
|
|
28
28
|
else if (validDomains) {
|
|
29
29
|
return {
|
|
30
|
-
"default-src": validDomains,
|
|
31
30
|
"script-src": validDomains,
|
|
32
31
|
"img-src": validDomains,
|
|
33
32
|
"worker-src": validDomains,
|
|
@@ -48,6 +47,7 @@ exports.irisAppDefaultCsp = {
|
|
|
48
47
|
"connect-src": [cspDirectives_1.SELF, "https://*.sentry.io", "https://sentry.io", ...BrandedUrls],
|
|
49
48
|
"manifest-src": [cspDirectives_1.NONE],
|
|
50
49
|
"object-src": [cspDirectives_1.NONE],
|
|
50
|
+
"font-src": [cspDirectives_1.SELF, "https://fonts.gstatic.com"],
|
|
51
51
|
"upgrade-insecure-requests": true,
|
|
52
52
|
};
|
|
53
53
|
//# sourceMappingURL=irisAppCspInput.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"irisAppCspInput.js","sourceRoot":"","sources":["../../../../../../libs/iris-app-sdk/iris-app-api/src/types/irisAppCspInput.ts"],"names":[],"mappings":";;;AAAA,mDAA2E;AAE3E,MAAM,WAAW,GAAG;IAClB,yBAAyB;IACzB,4BAA4B;IAC5B,uBAAuB;IACvB,gCAAgC;IAChC,uBAAuB;IACvB,2BAA2B;IAC3B,uBAAuB;IACvB,uBAAuB;IACvB,yBAAyB;IACzB,sBAAsB;CACvB,CAAC;AAkBF;;;;;;GAMG;AACI,MAAM,eAAe,GAAG,CAC7B,YAAuB,EACvB,SAAkC,EACV,EAAE;IAC1B,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAC;IACnB,CAAC;SAAM,IAAI,YAAY,EAAE,CAAC;QACxB,OAAO;YACL,
|
|
1
|
+
{"version":3,"file":"irisAppCspInput.js","sourceRoot":"","sources":["../../../../../../libs/iris-app-sdk/iris-app-api/src/types/irisAppCspInput.ts"],"names":[],"mappings":";;;AAAA,mDAA2E;AAE3E,MAAM,WAAW,GAAG;IAClB,yBAAyB;IACzB,4BAA4B;IAC5B,uBAAuB;IACvB,gCAAgC;IAChC,uBAAuB;IACvB,2BAA2B;IAC3B,uBAAuB;IACvB,uBAAuB;IACvB,yBAAyB;IACzB,sBAAsB;CACvB,CAAC;AAkBF;;;;;;GAMG;AACI,MAAM,eAAe,GAAG,CAC7B,YAAuB,EACvB,SAAkC,EACV,EAAE;IAC1B,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAC;IACnB,CAAC;SAAM,IAAI,YAAY,EAAE,CAAC;QACxB,OAAO;YACL,YAAY,EAAE,YAAY;YAC1B,SAAS,EAAE,YAAY;YACvB,YAAY,EAAE,YAAY;YAC1B,aAAa,EAAE,YAAY;SAC5B,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC,CAAC;AAhBW,QAAA,eAAe,mBAgB1B;AAEW,QAAA,iBAAiB,GAAG;IAC/B,aAAa,EAAE,CAAC,oBAAI,CAAC;IACrB,YAAY,EAAE,CAAC,oBAAI,CAAC;IACpB,SAAS,EAAE,CAAC,oBAAI,EAAE,mCAAmC,EAAE,iCAAiC,CAAC;IACzF,YAAY,EAAE,CAAC,oBAAI,CAAC;IACpB,WAAW,EAAE,CAAC,6BAAa,EAAE,8BAA8B,CAAC;IAC5D,aAAa,EAAE,CAAC,oBAAI,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,GAAG,WAAW,CAAC;IACjF,cAAc,EAAE,CAAC,oBAAI,CAAC;IACtB,YAAY,EAAE,CAAC,oBAAI,CAAC;IACpB,UAAU,EAAE,CAAC,oBAAI,EAAE,2BAA2B,CAAC;IAC/C,2BAA2B,EAAE,IAAI;CAClC,CAAC","sourcesContent":["import { CSPDirectives, NONE, SELF, UNSAFE_INLINE } from \"./cspDirectives\";\n\nconst BrandedUrls = [\n \"https://*.trackunit.com\",\n \"https://*.wackerneuson.com\",\n \"https://*.manitou.com\",\n \"https://*.niftylinkmanager.com\",\n \"https://*.skyjack.com\",\n \"https://*.ahernaccess.com\",\n \"https://*.magnith.com\",\n \"https://*.terberg.com\",\n \"https://*.mymecalac.com\",\n \"https://*.delille.be\",\n];\n\n/**\n * This type is used to generate the CSP input for the Iris Apps Csp Header\n */\nexport type CspDirectives = {\n directives: {\n \"default-src\": string[];\n \"script-src\": string[];\n \"worker-src\": string[];\n \"style-src\": string[];\n \"img-src\": string[];\n \"connect-src\": string[];\n \"frame-ancestors\"?: string[];\n };\n reportUri?: string;\n};\n\n/**\n * This function is used to generate the CSP input for the Iris Apps Csp Header\n *\n * @param validDomains input legacy validDomains from manifest\n * @param cspHeader input cspHeader from manifest\n * @returns the CSP input for the Iris Apps Csp Header\n */\nexport const irisAppCspInput = (\n validDomains?: string[],\n cspHeader?: Partial<CSPDirectives>\n): Partial<CSPDirectives> => {\n if (cspHeader) {\n return cspHeader;\n } else if (validDomains) {\n return {\n \"script-src\": validDomains,\n \"img-src\": validDomains,\n \"worker-src\": validDomains,\n \"connect-src\": validDomains,\n };\n } else {\n return {};\n }\n};\n\nexport const irisAppDefaultCsp = {\n \"default-src\": [SELF],\n \"script-src\": [SELF],\n \"img-src\": [SELF, \"https://images.iris.trackunit.com\", \"https://*.awsapi.trackunit.com/\"],\n \"worker-src\": [SELF],\n \"style-src\": [UNSAFE_INLINE, \"https://fonts.googleapis.com\"],\n \"connect-src\": [SELF, \"https://*.sentry.io\", \"https://sentry.io\", ...BrandedUrls],\n \"manifest-src\": [NONE],\n \"object-src\": [NONE],\n \"font-src\": [SELF, \"https://fonts.gstatic.com\"],\n \"upgrade-insecure-requests\": true,\n};\n"]}
|