npm - @webex/helper-html - Versions diffs - 3.0.0-beta.13 → 3.0.0-beta.15 - Mend

@webex/helper-html 3.0.0-beta.13 → 3.0.0-beta.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/browsers.js CHANGED Viewed

@@ -6,10 +6,10 @@
 'use strict';
-module.exports = function(browsers) {
+module.exports = function (browsers) {
   // For reasons as-yet unexplained, the html filter test suite hangs when run
   // on Safari/Sauce Labs
-  Object.keys(browsers).forEach(function(key) {
+  Object.keys(browsers).forEach(function (key) {
     if (key.indexOf('safari') !== -1) {
       delete browsers[key];
     }

package/dist/html.shim.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["removeNode","node","remove","parentElement","removeChild","i","length","Error","_filter","args","resolve","_filterSync","filter","processCallback","allowedTags","allowedStyles","html","doc","DOMParser","parseFromString","depthFirstForEach","body","childNodes","filterNode","indexOf","innerHTML","isElement","nodeName","toLowerCase","allowedTagNames","allowedAttributes","listAttributeNames","attributes","attrName","removeAttribute","attrValue","getNamedItem","value","trim","reparent","styles","split","map","style","styleName","Boolean","join","setAttribute","_filterEscape","_filterEscapeSync","escapeNode","before","document","createTextNode","after","parentNode","insertBefore","trimPattern","str","replace","attrNames","attr","push","name","list","fn","o","ownerDocument","undefined","nodeType","filterSync","filterEscape","filterEscapeSync"],"sources":["html.shim.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\n/ eslint-env browser /\n\nimport {curry, forEach, includes, reduce} from 'lodash';\n\nexport {escape, escapeSync} from './html-base';\n\n/\n Some browsers don't implement {@link Element#remove()} or\n * {@link NodeList#remove()} or {@link HTMLCollection#remove()}. This wrapper\n * calls the appropriate `#remove()` method if available, or falls back to a\n * non-global-polluting polyfill.\n * @param {Element\|NodeList\|HTMLCollection} node\n * @returns {undefined}\n /\nfunction removeNode(node) {\n if (node.remove) {\n node.remove();\n\n return;\n }\n\n if (node.parentElement) {\n node.parentElement.removeChild(node);\n\n return;\n }\n\n if ('length' in node) {\n for (let i = node.length - 1; i >= 0; i -= 1) {\n removeNode(node[i]);\n }\n\n return;\n }\n\n throw new Error('Could not find a way to remove node');\n}\n\n/\n @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filter(...args) {\n return new Promise((resolve) => {\n resolve(_filterSync(...args));\n });\n}\n\n/\n Curried async HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filter = curry(_filter, 4);\n\n/\n @param {function} processCallback callback function to do additional\n * processing on node. of the form process(node)\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filterSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = (new DOMParser()).parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n depthFirstForEach(node.childNodes, filterNode);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n }\n else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n }\n else if (attrName === 'style') {\n const styles = node\n .attributes\n .getNamedItem('style')\n .value\n .split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n }\n else {\n reparent(node);\n }\n }\n}\n\n/\n Same as _filter, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {Promise<string>}\n /\nfunction _filterEscape(...args) {\n return new Promise((resolve) => {\n resolve(_filterEscapeSync(...args));\n });\n}\n\n/\n Same as _filterSync, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {string}\n /\nfunction _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = (new DOMParser()).parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n depthFirstForEach(node.childNodes, filterNode);\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n }\n else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n }\n else if (attrName === 'style') {\n const styles = node\n .attributes\n .getNamedItem('style')\n .value\n .split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n }\n else {\n escapeNode(node);\n }\n }\n}\n\n/\n Escapes a given html node\n * @param {Node} node\n * @returns {undefined}\n /\nfunction escapeNode(node) {\n const before = document.createTextNode(`<${node.nodeName.toLowerCase()}>`);\n const after = document.createTextNode(`</${node.nodeName.toLowerCase()}>`);\n\n node.parentNode.insertBefore(before, node);\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n node.parentNode.insertBefore(after, node);\n\n removeNode(node);\n}\n\nconst trimPattern = /^\\s\|\\s$/g;\n\n/\n @param {string} str\n * @returns {string}\n /\nfunction trim(str) {\n return str.replace(trimPattern, '');\n}\n\n/\n @param {Node} node\n * @private\n * @returns {undefined}\n /\nfunction reparent(node) {\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n removeNode(node);\n}\n\n/\n @param {NamedNodeMap} attributes\n * @private\n * @returns {Array<string>}\n /\nfunction listAttributeNames(attributes) {\n return reduce(attributes, (attrNames, attr) => {\n attrNames.push(attr.name);\n\n return attrNames;\n }, []);\n}\n\n/\n @param {Array} list\n * @param {Function} fn\n * @private\n * @returns {undefined}\n /\nfunction depthFirstForEach(list, fn) {\n for (let i = list.length; i >= 0; i -= 1) {\n fn(list[i]);\n }\n}\n\n/\n @param {Node} o\n * @private\n * @returns {Boolean}\n /\nfunction isElement(o) {\n if (!o) {\n return false;\n }\n\n if (o.ownerDocument === undefined) {\n return false;\n }\n\n if (o.nodeType !== 1) {\n return false;\n }\n\n if (typeof o.nodeName !== 'string') {\n return false;\n }\n\n return true;\n}\n\n/\n Curried HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filterSync = curry(_filterSync, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {Promise<string>}\n /\nexport const filterEscape = curry(_filterEscape, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n */\nexport const filterEscapeSync = curry(_filterEscapeSync, 4);\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAQA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,UAAT,CAAoBC,IAApB,EAA0B;EACxB,IAAIA,IAAI,CAACC,MAAT,EAAiB;IACfD,IAAI,CAACC,MAAL;IAEA;EACD;;EAED,IAAID,IAAI,CAACE,aAAT,EAAwB;IACtBF,IAAI,CAACE,aAAL,CAAmBC,WAAnB,CAA+BH,IAA/B;IAEA;EACD;;EAED,IAAI,YAAYA,IAAhB,EAAsB;IACpB,KAAK,IAAII,CAAC,GAAGJ,IAAI,CAACK,MAAL,GAAc,CAA3B,EAA8BD,CAAC,IAAI,CAAnC,EAAsCA,CAAC,IAAI,CAA3C,EAA8C;MAC5CL,UAAU,CAACC,IAAI,CAACI,CAAD,CAAL,CAAV;IACD;;IAED;EACD;;EAED,MAAM,IAAIE,KAAJ,CAAU,qCAAV,CAAN;AACD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASC,OAAT,GAA0B;EAAA,kCAANC,IAAM;IAANA,IAAM;EAAA;;EACxB,OAAO,qBAAY,UAACC,OAAD,EAAa;IAC9BA,OAAO,CAACC,WAAW,MAAX,SAAeF,IAAf,CAAD,CAAP;EACD,CAFM,CAAP;AAGD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAMG,MAAM,GAAG,qBAAMJ,OAAN,EAAe,CAAf,CAAf;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AACA,SAASG,WAAT,CAAqBE,eAArB,EAAsCC,WAAtC,EAAmDC,aAAnD,EAAkEC,IAAlE,EAAwE;EACtE,IAAI,CAACA,IAAD,IAAS,CAACD,aAAV,IAA2B,CAACD,WAAhC,EAA6C;IAC3C,IAAIE,IAAI,CAACV,MAAL,KAAgB,CAApB,EAAuB;MACrB,OAAOU,IAAP;IACD;;IAED,MAAM,IAAIT,KAAJ,CAAU,6DAAV,CAAN;EACD;;EAED,IAAMU,GAAG,GAAI,IAAIC,SAAJ,EAAD,CAAkBC,eAAlB,CAAkCH,IAAlC,EAAwC,WAAxC,CAAZ;EAEAI,iBAAiB,CAACH,GAAG,CAACI,IAAJ,CAASC,UAAV,EAAsBC,UAAtB,CAAjB;EACAV,eAAe,CAACI,GAAG,CAACI,IAAL,CAAf;;EAEA,IAAIL,IAAI,CAACQ,OAAL,CAAa,MAAb,MAAyB,CAA7B,EAAgC;IAC9B,uBAAgBP,GAAG,CAACI,IAAJ,CAASI,SAAzB;EACD;;EAED,OAAOR,GAAG,CAACI,IAAJ,CAASI,SAAhB;EAEA;AACF;AACA;AACA;AACA;;EACE,SAASF,UAAT,CAAoBtB,IAApB,EAA0B;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAD,CAAd,EAAsB;MACpB;IACD;;IAED,IAAM0B,QAAQ,GAAG1B,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAAjB;IACA,IAAMC,eAAe,GAAG,mBAAYf,WAAZ,CAAxB;IAEAM,iBAAiB,CAACnB,IAAI,CAACqB,UAAN,EAAkBC,UAAlB,CAAjB;;IAEA,IAAI,wBAASM,eAAT,EAA0BF,QAA1B,CAAJ,EAAyC;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAD,CAArC;MAEA,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAN,CAA1B,EAA6C,UAACC,QAAD,EAAc;QACzD,IAAI,CAAC,wBAASH,iBAAT,EAA4BG,QAA5B,CAAL,EAA4C;UAC1ChC,IAAI,CAACiC,eAAL,CAAqBD,QAArB;QACD,CAFD,MAGK,IAAIA,QAAQ,KAAK,MAAb,IAAuBA,QAAQ,KAAK,KAAxC,EAA+C;UAClD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAL,CAAgBI,YAAhB,CAA6BH,QAA7B,EAAuCI,KAAvC,CAA6CC,IAA7C,GAAoDV,WAApD,EAAlB,CADkD,CAGlD;UACA;UACA;;UACA,IAAIO,SAAS,CAACX,OAAV,CAAkB,aAAlB,MAAqC,CAArC,IAA0CW,SAAS,CAACX,OAAV,CAAkB,WAAlB,MAAmC,CAAjF,EAAoF;YAClFe,QAAQ,CAACtC,IAAD,CAAR;UACD;QACF,CATI,MAUA,IAAIgC,QAAQ,KAAK,OAAjB,EAA0B;UAC7B,IAAMO,MAAM,GAAGvC,IAAI,CAChB+B,UADY,CAEZI,YAFY,CAEC,OAFD,EAGZC,KAHY,CAIZI,KAJY,CAIN,GAJM,EAKZC,GALY,CAKR,UAACC,KAAD,EAAW;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAN,CAAY,GAAZ,EAAiB,CAAjB,CAAD,CAAtB;;YAEA,IAAI,wBAAS1B,aAAT,EAAwB6B,SAAxB,CAAJ,EAAwC;cACtC,OAAOD,KAAP;YACD;;YAED,OAAO,IAAP;UACD,CAbY,EAcZ/B,MAdY,CAcL,UAAC+B,KAAD;YAAA,OAAWE,OAAO,CAACF,KAAD,CAAlB;UAAA,CAdK,EAeZG,IAfY,CAeP,GAfO,CAAf;UAiBA7C,IAAI,CAAC8C,YAAL,CAAkB,OAAlB,EAA2BP,MAA3B;QACD;MACF,CAlCD;IAmCD,CAtCD,MAuCK;MACHD,QAAQ,CAACtC,IAAD,CAAR;IACD;EACF;AACF;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAAS+C,aAAT,GAAgC;EAAA,mCAANvC,IAAM;IAANA,IAAM;EAAA;;EAC9B,OAAO,qBAAY,UAACC,OAAD,EAAa;IAC9BA,OAAO,CAACuC,iBAAiB,MAAjB,SAAqBxC,IAArB,CAAD,CAAP;EACD,CAFM,CAAP;AAGD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASwC,iBAAT,CAA2BpC,eAA3B,EAA4CC,WAA5C,EAAyDC,aAAzD,EAAwEC,IAAxE,EAA8E;EAC5E,IAAI,CAACA,IAAD,IAAS,CAACD,aAAV,IAA2B,CAACD,WAAhC,EAA6C;IAC3C,IAAIE,IAAI,CAACV,MAAL,KAAgB,CAApB,EAAuB;MACrB,OAAOU,IAAP;IACD;;IAED,MAAM,IAAIT,KAAJ,CAAU,6DAAV,CAAN;EACD;;EAED,IAAMU,GAAG,GAAI,IAAIC,SAAJ,EAAD,CAAkBC,eAAlB,CAAkCH,IAAlC,EAAwC,WAAxC,CAAZ;EAEAI,iBAAiB,CAACH,GAAG,CAACI,IAAJ,CAASC,UAAV,EAAsBC,UAAtB,CAAjB;EACAV,eAAe,CAACI,GAAG,CAACI,IAAL,CAAf;;EAEA,IAAIL,IAAI,CAACQ,OAAL,CAAa,MAAb,MAAyB,CAA7B,EAAgC;IAC9B,uBAAgBP,GAAG,CAACI,IAAJ,CAASI,SAAzB;EACD;;EAED,OAAOR,GAAG,CAACI,IAAJ,CAASI,SAAhB;EAEA;AACF;AACA;AACA;AACA;;EACE,SAASF,UAAT,CAAoBtB,IAApB,EAA0B;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAD,CAAd,EAAsB;MACpB;IACD;;IAEDmB,iBAAiB,CAACnB,IAAI,CAACqB,UAAN,EAAkBC,UAAlB,CAAjB;IAEA,IAAMI,QAAQ,GAAG1B,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAAjB;IACA,IAAMC,eAAe,GAAG,mBAAYf,WAAZ,CAAxB;;IAEA,IAAI,wBAASe,eAAT,EAA0BF,QAA1B,CAAJ,EAAyC;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAD,CAArC;MAEA,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAN,CAA1B,EAA6C,UAACC,QAAD,EAAc;QACzD,IAAI,CAAC,wBAASH,iBAAT,EAA4BG,QAA5B,CAAL,EAA4C;UAC1ChC,IAAI,CAACiC,eAAL,CAAqBD,QAArB;QACD,CAFD,MAGK,IAAIA,QAAQ,KAAK,MAAb,IAAuBA,QAAQ,KAAK,KAAxC,EAA+C;UAClD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAL,CAAgBI,YAAhB,CAA6BH,QAA7B,EAAuCI,KAAvC,CAA6CT,WAA7C,EAAlB,CADkD,CAGlD;UACA;UACA;;UACA,IAAIO,SAAS,CAACX,OAAV,CAAkB,aAAlB,MAAqC,CAArC,IAA0CW,SAAS,CAACX,OAAV,CAAkB,WAAlB,MAAmC,CAAjF,EAAoF;YAClFe,QAAQ,CAACtC,IAAD,CAAR;UACD;QACF,CATI,MAUA,IAAIgC,QAAQ,KAAK,OAAjB,EAA0B;UAC7B,IAAMO,MAAM,GAAGvC,IAAI,CAChB+B,UADY,CAEZI,YAFY,CAEC,OAFD,EAGZC,KAHY,CAIZI,KAJY,CAIN,GAJM,EAKZC,GALY,CAKR,UAACC,KAAD,EAAW;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAN,CAAY,GAAZ,EAAiB,CAAjB,CAAD,CAAtB;;YAEA,IAAI,wBAAS1B,aAAT,EAAwB6B,SAAxB,CAAJ,EAAwC;cACtC,OAAOD,KAAP;YACD;;YAED,OAAO,IAAP;UACD,CAbY,EAcZ/B,MAdY,CAcL,UAAC+B,KAAD;YAAA,OAAWE,OAAO,CAACF,KAAD,CAAlB;UAAA,CAdK,EAeZG,IAfY,CAeP,GAfO,CAAf;UAiBA7C,IAAI,CAAC8C,YAAL,CAAkB,OAAlB,EAA2BP,MAA3B;QACD;MACF,CAlCD;IAmCD,CAtCD,MAuCK;MACHU,UAAU,CAACjD,IAAD,CAAV;IACD;EACF;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASiD,UAAT,CAAoBjD,IAApB,EAA0B;EACxB,IAAMkD,MAAM,GAAGC,QAAQ,CAACC,cAAT,YAA4BpD,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAA5B,OAAf;EACA,IAAM0B,KAAK,GAAGF,QAAQ,CAACC,cAAT,aAA6BpD,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAA7B,OAAd;EAEA3B,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BL,MAA7B,EAAqClD,IAArC;;EACA,OAAOA,IAAI,CAACqB,UAAL,CAAgBhB,MAAhB,GAAyB,CAAhC,EAAmC;IACjCL,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BvD,IAAI,CAACqB,UAAL,CAAgB,CAAhB,CAA7B,EAAiDrB,IAAjD;EACD;;EACDA,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BF,KAA7B,EAAoCrD,IAApC;EAEAD,UAAU,CAACC,IAAD,CAAV;AACD;;AAED,IAAMwD,WAAW,GAAG,UAApB;AAEA;AACA;AACA;AACA;;AACA,SAASnB,IAAT,CAAcoB,GAAd,EAAmB;EACjB,OAAOA,GAAG,CAACC,OAAJ,CAAYF,WAAZ,EAAyB,EAAzB,CAAP;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASlB,QAAT,CAAkBtC,IAAlB,EAAwB;EACtB,OAAOA,IAAI,CAACqB,UAAL,CAAgBhB,MAAhB,GAAyB,CAAhC,EAAmC;IACjCL,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BvD,IAAI,CAACqB,UAAL,CAAgB,CAAhB,CAA7B,EAAiDrB,IAAjD;EACD;;EACDD,UAAU,CAACC,IAAD,CAAV;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,SAAS8B,kBAAT,CAA4BC,UAA5B,EAAwC;EACtC,OAAO,sBAAOA,UAAP,EAAmB,UAAC4B,SAAD,EAAYC,IAAZ,EAAqB;IAC7CD,SAAS,CAACE,IAAV,CAAeD,IAAI,CAACE,IAApB;IAEA,OAAOH,SAAP;EACD,CAJM,EAIJ,EAJI,CAAP;AAKD;AAED;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASxC,iBAAT,CAA2B4C,IAA3B,EAAiCC,EAAjC,EAAqC;EACnC,KAAK,IAAI5D,CAAC,GAAG2D,IAAI,CAAC1D,MAAlB,EAA0BD,CAAC,IAAI,CAA/B,EAAkCA,CAAC,IAAI,CAAvC,EAA0C;IACxC4D,EAAE,CAACD,IAAI,CAAC3D,CAAD,CAAL,CAAF;EACD;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASqB,SAAT,CAAmBwC,CAAnB,EAAsB;EACpB,IAAI,CAACA,CAAL,EAAQ;IACN,OAAO,KAAP;EACD;;EAED,IAAIA,CAAC,CAACC,aAAF,KAAoBC,SAAxB,EAAmC;IACjC,OAAO,KAAP;EACD;;EAED,IAAIF,CAAC,CAACG,QAAF,KAAe,CAAnB,EAAsB;IACpB,OAAO,KAAP;EACD;;EAED,IAAI,OAAOH,CAAC,CAACvC,QAAT,KAAsB,QAA1B,EAAoC;IAClC,OAAO,KAAP;EACD;;EAED,OAAO,IAAP;AACD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAM2C,UAAU,GAAG,qBAAM3D,WAAN,EAAmB,CAAnB,CAAnB;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAM4D,YAAY,GAAG,qBAAMvB,aAAN,EAAqB,CAArB,CAArB;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAMwB,gBAAgB,GAAG,qBAAMvB,iBAAN,EAAyB,CAAzB,CAAzB"}
1	+ {"version":3,"names":["removeNode","node","remove","parentElement","removeChild","i","length","Error","_filter","args","resolve","_filterSync","filter","processCallback","allowedTags","allowedStyles","html","doc","DOMParser","parseFromString","depthFirstForEach","body","childNodes","filterNode","indexOf","innerHTML","isElement","nodeName","toLowerCase","allowedTagNames","allowedAttributes","listAttributeNames","attributes","attrName","removeAttribute","attrValue","getNamedItem","value","trim","reparent","styles","split","map","style","styleName","Boolean","join","setAttribute","_filterEscape","_filterEscapeSync","escapeNode","before","document","createTextNode","after","parentNode","insertBefore","trimPattern","str","replace","attrNames","attr","push","name","list","fn","o","ownerDocument","undefined","nodeType","filterSync","filterEscape","filterEscapeSync"],"sources":["html.shim.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\n/ eslint-env browser /\n\nimport {curry, forEach, includes, reduce} from 'lodash';\n\nexport {escape, escapeSync} from './html-base';\n\n/\n Some browsers don't implement {@link Element#remove()} or\n * {@link NodeList#remove()} or {@link HTMLCollection#remove()}. This wrapper\n * calls the appropriate `#remove()` method if available, or falls back to a\n * non-global-polluting polyfill.\n * @param {Element\|NodeList\|HTMLCollection} node\n * @returns {undefined}\n /\nfunction removeNode(node) {\n if (node.remove) {\n node.remove();\n\n return;\n }\n\n if (node.parentElement) {\n node.parentElement.removeChild(node);\n\n return;\n }\n\n if ('length' in node) {\n for (let i = node.length - 1; i >= 0; i -= 1) {\n removeNode(node[i]);\n }\n\n return;\n }\n\n throw new Error('Could not find a way to remove node');\n}\n\n/\n @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filter(...args) {\n return new Promise((resolve) => {\n resolve(_filterSync(...args));\n });\n}\n\n/\n Curried async HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filter = curry(_filter, 4);\n\n/\n @param {function} processCallback callback function to do additional\n * processing on node. of the form process(node)\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filterSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = new DOMParser().parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n depthFirstForEach(node.childNodes, filterNode);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n } else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n } else if (attrName === 'style') {\n const styles = node.attributes\n .getNamedItem('style')\n .value.split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n } else {\n reparent(node);\n }\n }\n}\n\n/\n Same as _filter, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {Promise<string>}\n /\nfunction _filterEscape(...args) {\n return new Promise((resolve) => {\n resolve(_filterEscapeSync(...args));\n });\n}\n\n/\n Same as _filterSync, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {string}\n /\nfunction _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = new DOMParser().parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n depthFirstForEach(node.childNodes, filterNode);\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n } else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n } else if (attrName === 'style') {\n const styles = node.attributes\n .getNamedItem('style')\n .value.split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n } else {\n escapeNode(node);\n }\n }\n}\n\n/\n Escapes a given html node\n * @param {Node} node\n * @returns {undefined}\n /\nfunction escapeNode(node) {\n const before = document.createTextNode(`<${node.nodeName.toLowerCase()}>`);\n const after = document.createTextNode(`</${node.nodeName.toLowerCase()}>`);\n\n node.parentNode.insertBefore(before, node);\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n node.parentNode.insertBefore(after, node);\n\n removeNode(node);\n}\n\nconst trimPattern = /^\\s\|\\s$/g;\n\n/\n @param {string} str\n * @returns {string}\n /\nfunction trim(str) {\n return str.replace(trimPattern, '');\n}\n\n/\n @param {Node} node\n * @private\n * @returns {undefined}\n /\nfunction reparent(node) {\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n removeNode(node);\n}\n\n/\n @param {NamedNodeMap} attributes\n * @private\n * @returns {Array<string>}\n /\nfunction listAttributeNames(attributes) {\n return reduce(\n attributes,\n (attrNames, attr) => {\n attrNames.push(attr.name);\n\n return attrNames;\n },\n []\n );\n}\n\n/\n @param {Array} list\n * @param {Function} fn\n * @private\n * @returns {undefined}\n /\nfunction depthFirstForEach(list, fn) {\n for (let i = list.length; i >= 0; i -= 1) {\n fn(list[i]);\n }\n}\n\n/\n @param {Node} o\n * @private\n * @returns {Boolean}\n /\nfunction isElement(o) {\n if (!o) {\n return false;\n }\n\n if (o.ownerDocument === undefined) {\n return false;\n }\n\n if (o.nodeType !== 1) {\n return false;\n }\n\n if (typeof o.nodeName !== 'string') {\n return false;\n }\n\n return true;\n}\n\n/\n Curried HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filterSync = curry(_filterSync, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {Promise<string>}\n /\nexport const filterEscape = curry(_filterEscape, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n */\nexport const filterEscapeSync = curry(_filterEscapeSync, 4);\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAQA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,UAAT,CAAoBC,IAApB,EAA0B;EACxB,IAAIA,IAAI,CAACC,MAAT,EAAiB;IACfD,IAAI,CAACC,MAAL;IAEA;EACD;;EAED,IAAID,IAAI,CAACE,aAAT,EAAwB;IACtBF,IAAI,CAACE,aAAL,CAAmBC,WAAnB,CAA+BH,IAA/B;IAEA;EACD;;EAED,IAAI,YAAYA,IAAhB,EAAsB;IACpB,KAAK,IAAII,CAAC,GAAGJ,IAAI,CAACK,MAAL,GAAc,CAA3B,EAA8BD,CAAC,IAAI,CAAnC,EAAsCA,CAAC,IAAI,CAA3C,EAA8C;MAC5CL,UAAU,CAACC,IAAI,CAACI,CAAD,CAAL,CAAV;IACD;;IAED;EACD;;EAED,MAAM,IAAIE,KAAJ,CAAU,qCAAV,CAAN;AACD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASC,OAAT,GAA0B;EAAA,kCAANC,IAAM;IAANA,IAAM;EAAA;;EACxB,OAAO,qBAAY,UAACC,OAAD,EAAa;IAC9BA,OAAO,CAACC,WAAW,MAAX,SAAeF,IAAf,CAAD,CAAP;EACD,CAFM,CAAP;AAGD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAMG,MAAM,GAAG,qBAAMJ,OAAN,EAAe,CAAf,CAAf;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AACA,SAASG,WAAT,CAAqBE,eAArB,EAAsCC,WAAtC,EAAmDC,aAAnD,EAAkEC,IAAlE,EAAwE;EACtE,IAAI,CAACA,IAAD,IAAS,CAACD,aAAV,IAA2B,CAACD,WAAhC,EAA6C;IAC3C,IAAIE,IAAI,CAACV,MAAL,KAAgB,CAApB,EAAuB;MACrB,OAAOU,IAAP;IACD;;IAED,MAAM,IAAIT,KAAJ,CAAU,6DAAV,CAAN;EACD;;EAED,IAAMU,GAAG,GAAG,IAAIC,SAAJ,GAAgBC,eAAhB,CAAgCH,IAAhC,EAAsC,WAAtC,CAAZ;EAEAI,iBAAiB,CAACH,GAAG,CAACI,IAAJ,CAASC,UAAV,EAAsBC,UAAtB,CAAjB;EACAV,eAAe,CAACI,GAAG,CAACI,IAAL,CAAf;;EAEA,IAAIL,IAAI,CAACQ,OAAL,CAAa,MAAb,MAAyB,CAA7B,EAAgC;IAC9B,uBAAgBP,GAAG,CAACI,IAAJ,CAASI,SAAzB;EACD;;EAED,OAAOR,GAAG,CAACI,IAAJ,CAASI,SAAhB;EAEA;AACF;AACA;AACA;AACA;;EACE,SAASF,UAAT,CAAoBtB,IAApB,EAA0B;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAD,CAAd,EAAsB;MACpB;IACD;;IAED,IAAM0B,QAAQ,GAAG1B,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAAjB;IACA,IAAMC,eAAe,GAAG,mBAAYf,WAAZ,CAAxB;IAEAM,iBAAiB,CAACnB,IAAI,CAACqB,UAAN,EAAkBC,UAAlB,CAAjB;;IAEA,IAAI,wBAASM,eAAT,EAA0BF,QAA1B,CAAJ,EAAyC;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAD,CAArC;MAEA,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAN,CAA1B,EAA6C,UAACC,QAAD,EAAc;QACzD,IAAI,CAAC,wBAASH,iBAAT,EAA4BG,QAA5B,CAAL,EAA4C;UAC1ChC,IAAI,CAACiC,eAAL,CAAqBD,QAArB;QACD,CAFD,MAEO,IAAIA,QAAQ,KAAK,MAAb,IAAuBA,QAAQ,KAAK,KAAxC,EAA+C;UACpD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAL,CAAgBI,YAAhB,CAA6BH,QAA7B,EAAuCI,KAAvC,CAA6CC,IAA7C,GAAoDV,WAApD,EAAlB,CADoD,CAGpD;UACA;UACA;;UACA,IAAIO,SAAS,CAACX,OAAV,CAAkB,aAAlB,MAAqC,CAArC,IAA0CW,SAAS,CAACX,OAAV,CAAkB,WAAlB,MAAmC,CAAjF,EAAoF;YAClFe,QAAQ,CAACtC,IAAD,CAAR;UACD;QACF,CATM,MASA,IAAIgC,QAAQ,KAAK,OAAjB,EAA0B;UAC/B,IAAMO,MAAM,GAAGvC,IAAI,CAAC+B,UAAL,CACZI,YADY,CACC,OADD,EAEZC,KAFY,CAENI,KAFM,CAEA,GAFA,EAGZC,GAHY,CAGR,UAACC,KAAD,EAAW;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAN,CAAY,GAAZ,EAAiB,CAAjB,CAAD,CAAtB;;YAEA,IAAI,wBAAS1B,aAAT,EAAwB6B,SAAxB,CAAJ,EAAwC;cACtC,OAAOD,KAAP;YACD;;YAED,OAAO,IAAP;UACD,CAXY,EAYZ/B,MAZY,CAYL,UAAC+B,KAAD;YAAA,OAAWE,OAAO,CAACF,KAAD,CAAlB;UAAA,CAZK,EAaZG,IAbY,CAaP,GAbO,CAAf;UAeA7C,IAAI,CAAC8C,YAAL,CAAkB,OAAlB,EAA2BP,MAA3B;QACD;MACF,CA9BD;IA+BD,CAlCD,MAkCO;MACLD,QAAQ,CAACtC,IAAD,CAAR;IACD;EACF;AACF;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAAS+C,aAAT,GAAgC;EAAA,mCAANvC,IAAM;IAANA,IAAM;EAAA;;EAC9B,OAAO,qBAAY,UAACC,OAAD,EAAa;IAC9BA,OAAO,CAACuC,iBAAiB,MAAjB,SAAqBxC,IAArB,CAAD,CAAP;EACD,CAFM,CAAP;AAGD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASwC,iBAAT,CAA2BpC,eAA3B,EAA4CC,WAA5C,EAAyDC,aAAzD,EAAwEC,IAAxE,EAA8E;EAC5E,IAAI,CAACA,IAAD,IAAS,CAACD,aAAV,IAA2B,CAACD,WAAhC,EAA6C;IAC3C,IAAIE,IAAI,CAACV,MAAL,KAAgB,CAApB,EAAuB;MACrB,OAAOU,IAAP;IACD;;IAED,MAAM,IAAIT,KAAJ,CAAU,6DAAV,CAAN;EACD;;EAED,IAAMU,GAAG,GAAG,IAAIC,SAAJ,GAAgBC,eAAhB,CAAgCH,IAAhC,EAAsC,WAAtC,CAAZ;EAEAI,iBAAiB,CAACH,GAAG,CAACI,IAAJ,CAASC,UAAV,EAAsBC,UAAtB,CAAjB;EACAV,eAAe,CAACI,GAAG,CAACI,IAAL,CAAf;;EAEA,IAAIL,IAAI,CAACQ,OAAL,CAAa,MAAb,MAAyB,CAA7B,EAAgC;IAC9B,uBAAgBP,GAAG,CAACI,IAAJ,CAASI,SAAzB;EACD;;EAED,OAAOR,GAAG,CAACI,IAAJ,CAASI,SAAhB;EAEA;AACF;AACA;AACA;AACA;;EACE,SAASF,UAAT,CAAoBtB,IAApB,EAA0B;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAD,CAAd,EAAsB;MACpB;IACD;;IAEDmB,iBAAiB,CAACnB,IAAI,CAACqB,UAAN,EAAkBC,UAAlB,CAAjB;IAEA,IAAMI,QAAQ,GAAG1B,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAAjB;IACA,IAAMC,eAAe,GAAG,mBAAYf,WAAZ,CAAxB;;IAEA,IAAI,wBAASe,eAAT,EAA0BF,QAA1B,CAAJ,EAAyC;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAD,CAArC;MAEA,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAN,CAA1B,EAA6C,UAACC,QAAD,EAAc;QACzD,IAAI,CAAC,wBAASH,iBAAT,EAA4BG,QAA5B,CAAL,EAA4C;UAC1ChC,IAAI,CAACiC,eAAL,CAAqBD,QAArB;QACD,CAFD,MAEO,IAAIA,QAAQ,KAAK,MAAb,IAAuBA,QAAQ,KAAK,KAAxC,EAA+C;UACpD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAL,CAAgBI,YAAhB,CAA6BH,QAA7B,EAAuCI,KAAvC,CAA6CT,WAA7C,EAAlB,CADoD,CAGpD;UACA;UACA;;UACA,IAAIO,SAAS,CAACX,OAAV,CAAkB,aAAlB,MAAqC,CAArC,IAA0CW,SAAS,CAACX,OAAV,CAAkB,WAAlB,MAAmC,CAAjF,EAAoF;YAClFe,QAAQ,CAACtC,IAAD,CAAR;UACD;QACF,CATM,MASA,IAAIgC,QAAQ,KAAK,OAAjB,EAA0B;UAC/B,IAAMO,MAAM,GAAGvC,IAAI,CAAC+B,UAAL,CACZI,YADY,CACC,OADD,EAEZC,KAFY,CAENI,KAFM,CAEA,GAFA,EAGZC,GAHY,CAGR,UAACC,KAAD,EAAW;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAN,CAAY,GAAZ,EAAiB,CAAjB,CAAD,CAAtB;;YAEA,IAAI,wBAAS1B,aAAT,EAAwB6B,SAAxB,CAAJ,EAAwC;cACtC,OAAOD,KAAP;YACD;;YAED,OAAO,IAAP;UACD,CAXY,EAYZ/B,MAZY,CAYL,UAAC+B,KAAD;YAAA,OAAWE,OAAO,CAACF,KAAD,CAAlB;UAAA,CAZK,EAaZG,IAbY,CAaP,GAbO,CAAf;UAeA7C,IAAI,CAAC8C,YAAL,CAAkB,OAAlB,EAA2BP,MAA3B;QACD;MACF,CA9BD;IA+BD,CAlCD,MAkCO;MACLU,UAAU,CAACjD,IAAD,CAAV;IACD;EACF;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASiD,UAAT,CAAoBjD,IAApB,EAA0B;EACxB,IAAMkD,MAAM,GAAGC,QAAQ,CAACC,cAAT,YAA4BpD,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAA5B,OAAf;EACA,IAAM0B,KAAK,GAAGF,QAAQ,CAACC,cAAT,aAA6BpD,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAA7B,OAAd;EAEA3B,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BL,MAA7B,EAAqClD,IAArC;;EACA,OAAOA,IAAI,CAACqB,UAAL,CAAgBhB,MAAhB,GAAyB,CAAhC,EAAmC;IACjCL,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BvD,IAAI,CAACqB,UAAL,CAAgB,CAAhB,CAA7B,EAAiDrB,IAAjD;EACD;;EACDA,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BF,KAA7B,EAAoCrD,IAApC;EAEAD,UAAU,CAACC,IAAD,CAAV;AACD;;AAED,IAAMwD,WAAW,GAAG,UAApB;AAEA;AACA;AACA;AACA;;AACA,SAASnB,IAAT,CAAcoB,GAAd,EAAmB;EACjB,OAAOA,GAAG,CAACC,OAAJ,CAAYF,WAAZ,EAAyB,EAAzB,CAAP;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASlB,QAAT,CAAkBtC,IAAlB,EAAwB;EACtB,OAAOA,IAAI,CAACqB,UAAL,CAAgBhB,MAAhB,GAAyB,CAAhC,EAAmC;IACjCL,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BvD,IAAI,CAACqB,UAAL,CAAgB,CAAhB,CAA7B,EAAiDrB,IAAjD;EACD;;EACDD,UAAU,CAACC,IAAD,CAAV;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,SAAS8B,kBAAT,CAA4BC,UAA5B,EAAwC;EACtC,OAAO,sBACLA,UADK,EAEL,UAAC4B,SAAD,EAAYC,IAAZ,EAAqB;IACnBD,SAAS,CAACE,IAAV,CAAeD,IAAI,CAACE,IAApB;IAEA,OAAOH,SAAP;EACD,CANI,EAOL,EAPK,CAAP;AASD;AAED;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASxC,iBAAT,CAA2B4C,IAA3B,EAAiCC,EAAjC,EAAqC;EACnC,KAAK,IAAI5D,CAAC,GAAG2D,IAAI,CAAC1D,MAAlB,EAA0BD,CAAC,IAAI,CAA/B,EAAkCA,CAAC,IAAI,CAAvC,EAA0C;IACxC4D,EAAE,CAACD,IAAI,CAAC3D,CAAD,CAAL,CAAF;EACD;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASqB,SAAT,CAAmBwC,CAAnB,EAAsB;EACpB,IAAI,CAACA,CAAL,EAAQ;IACN,OAAO,KAAP;EACD;;EAED,IAAIA,CAAC,CAACC,aAAF,KAAoBC,SAAxB,EAAmC;IACjC,OAAO,KAAP;EACD;;EAED,IAAIF,CAAC,CAACG,QAAF,KAAe,CAAnB,EAAsB;IACpB,OAAO,KAAP;EACD;;EAED,IAAI,OAAOH,CAAC,CAACvC,QAAT,KAAsB,QAA1B,EAAoC;IAClC,OAAO,KAAP;EACD;;EAED,OAAO,IAAP;AACD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAM2C,UAAU,GAAG,qBAAM3D,WAAN,EAAmB,CAAnB,CAAnB;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAM4D,YAAY,GAAG,qBAAMvB,aAAN,EAAqB,CAArB,CAArB;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAMwB,gBAAgB,GAAG,qBAAMvB,iBAAN,EAAyB,CAAzB,CAAzB"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@webex/helper-html",
-  "version": "3.0.0-beta.13",
+  "version": "3.0.0-beta.15",
   "description": "HTML Utiltities",
   "license": "MIT",
   "main": "dist/index.js",
@@ -24,11 +24,11 @@
     ]
   },
   "devDependencies": {
-    "@webex/test-helper-chai": "3.0.0-beta.13",
-    "@webex/test-helper-mocha": "3.0.0-beta.13"
+    "@webex/test-helper-chai": "3.0.0-beta.15",
+    "@webex/test-helper-mocha": "3.0.0-beta.15"
   },
   "dependencies": {
-    "@webex/helper-html": "3.0.0-beta.13",
+    "@webex/helper-html": "3.0.0-beta.15",
     "lodash": "^4.17.21"
   }
 }

package/src/html.shim.js CHANGED Viewed

@@ -80,7 +80,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
     throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');
   }
-  const doc = (new DOMParser()).parseFromString(html, 'text/html');
+  const doc = new DOMParser().parseFromString(html, 'text/html');
   depthFirstForEach(doc.body.childNodes, filterNode);
   processCallback(doc.body);
@@ -112,8 +112,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
       forEach(listAttributeNames(node.attributes), (attrName) => {
         if (!includes(allowedAttributes, attrName)) {
           node.removeAttribute(attrName);
-        }
-        else if (attrName === 'href' || attrName === 'src') {
+        } else if (attrName === 'href' || attrName === 'src') {
           const attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();
           // We're doing at runtime what the no-script-url rule does at compile
@@ -122,13 +121,10 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
           if (attrValue.indexOf('javascript:') === 0 || attrValue.indexOf('vbscript:') === 0) {
             reparent(node);
           }
-        }
-        else if (attrName === 'style') {
-          const styles = node
-            .attributes
+        } else if (attrName === 'style') {
+          const styles = node.attributes
             .getNamedItem('style')
-            .value
-            .split(';')
+            .value.split(';')
             .map((style) => {
               const styleName = trim(style.split(':')[0]);
@@ -144,8 +140,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
           node.setAttribute('style', styles);
         }
       });
-    }
-    else {
+    } else {
       reparent(node);
     }
   }
@@ -182,7 +177,7 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
     throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');
   }
-  const doc = (new DOMParser()).parseFromString(html, 'text/html');
+  const doc = new DOMParser().parseFromString(html, 'text/html');
   depthFirstForEach(doc.body.childNodes, filterNode);
   processCallback(doc.body);
@@ -214,8 +209,7 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
       forEach(listAttributeNames(node.attributes), (attrName) => {
         if (!includes(allowedAttributes, attrName)) {
           node.removeAttribute(attrName);
-        }
-        else if (attrName === 'href' || attrName === 'src') {
+        } else if (attrName === 'href' || attrName === 'src') {
           const attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();
           // We're doing at runtime what the no-script-url rule does at compile
@@ -224,13 +218,10 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
           if (attrValue.indexOf('javascript:') === 0 || attrValue.indexOf('vbscript:') === 0) {
             reparent(node);
           }
-        }
-        else if (attrName === 'style') {
-          const styles = node
-            .attributes
+        } else if (attrName === 'style') {
+          const styles = node.attributes
             .getNamedItem('style')
-            .value
-            .split(';')
+            .value.split(';')
             .map((style) => {
               const styleName = trim(style.split(':')[0]);
@@ -246,8 +237,7 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
           node.setAttribute('style', styles);
         }
       });
-    }
-    else {
+    } else {
       escapeNode(node);
     }
   }
@@ -299,11 +289,15 @@ function reparent(node) {
  * @returns {Array<string>}
  */
 function listAttributeNames(attributes) {
-  return reduce(attributes, (attrNames, attr) => {
-    attrNames.push(attr.name);
-    return attrNames;
-  }, []);
+  return reduce(
+    attributes,
+    (attrNames, attr) => {
+      attrNames.push(attr.name);
+      return attrNames;
+    },
+    []
+  );
 }
 /**

package/test/unit/spec/html.js CHANGED Viewed

@@ -9,7 +9,7 @@ import {
   filter,
   filterSync,
   filterEscape,
-  filterEscapeSync
+  filterEscapeSync,
 } from '@webex/helper-html';
 import {skipInNode} from '@webex/test-helper-mocha';
@@ -29,7 +29,7 @@ skipInNode(describe)('html', () => {
     span: ['style'],
     ul: ['style'],
     body: ['style', 'xmlns', 'xml:lang'],
-    'webex-mention': ['data-object-id', 'data-object-type']
+    'webex-mention': ['data-object-id', 'data-object-type'],
   };
   const allowedStyles = [
@@ -42,7 +42,7 @@ skipInNode(describe)('html', () => {
     'margin-left',
     'margin-right',
     'text-align',
-    'text-decoration'
+    'text-decoration',
   ];
   /**
@@ -58,12 +58,15 @@ skipInNode(describe)('html', () => {
   const cfilterEscapeSync = filterEscapeSync(noop, allowedTags, allowedStyles);
   describe('#filter()', () => {
-    it('sanitizes trivial html', () => cfilter('<p data-test="5"><em>foo</em></p>')
-      .then((result) => assert.deepEqual(result, '<p><em>foo</em></p>')));
+    it('sanitizes trivial html', () =>
+      cfilter('<p data-test="5"><em>foo</em></p>').then((result) =>
+        assert.deepEqual(result, '<p><em>foo</em></p>')
+      ));
   });
   describe('#filterSync()', () => {
-    it('sanitizes trivial html', () => assert.deepEqual(cfilterSync('<p data-test="5"><em>foo</em></p>'), '<p><em>foo</em></p>'));
+    it('sanitizes trivial html', () =>
+      assert.deepEqual(cfilterSync('<p data-test="5"><em>foo</em></p>'), '<p><em>foo</em></p>'));
   });
   [
@@ -72,147 +75,154 @@ skipInNode(describe)('html', () => {
       // emptry string
       it: 'accepts blank strings',
       input: '',
-      output: ''
+      output: '',
     },
     {
       it: 'allows custom tags',
-      input: '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>',
-      output: '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>'
+      input:
+        '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>',
+      output:
+        '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>',
     },
     {
       it: 'filters tags',
-      input: '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
-      output: '<p>text1<em>text2</em>text3text4<strong>text5</strong>text6</p>'
+      input:
+        '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
+      output: '<p>text1<em>text2</em>text3text4<strong>text5</strong>text6</p>',
     },
     {
       it: 'filters attributes',
       input: '<p remove="me" style="font-size:large"><em>foo</em></p>',
-      output: /<p style="font-size:\s?large;?"><em>foo<\/em><\/p>/
+      output: /<p style="font-size:\s?large;?"><em>foo<\/em><\/p>/,
     },
     {
       it: 'filters styles',
       input: '<p style="color:red;remove:me;font-size:large"><em>foo</em></p>',
-      output: /<p style="color:\s?red;\s?font-size:\s?large;?"><em>foo<\/em><\/p>/
+      output: /<p style="color:\s?red;\s?font-size:\s?large;?"><em>foo<\/em><\/p>/,
     },
     {
       it: 'filters child attributes',
       input: '<body><span bcd="abc" style="font-size:large"><p><em>foo</em></p></span></body>',
-      output: /<body><span style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/span><\/body>/
+      output: /<body><span style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/span><\/body>/,
     },
     {
       it: 'filters disallowed attributes from allowed tags',
       input: '<strong style="font-size:large"><span>text</span></strong>',
-      output: '<strong><span>text</span></strong>'
+      output: '<strong><span>text</span></strong>',
     },
     {
       it: 'filters javascript: from a href',
       input: '<p><a href="javascript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'filters javascript: from a href (mixed case)',
       input: '<p><a href="JavaScript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'filters vbscript: from a href',
       input: '<p><a href="vbscript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'filters vbscript: from a href (mixed case)',
       input: '<p><a href="VBScript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'does not filter arbitrary strings from a href',
       input: '<p><a href="window.close(); return false">click here</a></p>',
-      output: '<p><a href="window.close(); return false">click here</a></p>'
+      output: '<p><a href="window.close(); return false">click here</a></p>',
     },
     {
       it: 'filters javascript: from img src',
       input: '<p><img src="javascript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'filters javascript: from img src (mixed case)',
       input: '<p><img src="javaScript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'filters vbscript: from img src',
       input: '<p><img src="vbscript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'filters vbscript: from img src (mixed case)',
       input: '<p><img src="VBScript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'does not filter arbitrary strings from img src',
       input: '<p><img src="window.close(); return false">foo</img></p>',
-      output: '<p><img src="window.close(); return false">foo</p>'
+      output: '<p><img src="window.close(); return false">foo</p>',
     },
     {
       it: 'correctly cleans nested a/img tags with javscript: href/src',
-      input: '<p><a href="javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src="javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
-      output: '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>'
+      input:
+        '<p><a href="javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src="javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
+      output:
+        '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>',
     },
     {
       it: 'correctly cleans nested a/img tags with javscript: href/src, even cleverly obfuscated with whitespace',
-      input: '<p><a href=" javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src=" javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
-      output: '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>'
+      input:
+        '<p><a href=" javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src=" javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
+      output:
+        '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>',
     },
     {
       it: 'handles weirder nesting',
-      input: '<p>text</p><div><p>text0</p><div style="font-size: large;"><span>text1</span><span>text2</span><script></script></div></div>',
-      output: '<p>text</p><p>text0</p><span>text1</span><span>text2</span>'
+      input:
+        '<p>text</p><div><p>text0</p><div style="font-size: large;"><span>text1</span><span>text2</span><script></script></div></div>',
+      output: '<p>text</p><p>text0</p><span>text1</span><span>text2</span>',
     },
     {
       it: 'filters bad html from unwrapped strings',
       input: 'Hi <script></script><em style="font-size:large;">Steve</em>',
-      output: 'Hi <em>Steve</em>'
+      output: 'Hi <em>Steve</em>',
     },
     {
       it: 'filters disallowed attributes from a href',
       input: '<a remove="me" href="http://www.jabber.org/"><p><em>foo</em></p></a>',
-      output: '<a href="http://www.jabber.org/"><p><em>foo</em></p></a>'
+      output: '<a href="http://www.jabber.org/"><p><em>foo</em></p></a>',
     },
     {
       it: 'filters disallowed attributes from a style',
       input: '<a remove="me" style="font-size:large"><p><em>foo</em></p></a>',
-      output: /<a style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/a>/
+      output: /<a style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/a>/,
     },
     {
       it: 'filters disallowed attributes from a type',
       input: '<a remove="me" type="stuff"><p><em>foo</em></p></a>',
-      output: '<a type="stuff"><p><em>foo</em></p></a>'
+      output: '<a type="stuff"><p><em>foo</em></p></a>',
     },
     {
       it: 'filters disallowed attributes from img src',
       input: '<img remove="me" src="http://www.xmpp.org/images/psa-license.jpg">bar</img>',
-      output: '<img src="http://www.xmpp.org/images/psa-license.jpg">bar'
+      output: '<img src="http://www.xmpp.org/images/psa-license.jpg">bar',
     },
     {
       it: 'filters disallowed attributes from img alt',
       input: '<img remove="me" alt="A License to Jabber">bar</img>',
-      output: '<img alt="A License to Jabber">bar'
+      output: '<img alt="A License to Jabber">bar',
     },
     {
       it: 'filters disallowed attributes from img height',
       input: '<img remove="me" height="261">bar</img>',
-      output: '<img height="261">bar'
+      output: '<img height="261">bar',
     },
     {
       it: 'filters disallowed attributes from img width',
       input: '<img remove="me" width="537">bar</img>',
-      output: '<img width="537">bar'
-    }
+      output: '<img width="537">bar',
+    },
   ].forEach((def) => {
     describe('#filter()', () => {
-      it(def.it, () => cfilter(def.input)
-        .then((out) => assert.match(out, def.output)));
+      it(def.it, () => cfilter(def.input).then((out) => assert.match(out, def.output)));
     });
     describe('#filterSync()', () => {
@@ -222,14 +232,15 @@ skipInNode(describe)('html', () => {
     });
   });
-  [{
-    it: 'escapes html',
-    input: 'This is an <b>invalid</b> tag',
-    output: 'This is an &lt;b&gt;invalid&lt;/b&gt; tag'
-  }].forEach((def) => {
+  [
+    {
+      it: 'escapes html',
+      input: 'This is an <b>invalid</b> tag',
+      output: 'This is an &lt;b&gt;invalid&lt;/b&gt; tag',
+    },
+  ].forEach((def) => {
     describe('#escape()', () => {
-      it(def.it, () => escape(def.input)
-        .then((result) => assert.deepEqual(result, def.output)));
+      it(def.it, () => escape(def.input).then((result) => assert.deepEqual(result, def.output)));
     });
     describe('#escapeSync()', () => {
@@ -243,24 +254,27 @@ skipInNode(describe)('html', () => {
     {
       it: 'escapes invalid tags',
       input: '<bar>text1<em>text2</em>text3</bar>',
-      output: '&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;'
+      output: '&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;',
     },
     {
       it: 'escapes deeply nested invalid tags',
-      input: '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
-      output: '<p>&lt;remove-me&gt;&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;text4&lt;/remove-me&gt;<strong>text5</strong>text6</p>'
+      input:
+        '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
+      output:
+        '<p>&lt;remove-me&gt;&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;text4&lt;/remove-me&gt;<strong>text5</strong>text6</p>',
     },
     {
       it: 'esapes special characters',
       input: '<b>&<</b>',
-      output: '<b>&amp;&lt;</b>'
-    }
+      output: '<b>&amp;&lt;</b>',
+    },
   ].forEach((def) => {
     describe('#filterEscape()', () => {
-      it(def.it, () => cfilterEscape(def.input)
-        .then((out) => {
+      it(def.it, () =>
+        cfilterEscape(def.input).then((out) => {
           assert.match(out, def.output);
-        }));
+        })
+      );
     });
     describe('#filterEscapeSync()', () => {