npm - @webex/helper-html - Versions diffs - 3.0.0-beta.8 → 3.0.0-bnr.0 - Mend

@webex/helper-html 3.0.0-beta.8 → 3.0.0-bnr.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/browsers.js +2 -2
package/dist/html-base.js +6 -14
package/dist/html-base.js.map +1 -1
package/dist/html.js +1 -13
package/dist/html.js.map +1 -1
package/dist/html.shim.js +22 -74
package/dist/html.shim.js.map +1 -1
package/dist/index.js +0 -8
package/dist/index.js.map +1 -1
package/dist/types/html-base.d.ts +12 -0
package/dist/types/html.d.ts +5 -0
package/dist/types/html.shim.d.ts +33 -0
package/dist/types/index.d.ts +1 -0
package/package.json +4 -4
package/src/html.shim.js +21 -27
package/test/unit/spec/html.js +71 -57

package/browsers.js CHANGED Viewed

@@ -6,10 +6,10 @@
 'use strict';
-module.exports = function(browsers) {
+module.exports = function (browsers) {
   // For reasons as-yet unexplained, the html filter test suite hangs when run
   // on Safari/Sauce Labs
-  Object.keys(browsers).forEach(function(key) {
+  Object.keys(browsers).forEach(function (key) {
     if (key.indexOf('safari') !== -1) {
       delete browsers[key];
     }

package/dist/html-base.js CHANGED Viewed

@@ -1,22 +1,20 @@
 "use strict";
 var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
 var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
 _Object$defineProperty(exports, "__esModule", {
   value: true
 });
 exports.escape = escape;
 exports.escapeSync = escapeSync;
 var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
 /*!
  * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.
  */
-var escapeMe = /(<|>|&)/g; // escape and escapeSync probably don't both need to exist, but it seemed like a
+var escapeMe = /(<|>|&)/g;
+// escape and escapeSync probably don't both need to exist, but it seemed like a
 // good idea in case we ever want to for the future.
 /**
@@ -24,40 +22,34 @@ var escapeMe = /(<|>|&)/g; // escape and escapeSync probably don't both need to
  * @param {[type]} html
  * @returns {[type]}
  */
 function escape(html) {
   return new _promise.default(function (resolve) {
     return resolve(escapeSync(html));
   });
 }
 /**
  * Synchronously escape HTML
  * @param {[type]} html
  * @returns {[type]}
  */
 function escapeSync(html) {
   return html.replace(escapeMe, entityReplacer);
 }
 /**
  * @param {string} char
  * @private
  * @returns {string}
  */
 function entityReplacer(char) {
   switch (char) {
     case '<':
       return '&lt;';
     case '>':
       return '&gt;';
     case '&':
       return '&amp;';
     default:
       return char;
   }

package/dist/html-base.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["escapeMe","escape","html","resolve","escapeSync","replace","entityReplacer","char"],"sources":["html-base.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\nconst escapeMe = /(<\|>\|&)/g;\n\n// escape and escapeSync probably don't both need to exist, but it seemed like a\n// good idea in case we ever want to for the future.\n\n/\n Escapes HTML\n * @param {[type]} html\n * @returns {[type]}\n /\nexport function escape(html) {\n return new Promise((resolve) => resolve(escapeSync(html)));\n}\n\n/\n Synchronously escape HTML\n * @param {[type]} html\n * @returns {[type]}\n /\nexport function escapeSync(html) {\n return html.replace(escapeMe, entityReplacer);\n}\n\n/\n @param {string} char\n * @private\n * @returns {string}\n */\nfunction entityReplacer(char) {\n switch (char) {\n case '<':\n return '<';\n case '>':\n return '>';\n case '&':\n return '&';\n default:\n return char;\n }\n}\n"],"mappings":"~~;;;;;;;;;;;;;;;~~AAAA;AACA;AACA;AAEA,IAAMA,QAAQ,GAAG,~~UAAjB,C,CAEA~~;AACA;;AAEA;AACA;AACA;AACA;AACA;;AACO,SAASC,~~MAAT~~,~~CAAgBC~~,~~IAAhB~~,~~EAAsB~~;EAC3B,OAAO,qBAAY,UAACC,~~OAAD~~;IAAA,~~OAAaA~~,OAAO,CAACC,UAAU,CAACF,~~IAAD~~,~~CAAX~~,~~CAApB~~;EAAA,~~CAAZ,CAAP~~;~~AACD~~;~~AAED~~;AACA;AACA;AACA;~~AACA;;;~~AACO,SAASE,~~UAAT~~,~~CAAoBF~~,~~IAApB~~,~~EAA0B~~;EAC/B,OAAOA,IAAI,CAACG,~~OAAL~~,~~CAAaL~~,~~QAAb~~,~~EAAuBM~~,~~cAAvB~~,~~CAAP~~;~~AACD~~;~~AAED~~;AACA;AACA;AACA;AACA~~;;;AACA~~,SAASA,~~cAAT~~,~~CAAwBC~~,~~IAAxB~~,~~EAA8B~~;EAC5B,QAAQA,~~IAAR~~;~~IACE~~,KAAK,~~GAAL~~;~~MACE~~,OAAO,~~MAAP;;IACF~~,KAAK,~~GAAL~~;~~MACE~~,OAAO,~~MAAP;;IACF~~,KAAK,~~GAAL~~;~~MACE~~,OAAO,~~OAAP;;IACF~~;MACE,OAAOA,~~IAAP~~;~~EARJ~~;~~AAUD~~"}
1	+ {"version":3,"names":["escapeMe","escape","html","resolve","escapeSync","replace","entityReplacer","char"],"sources":["html-base.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\nconst escapeMe = /(<\|>\|&)/g;\n\n// escape and escapeSync probably don't both need to exist, but it seemed like a\n// good idea in case we ever want to for the future.\n\n/\n Escapes HTML\n * @param {[type]} html\n * @returns {[type]}\n /\nexport function escape(html) {\n return new Promise((resolve) => resolve(escapeSync(html)));\n}\n\n/\n Synchronously escape HTML\n * @param {[type]} html\n * @returns {[type]}\n /\nexport function escapeSync(html) {\n return html.replace(escapeMe, entityReplacer);\n}\n\n/\n @param {string} char\n * @private\n * @returns {string}\n */\nfunction entityReplacer(char) {\n switch (char) {\n case '<':\n return '<';\n case '>':\n return '>';\n case '&':\n return '&';\n default:\n return char;\n }\n}\n"],"mappings":";;;;;;;;;;AAAA;AACA;AACA;;AAEA,IAAMA,QAAQ,GAAG,UAAU;;AAE3B;AACA;;AAEA;AACA;AACA;AACA;AACA;AACO,SAASC,MAAM,CAACC,IAAI,EAAE;EAC3B,OAAO,qBAAY,UAACC,OAAO;IAAA,OAAKA,OAAO,CAACC,UAAU,CAACF,IAAI,CAAC,CAAC;EAAA,EAAC;AAC5D;;AAEA;AACA;AACA;AACA;AACA;AACO,SAASE,UAAU,CAACF,IAAI,EAAE;EAC/B,OAAOA,IAAI,CAACG,OAAO,CAACL,QAAQ,EAAEM,cAAc,CAAC;AAC/C;;AAEA;AACA;AACA;AACA;AACA;AACA,SAASA,cAAc,CAACC,IAAI,EAAE;EAC5B,QAAQA,IAAI;IACV,KAAK,GAAG;MACN,OAAO,MAAM;IACf,KAAK,GAAG;MACN,OAAO,MAAM;IACf,KAAK,GAAG;MACN,OAAO,OAAO;IAChB;MACE,OAAOA,IAAI;EAAC;AAElB"}

package/dist/html.js CHANGED Viewed

@@ -1,35 +1,26 @@
 "use strict";
 var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
 var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
 _Object$defineProperty(exports, "__esModule", {
   value: true
 });
 _Object$defineProperty(exports, "escape", {
   enumerable: true,
   get: function get() {
     return _htmlBase.escape;
   }
 });
 _Object$defineProperty(exports, "escapeSync", {
   enumerable: true,
   get: function get() {
     return _htmlBase.escapeSync;
   }
 });
 exports.filterSync = exports.filterEscapeSync = exports.filterEscape = exports.filter = void 0;
 var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
 var _curry2 = _interopRequireDefault(require("lodash/curry"));
 var _htmlBase = require("./html-base");
 /**
  * @param {Object} allowedTags
  * @param {Array<string>} allowedStyles
@@ -41,11 +32,11 @@ function noop() {
   for (var _len = arguments.length, args = new Array(_len), _key = 0; _key < _len; _key++) {
     args[_key] = arguments[_key];
   }
   return new _promise.default(function (resolve) {
     resolve(noopSync.apply(void 0, args));
   });
 }
 /**
  * @param {function} processCallback callback function to do additional
  * processing on node. of the form process(node)
@@ -55,12 +46,9 @@ function noop() {
  * @private
  * @returns {string}
  */
 function noopSync(processCallback, allowedTags, allowedStyles, html) {
   return html;
 }
 var filter = (0, _curry2.default)(noop, 4);
 exports.filter = filter;
 var filterSync = (0, _curry2.default)(noopSync, 4);

package/dist/html.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["noop","args","resolve","noopSync","processCallback","allowedTags","allowedStyles","html","filter","filterSync","filterEscape","filterEscapeSync"],"sources":["html.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\nimport {curry} from 'lodash';\n\nexport {escape, escapeSync} from './html-base';\n\n/\n @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction noop(...args) {\n return new Promise((resolve) => {\n resolve(noopSync(...args));\n });\n}\n\n/\n @param {function} processCallback callback function to do additional\n * processing on node. of the form process(node)\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n */\nfunction noopSync(processCallback, allowedTags, allowedStyles, html) {\n return html;\n}\n\nexport const filter = curry(noop, 4);\nexport const filterSync = curry(noopSync, 4);\nexport const filterEscape = curry(noop, 4);\nexport const filterEscapeSync = curry(noopSync, 4);\n"],"mappings":"~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~AAMA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,~~IAAT~~,~~GAAuB~~;EAAA,kCAANC,~~IAAM~~;~~IAANA~~,~~IAAM~~;EAAA~~;;EACrB~~,OAAO,qBAAY,UAACC,~~OAAD~~,~~EAAa~~;IAC9BA,OAAO,CAACC,QAAQ,~~MAAR~~,~~SAAYF~~,~~IAAZ~~,~~CAAD,CAAP~~;~~EACD~~,~~CAFM~~,~~CAAP~~;~~AAGD~~;~~AAED~~;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA~~;;;AACA~~,SAASE,~~QAAT~~,~~CAAkBC~~,~~eAAlB~~,~~EAAmCC~~,~~WAAnC~~,~~EAAgDC~~,~~aAAhD~~,~~EAA+DC~~,~~IAA/D~~,~~EAAqE~~;EACnE,OAAOA,~~IAAP~~;~~AACD;;AAEM~~,IAAMC,MAAM,GAAG,qBAAMR,~~IAAN~~,~~EAAY~~,~~CAAZ~~,~~CAAf;;AACA~~,IAAMS,UAAU,GAAG,qBAAMN,~~QAAN~~,~~EAAgB~~,~~CAAhB~~,~~CAAnB;;AACA~~,IAAMO,YAAY,GAAG,qBAAMV,~~IAAN~~,~~EAAY~~,~~CAAZ~~,~~CAArB;;AACA~~,IAAMW,gBAAgB,GAAG,qBAAMR,~~QAAN~~,~~EAAgB~~,~~CAAhB~~,~~CAAzB~~"}
1	+ {"version":3,"names":["noop","args","resolve","noopSync","processCallback","allowedTags","allowedStyles","html","filter","filterSync","filterEscape","filterEscapeSync"],"sources":["html.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\nimport {curry} from 'lodash';\n\nexport {escape, escapeSync} from './html-base';\n\n/\n @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction noop(...args) {\n return new Promise((resolve) => {\n resolve(noopSync(...args));\n });\n}\n\n/\n @param {function} processCallback callback function to do additional\n * processing on node. of the form process(node)\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n */\nfunction noopSync(processCallback, allowedTags, allowedStyles, html) {\n return html;\n}\n\nexport const filter = curry(noop, 4);\nexport const filterSync = curry(noopSync, 4);\nexport const filterEscape = curry(noop, 4);\nexport const filterEscapeSync = curry(noopSync, 4);\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAMA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,IAAI,GAAU;EAAA,kCAANC,IAAI;IAAJA,IAAI;EAAA;EACnB,OAAO,qBAAY,UAACC,OAAO,EAAK;IAC9BA,OAAO,CAACC,QAAQ,eAAIF,IAAI,CAAC,CAAC;EAC5B,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASE,QAAQ,CAACC,eAAe,EAAEC,WAAW,EAAEC,aAAa,EAAEC,IAAI,EAAE;EACnE,OAAOA,IAAI;AACb;AAEO,IAAMC,MAAM,GAAG,qBAAMR,IAAI,EAAE,CAAC,CAAC;AAAC;AAC9B,IAAMS,UAAU,GAAG,qBAAMN,QAAQ,EAAE,CAAC,CAAC;AAAC;AACtC,IAAMO,YAAY,GAAG,qBAAMV,IAAI,EAAE,CAAC,CAAC;AAAC;AACpC,IAAMW,gBAAgB,GAAG,qBAAMR,QAAQ,EAAE,CAAC,CAAC;AAAC"}

package/dist/html.shim.js CHANGED Viewed

@@ -1,43 +1,30 @@
 "use strict";
 var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
 var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
 _Object$defineProperty(exports, "__esModule", {
   value: true
 });
 _Object$defineProperty(exports, "escape", {
   enumerable: true,
   get: function get() {
     return _htmlBase.escape;
   }
 });
 _Object$defineProperty(exports, "escapeSync", {
   enumerable: true,
   get: function get() {
     return _htmlBase.escapeSync;
   }
 });
 exports.filterSync = exports.filterEscapeSync = exports.filterEscape = exports.filter = void 0;
 var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
 var _keys = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/keys"));
 var _reduce2 = _interopRequireDefault(require("lodash/reduce"));
 var _includes2 = _interopRequireDefault(require("lodash/includes"));
 var _forEach2 = _interopRequireDefault(require("lodash/forEach"));
 var _curry2 = _interopRequireDefault(require("lodash/curry"));
 var _htmlBase = require("./html-base");
 /**
  * Some browsers don't implement {@link Element#remove()} or
  * {@link NodeList#remove()} or {@link HTMLCollection#remove()}. This wrapper
@@ -51,22 +38,19 @@ function removeNode(node) {
     node.remove();
     return;
   }
   if (node.parentElement) {
     node.parentElement.removeChild(node);
     return;
   }
   if ('length' in node) {
     for (var i = node.length - 1; i >= 0; i -= 1) {
       removeNode(node[i]);
     }
     return;
   }
   throw new Error('Could not find a way to remove node');
 }
 /**
  * @param {Object} allowedTags
  * @param {Array<string>} allowedStyles
@@ -74,17 +58,15 @@ function removeNode(node) {
  * @private
  * @returns {string}
  */
 function _filter() {
   for (var _len = arguments.length, args = new Array(_len), _key = 0; _key < _len; _key++) {
     args[_key] = arguments[_key];
   }
   return new _promise.default(function (resolve) {
     resolve(_filterSync.apply(void 0, args));
   });
 }
 /**
  * Curried async HTML filter.
  * @param {Object} allowedTags Map of tagName -> array of allowed attributes
@@ -92,9 +74,8 @@ function _filter() {
  * @param {string} html html to filter
  * @returns {string}
  */
 var filter = (0, _curry2.default)(_filter, 4);
 /**
  * @param {function} processCallback callback function to do additional
  * processing on node. of the form process(node)
@@ -104,63 +85,54 @@ var filter = (0, _curry2.default)(_filter, 4);
  * @private
  * @returns {string}
  */
 exports.filter = filter;
 function _filterSync(processCallback, allowedTags, allowedStyles, html) {
   if (!html || !allowedStyles || !allowedTags) {
     if (html.length === 0) {
       return html;
     }
     throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');
   }
   var doc = new DOMParser().parseFromString(html, 'text/html');
   depthFirstForEach(doc.body.childNodes, filterNode);
   processCallback(doc.body);
   if (html.indexOf('body') === 1) {
     return "<body>".concat(doc.body.innerHTML, "</body>");
   }
   return doc.body.innerHTML;
   /**
    * @param {Node} node
    * @private
    * @returns {undefined}
    */
   function filterNode(node) {
     if (!isElement(node)) {
       return;
     }
     var nodeName = node.nodeName.toLowerCase();
     var allowedTagNames = (0, _keys.default)(allowedTags);
     depthFirstForEach(node.childNodes, filterNode);
     if ((0, _includes2.default)(allowedTagNames, nodeName)) {
       var allowedAttributes = allowedTags[nodeName];
       (0, _forEach2.default)(listAttributeNames(node.attributes), function (attrName) {
         if (!(0, _includes2.default)(allowedAttributes, attrName)) {
           node.removeAttribute(attrName);
         } else if (attrName === 'href' || attrName === 'src') {
-          var attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase(); // We're doing at runtime what the no-script-url rule does at compile
+          var attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();
+          // We're doing at runtime what the no-script-url rule does at compile
           // time
           // eslint-disable-next-line no-script-url
           if (attrValue.indexOf('javascript:') === 0 || attrValue.indexOf('vbscript:') === 0) {
             reparent(node);
           }
         } else if (attrName === 'style') {
           var styles = node.attributes.getNamedItem('style').value.split(';').map(function (style) {
             var styleName = trim(style.split(':')[0]);
             if ((0, _includes2.default)(allowedStyles, styleName)) {
               return style;
             }
             return null;
           }).filter(function (style) {
             return Boolean(style);
@@ -173,6 +145,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
     }
   }
 }
 /**
  * Same as _filter, but escapes rather than removes disallowed values
  * @param {Function} processCallback
@@ -181,17 +154,15 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
  * @param {string} html
  * @returns {Promise<string>}
  */
 function _filterEscape() {
   for (var _len2 = arguments.length, args = new Array(_len2), _key2 = 0; _key2 < _len2; _key2++) {
     args[_key2] = arguments[_key2];
   }
   return new _promise.default(function (resolve) {
     resolve(_filterEscapeSync.apply(void 0, args));
   });
 }
 /**
  * Same as _filterSync, but escapes rather than removes disallowed values
  * @param {Function} processCallback
@@ -200,62 +171,53 @@ function _filterEscape() {
  * @param {string} html
  * @returns {string}
  */
 function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
   if (!html || !allowedStyles || !allowedTags) {
     if (html.length === 0) {
       return html;
     }
     throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');
   }
   var doc = new DOMParser().parseFromString(html, 'text/html');
   depthFirstForEach(doc.body.childNodes, filterNode);
   processCallback(doc.body);
   if (html.indexOf('body') === 1) {
     return "<body>".concat(doc.body.innerHTML, "</body>");
   }
   return doc.body.innerHTML;
   /**
    * @param {Node} node
    * @private
    * @returns {undefined}
    */
   function filterNode(node) {
     if (!isElement(node)) {
       return;
     }
     depthFirstForEach(node.childNodes, filterNode);
     var nodeName = node.nodeName.toLowerCase();
     var allowedTagNames = (0, _keys.default)(allowedTags);
     if ((0, _includes2.default)(allowedTagNames, nodeName)) {
       var allowedAttributes = allowedTags[nodeName];
       (0, _forEach2.default)(listAttributeNames(node.attributes), function (attrName) {
         if (!(0, _includes2.default)(allowedAttributes, attrName)) {
           node.removeAttribute(attrName);
         } else if (attrName === 'href' || attrName === 'src') {
-          var attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase(); // We're doing at runtime what the no-script-url rule does at compile
+          var attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();
+          // We're doing at runtime what the no-script-url rule does at compile
           // time
           // eslint-disable-next-line no-script-url
           if (attrValue.indexOf('javascript:') === 0 || attrValue.indexOf('vbscript:') === 0) {
             reparent(node);
           }
         } else if (attrName === 'style') {
           var styles = node.attributes.getNamedItem('style').value.split(';').map(function (style) {
             var styleName = trim(style.split(':')[0]);
             if ((0, _includes2.default)(allowedStyles, styleName)) {
               return style;
             }
             return null;
           }).filter(function (style) {
             return Boolean(style);
@@ -268,101 +230,89 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
     }
   }
 }
 /**
  * Escapes a given html node
  * @param {Node} node
  * @returns {undefined}
  */
 function escapeNode(node) {
   var before = document.createTextNode("<".concat(node.nodeName.toLowerCase(), ">"));
   var after = document.createTextNode("</".concat(node.nodeName.toLowerCase(), ">"));
   node.parentNode.insertBefore(before, node);
   while (node.childNodes.length > 0) {
     node.parentNode.insertBefore(node.childNodes[0], node);
   }
   node.parentNode.insertBefore(after, node);
   removeNode(node);
 }
 var trimPattern = /^\s|\s$/g;
 /**
  * @param {string} str
  * @returns {string}
  */
 function trim(str) {
   return str.replace(trimPattern, '');
 }
 /**
  * @param {Node} node
  * @private
  * @returns {undefined}
  */
 function reparent(node) {
   while (node.childNodes.length > 0) {
     node.parentNode.insertBefore(node.childNodes[0], node);
   }
   removeNode(node);
 }
 /**
  * @param {NamedNodeMap} attributes
  * @private
  * @returns {Array<string>}
  */
 function listAttributeNames(attributes) {
   return (0, _reduce2.default)(attributes, function (attrNames, attr) {
     attrNames.push(attr.name);
     return attrNames;
   }, []);
 }
 /**
  * @param {Array} list
  * @param {Function} fn
  * @private
  * @returns {undefined}
  */
 function depthFirstForEach(list, fn) {
   for (var i = list.length; i >= 0; i -= 1) {
     fn(list[i]);
   }
 }
 /**
  * @param {Node} o
  * @private
  * @returns {Boolean}
  */
 function isElement(o) {
   if (!o) {
     return false;
   }
   if (o.ownerDocument === undefined) {
     return false;
   }
   if (o.nodeType !== 1) {
     return false;
   }
   if (typeof o.nodeName !== 'string') {
     return false;
   }
   return true;
 }
 /**
  * Curried HTML filter.
  * @param {Object} allowedTags Map of tagName -> array of allowed attributes
@@ -370,9 +320,8 @@ function isElement(o) {
  * @param {string} html html to filter
  * @returns {string}
  */
 var filterSync = (0, _curry2.default)(_filterSync, 4);
 /**
  * Curried HTML filter that escapes rather than removes disallowed tags
  * @param {Object} allowedTags Map of tagName -> array of allowed attributes
@@ -380,9 +329,9 @@ var filterSync = (0, _curry2.default)(_filterSync, 4);
  * @param {string} html html to filter
  * @returns {Promise<string>}
  */
 exports.filterSync = filterSync;
 var filterEscape = (0, _curry2.default)(_filterEscape, 4);
 /**
  * Curried HTML filter that escapes rather than removes disallowed tags
  * @param {Object} allowedTags Map of tagName -> array of allowed attributes
@@ -390,7 +339,6 @@ var filterEscape = (0, _curry2.default)(_filterEscape, 4);
  * @param {string} html html to filter
  * @returns {string}
  */
 exports.filterEscape = filterEscape;
 var filterEscapeSync = (0, _curry2.default)(_filterEscapeSync, 4);
 exports.filterEscapeSync = filterEscapeSync;

package/dist/html.shim.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["removeNode","node","remove","parentElement","removeChild","i","length","Error","_filter","args","resolve","_filterSync","filter","processCallback","allowedTags","allowedStyles","html","doc","DOMParser","parseFromString","depthFirstForEach","body","childNodes","filterNode","indexOf","innerHTML","isElement","nodeName","toLowerCase","allowedTagNames","allowedAttributes","listAttributeNames","attributes","attrName","removeAttribute","attrValue","getNamedItem","value","trim","reparent","styles","split","map","style","styleName","Boolean","join","setAttribute","_filterEscape","_filterEscapeSync","escapeNode","before","document","createTextNode","after","parentNode","insertBefore","trimPattern","str","replace","attrNames","attr","push","name","list","fn","o","ownerDocument","undefined","nodeType","filterSync","filterEscape","filterEscapeSync"],"sources":["html.shim.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\n/ eslint-env browser /\n\nimport {curry, forEach, includes, reduce} from 'lodash';\n\nexport {escape, escapeSync} from './html-base';\n\n/\n Some browsers don't implement {@link Element#remove()} or\n * {@link NodeList#remove()} or {@link HTMLCollection#remove()}. This wrapper\n * calls the appropriate `#remove()` method if available, or falls back to a\n * non-global-polluting polyfill.\n * @param {Element\|NodeList\|HTMLCollection} node\n * @returns {undefined}\n /\nfunction removeNode(node) {\n if (node.remove) {\n node.remove();\n\n return;\n }\n\n if (node.parentElement) {\n node.parentElement.removeChild(node);\n\n return;\n }\n\n if ('length' in node) {\n for (let i = node.length - 1; i >= 0; i -= 1) {\n removeNode(node[i]);\n }\n\n return;\n }\n\n throw new Error('Could not find a way to remove node');\n}\n\n/\n @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filter(...args) {\n return new Promise((resolve) => {\n resolve(_filterSync(...args));\n });\n}\n\n/\n Curried async HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filter = curry(_filter, 4);\n\n/\n @param {function} processCallback callback function to do additional\n * processing on node. of the form process(node)\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filterSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = (new DOMParser()).parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n depthFirstForEach(node.childNodes, filterNode);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n }\n else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n }\n else if (attrName === 'style') {\n const styles = node\n .attributes\n .getNamedItem('style')\n .value\n .split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n }\n else {\n reparent(node);\n }\n }\n}\n\n/\n Same as _filter, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {Promise<string>}\n /\nfunction _filterEscape(...args) {\n return new Promise((resolve) => {\n resolve(_filterEscapeSync(...args));\n });\n}\n\n/\n Same as _filterSync, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {string}\n /\nfunction _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = (new DOMParser()).parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n depthFirstForEach(node.childNodes, filterNode);\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n }\n else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n }\n else if (attrName === 'style') {\n const styles = node\n .attributes\n .getNamedItem('style')\n .value\n .split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n }\n else {\n escapeNode(node);\n }\n }\n}\n\n/\n Escapes a given html node\n * @param {Node} node\n * @returns {undefined}\n /\nfunction escapeNode(node) {\n const before = document.createTextNode(`<${node.nodeName.toLowerCase()}>`);\n const after = document.createTextNode(`</${node.nodeName.toLowerCase()}>`);\n\n node.parentNode.insertBefore(before, node);\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n node.parentNode.insertBefore(after, node);\n\n removeNode(node);\n}\n\nconst trimPattern = /^\\s\|\\s$/g;\n\n/\n @param {string} str\n * @returns {string}\n /\nfunction trim(str) {\n return str.replace(trimPattern, '');\n}\n\n/\n @param {Node} node\n * @private\n * @returns {undefined}\n /\nfunction reparent(node) {\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n removeNode(node);\n}\n\n/\n @param {NamedNodeMap} attributes\n * @private\n * @returns {Array<string>}\n /\nfunction listAttributeNames(attributes) {\n return reduce(attributes, (attrNames, attr) => {\n attrNames.push(attr.name);\n\n return attrNames;\n }, []);\n}\n\n/\n @param {Array} list\n * @param {Function} fn\n * @private\n * @returns {undefined}\n /\nfunction depthFirstForEach(list, fn) {\n for (let i = list.length; i >= 0; i -= 1) {\n fn(list[i]);\n }\n}\n\n/\n @param {Node} o\n * @private\n * @returns {Boolean}\n /\nfunction isElement(o) {\n if (!o) {\n return false;\n }\n\n if (o.ownerDocument === undefined) {\n return false;\n }\n\n if (o.nodeType !== 1) {\n return false;\n }\n\n if (typeof o.nodeName !== 'string') {\n return false;\n }\n\n return true;\n}\n\n/\n Curried HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filterSync = curry(_filterSync, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {Promise<string>}\n /\nexport const filterEscape = curry(_filterEscape, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n */\nexport const filterEscapeSync = curry(_filterEscapeSync, 4);\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAQA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,UAAT,CAAoBC,IAApB,EAA0B;EACxB,IAAIA,IAAI,CAACC,MAAT,EAAiB;IACfD,IAAI,CAACC,MAAL;IAEA;EACD;;EAED,IAAID,IAAI,CAACE,aAAT,EAAwB;IACtBF,IAAI,CAACE,aAAL,CAAmBC,WAAnB,CAA+BH,IAA/B;IAEA;EACD;;EAED,IAAI,YAAYA,IAAhB,EAAsB;IACpB,KAAK,IAAII,CAAC,GAAGJ,IAAI,CAACK,MAAL,GAAc,CAA3B,EAA8BD,CAAC,IAAI,CAAnC,EAAsCA,CAAC,IAAI,CAA3C,EAA8C;MAC5CL,UAAU,CAACC,IAAI,CAACI,CAAD,CAAL,CAAV;IACD;;IAED;EACD;;EAED,MAAM,IAAIE,KAAJ,CAAU,qCAAV,CAAN;AACD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASC,OAAT,GAA0B;EAAA,kCAANC,IAAM;IAANA,IAAM;EAAA;;EACxB,OAAO,qBAAY,UAACC,OAAD,EAAa;IAC9BA,OAAO,CAACC,WAAW,MAAX,SAAeF,IAAf,CAAD,CAAP;EACD,CAFM,CAAP;AAGD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAMG,MAAM,GAAG,qBAAMJ,OAAN,EAAe,CAAf,CAAf;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AACA,SAASG,WAAT,CAAqBE,eAArB,EAAsCC,WAAtC,EAAmDC,aAAnD,EAAkEC,IAAlE,EAAwE;EACtE,IAAI,CAACA,IAAD,IAAS,CAACD,aAAV,IAA2B,CAACD,WAAhC,EAA6C;IAC3C,IAAIE,IAAI,CAACV,MAAL,KAAgB,CAApB,EAAuB;MACrB,OAAOU,IAAP;IACD;;IAED,MAAM,IAAIT,KAAJ,CAAU,6DAAV,CAAN;EACD;;EAED,IAAMU,GAAG,GAAI,IAAIC,SAAJ,EAAD,CAAkBC,eAAlB,CAAkCH,IAAlC,EAAwC,WAAxC,CAAZ;EAEAI,iBAAiB,CAACH,GAAG,CAACI,IAAJ,CAASC,UAAV,EAAsBC,UAAtB,CAAjB;EACAV,eAAe,CAACI,GAAG,CAACI,IAAL,CAAf;;EAEA,IAAIL,IAAI,CAACQ,OAAL,CAAa,MAAb,MAAyB,CAA7B,EAAgC;IAC9B,uBAAgBP,GAAG,CAACI,IAAJ,CAASI,SAAzB;EACD;;EAED,OAAOR,GAAG,CAACI,IAAJ,CAASI,SAAhB;EAEA;AACF;AACA;AACA;AACA;;EACE,SAASF,UAAT,CAAoBtB,IAApB,EAA0B;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAD,CAAd,EAAsB;MACpB;IACD;;IAED,IAAM0B,QAAQ,GAAG1B,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAAjB;IACA,IAAMC,eAAe,GAAG,mBAAYf,WAAZ,CAAxB;IAEAM,iBAAiB,CAACnB,IAAI,CAACqB,UAAN,EAAkBC,UAAlB,CAAjB;;IAEA,IAAI,wBAASM,eAAT,EAA0BF,QAA1B,CAAJ,EAAyC;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAD,CAArC;MAEA,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAN,CAA1B,EAA6C,UAACC,QAAD,EAAc;QACzD,IAAI,CAAC,wBAASH,iBAAT,EAA4BG,QAA5B,CAAL,EAA4C;UAC1ChC,IAAI,CAACiC,eAAL,CAAqBD,QAArB;QACD,CAFD,MAGK,IAAIA,QAAQ,KAAK,MAAb,IAAuBA,QAAQ,KAAK,KAAxC,EAA+C;UAClD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAL,CAAgBI,YAAhB,CAA6BH,QAA7B,EAAuCI,KAAvC,CAA6CC,IAA7C,GAAoDV,WAApD,EAAlB,CADkD,CAGlD;UACA;UACA;;UACA,IAAIO,SAAS,CAACX,OAAV,CAAkB,aAAlB,MAAqC,CAArC,IAA0CW,SAAS,CAACX,OAAV,CAAkB,WAAlB,MAAmC,CAAjF,EAAoF;YAClFe,QAAQ,CAACtC,IAAD,CAAR;UACD;QACF,CATI,MAUA,IAAIgC,QAAQ,KAAK,OAAjB,EAA0B;UAC7B,IAAMO,MAAM,GAAGvC,IAAI,CAChB+B,UADY,CAEZI,YAFY,CAEC,OAFD,EAGZC,KAHY,CAIZI,KAJY,CAIN,GAJM,EAKZC,GALY,CAKR,UAACC,KAAD,EAAW;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAN,CAAY,GAAZ,EAAiB,CAAjB,CAAD,CAAtB;;YAEA,IAAI,wBAAS1B,aAAT,EAAwB6B,SAAxB,CAAJ,EAAwC;cACtC,OAAOD,KAAP;YACD;;YAED,OAAO,IAAP;UACD,CAbY,EAcZ/B,MAdY,CAcL,UAAC+B,KAAD;YAAA,OAAWE,OAAO,CAACF,KAAD,CAAlB;UAAA,CAdK,EAeZG,IAfY,CAeP,GAfO,CAAf;UAiBA7C,IAAI,CAAC8C,YAAL,CAAkB,OAAlB,EAA2BP,MAA3B;QACD;MACF,CAlCD;IAmCD,CAtCD,MAuCK;MACHD,QAAQ,CAACtC,IAAD,CAAR;IACD;EACF;AACF;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAAS+C,aAAT,GAAgC;EAAA,mCAANvC,IAAM;IAANA,IAAM;EAAA;;EAC9B,OAAO,qBAAY,UAACC,OAAD,EAAa;IAC9BA,OAAO,CAACuC,iBAAiB,MAAjB,SAAqBxC,IAArB,CAAD,CAAP;EACD,CAFM,CAAP;AAGD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASwC,iBAAT,CAA2BpC,eAA3B,EAA4CC,WAA5C,EAAyDC,aAAzD,EAAwEC,IAAxE,EAA8E;EAC5E,IAAI,CAACA,IAAD,IAAS,CAACD,aAAV,IAA2B,CAACD,WAAhC,EAA6C;IAC3C,IAAIE,IAAI,CAACV,MAAL,KAAgB,CAApB,EAAuB;MACrB,OAAOU,IAAP;IACD;;IAED,MAAM,IAAIT,KAAJ,CAAU,6DAAV,CAAN;EACD;;EAED,IAAMU,GAAG,GAAI,IAAIC,SAAJ,EAAD,CAAkBC,eAAlB,CAAkCH,IAAlC,EAAwC,WAAxC,CAAZ;EAEAI,iBAAiB,CAACH,GAAG,CAACI,IAAJ,CAASC,UAAV,EAAsBC,UAAtB,CAAjB;EACAV,eAAe,CAACI,GAAG,CAACI,IAAL,CAAf;;EAEA,IAAIL,IAAI,CAACQ,OAAL,CAAa,MAAb,MAAyB,CAA7B,EAAgC;IAC9B,uBAAgBP,GAAG,CAACI,IAAJ,CAASI,SAAzB;EACD;;EAED,OAAOR,GAAG,CAACI,IAAJ,CAASI,SAAhB;EAEA;AACF;AACA;AACA;AACA;;EACE,SAASF,UAAT,CAAoBtB,IAApB,EAA0B;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAD,CAAd,EAAsB;MACpB;IACD;;IAEDmB,iBAAiB,CAACnB,IAAI,CAACqB,UAAN,EAAkBC,UAAlB,CAAjB;IAEA,IAAMI,QAAQ,GAAG1B,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAAjB;IACA,IAAMC,eAAe,GAAG,mBAAYf,WAAZ,CAAxB;;IAEA,IAAI,wBAASe,eAAT,EAA0BF,QAA1B,CAAJ,EAAyC;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAD,CAArC;MAEA,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAN,CAA1B,EAA6C,UAACC,QAAD,EAAc;QACzD,IAAI,CAAC,wBAASH,iBAAT,EAA4BG,QAA5B,CAAL,EAA4C;UAC1ChC,IAAI,CAACiC,eAAL,CAAqBD,QAArB;QACD,CAFD,MAGK,IAAIA,QAAQ,KAAK,MAAb,IAAuBA,QAAQ,KAAK,KAAxC,EAA+C;UAClD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAL,CAAgBI,YAAhB,CAA6BH,QAA7B,EAAuCI,KAAvC,CAA6CT,WAA7C,EAAlB,CADkD,CAGlD;UACA;UACA;;UACA,IAAIO,SAAS,CAACX,OAAV,CAAkB,aAAlB,MAAqC,CAArC,IAA0CW,SAAS,CAACX,OAAV,CAAkB,WAAlB,MAAmC,CAAjF,EAAoF;YAClFe,QAAQ,CAACtC,IAAD,CAAR;UACD;QACF,CATI,MAUA,IAAIgC,QAAQ,KAAK,OAAjB,EAA0B;UAC7B,IAAMO,MAAM,GAAGvC,IAAI,CAChB+B,UADY,CAEZI,YAFY,CAEC,OAFD,EAGZC,KAHY,CAIZI,KAJY,CAIN,GAJM,EAKZC,GALY,CAKR,UAACC,KAAD,EAAW;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAN,CAAY,GAAZ,EAAiB,CAAjB,CAAD,CAAtB;;YAEA,IAAI,wBAAS1B,aAAT,EAAwB6B,SAAxB,CAAJ,EAAwC;cACtC,OAAOD,KAAP;YACD;;YAED,OAAO,IAAP;UACD,CAbY,EAcZ/B,MAdY,CAcL,UAAC+B,KAAD;YAAA,OAAWE,OAAO,CAACF,KAAD,CAAlB;UAAA,CAdK,EAeZG,IAfY,CAeP,GAfO,CAAf;UAiBA7C,IAAI,CAAC8C,YAAL,CAAkB,OAAlB,EAA2BP,MAA3B;QACD;MACF,CAlCD;IAmCD,CAtCD,MAuCK;MACHU,UAAU,CAACjD,IAAD,CAAV;IACD;EACF;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASiD,UAAT,CAAoBjD,IAApB,EAA0B;EACxB,IAAMkD,MAAM,GAAGC,QAAQ,CAACC,cAAT,YAA4BpD,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAA5B,OAAf;EACA,IAAM0B,KAAK,GAAGF,QAAQ,CAACC,cAAT,aAA6BpD,IAAI,CAAC0B,QAAL,CAAcC,WAAd,EAA7B,OAAd;EAEA3B,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BL,MAA7B,EAAqClD,IAArC;;EACA,OAAOA,IAAI,CAACqB,UAAL,CAAgBhB,MAAhB,GAAyB,CAAhC,EAAmC;IACjCL,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BvD,IAAI,CAACqB,UAAL,CAAgB,CAAhB,CAA7B,EAAiDrB,IAAjD;EACD;;EACDA,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BF,KAA7B,EAAoCrD,IAApC;EAEAD,UAAU,CAACC,IAAD,CAAV;AACD;;AAED,IAAMwD,WAAW,GAAG,UAApB;AAEA;AACA;AACA;AACA;;AACA,SAASnB,IAAT,CAAcoB,GAAd,EAAmB;EACjB,OAAOA,GAAG,CAACC,OAAJ,CAAYF,WAAZ,EAAyB,EAAzB,CAAP;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASlB,QAAT,CAAkBtC,IAAlB,EAAwB;EACtB,OAAOA,IAAI,CAACqB,UAAL,CAAgBhB,MAAhB,GAAyB,CAAhC,EAAmC;IACjCL,IAAI,CAACsD,UAAL,CAAgBC,YAAhB,CAA6BvD,IAAI,CAACqB,UAAL,CAAgB,CAAhB,CAA7B,EAAiDrB,IAAjD;EACD;;EACDD,UAAU,CAACC,IAAD,CAAV;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,SAAS8B,kBAAT,CAA4BC,UAA5B,EAAwC;EACtC,OAAO,sBAAOA,UAAP,EAAmB,UAAC4B,SAAD,EAAYC,IAAZ,EAAqB;IAC7CD,SAAS,CAACE,IAAV,CAAeD,IAAI,CAACE,IAApB;IAEA,OAAOH,SAAP;EACD,CAJM,EAIJ,EAJI,CAAP;AAKD;AAED;AACA;AACA;AACA;AACA;AACA;;;AACA,SAASxC,iBAAT,CAA2B4C,IAA3B,EAAiCC,EAAjC,EAAqC;EACnC,KAAK,IAAI5D,CAAC,GAAG2D,IAAI,CAAC1D,MAAlB,EAA0BD,CAAC,IAAI,CAA/B,EAAkCA,CAAC,IAAI,CAAvC,EAA0C;IACxC4D,EAAE,CAACD,IAAI,CAAC3D,CAAD,CAAL,CAAF;EACD;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASqB,SAAT,CAAmBwC,CAAnB,EAAsB;EACpB,IAAI,CAACA,CAAL,EAAQ;IACN,OAAO,KAAP;EACD;;EAED,IAAIA,CAAC,CAACC,aAAF,KAAoBC,SAAxB,EAAmC;IACjC,OAAO,KAAP;EACD;;EAED,IAAIF,CAAC,CAACG,QAAF,KAAe,CAAnB,EAAsB;IACpB,OAAO,KAAP;EACD;;EAED,IAAI,OAAOH,CAAC,CAACvC,QAAT,KAAsB,QAA1B,EAAoC;IAClC,OAAO,KAAP;EACD;;EAED,OAAO,IAAP;AACD;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAM2C,UAAU,GAAG,qBAAM3D,WAAN,EAAmB,CAAnB,CAAnB;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAM4D,YAAY,GAAG,qBAAMvB,aAAN,EAAqB,CAArB,CAArB;AAEP;AACA;AACA;AACA;AACA;AACA;AACA;;;AACO,IAAMwB,gBAAgB,GAAG,qBAAMvB,iBAAN,EAAyB,CAAzB,CAAzB"}
1	+ {"version":3,"names":["removeNode","node","remove","parentElement","removeChild","i","length","Error","_filter","args","resolve","_filterSync","filter","processCallback","allowedTags","allowedStyles","html","doc","DOMParser","parseFromString","depthFirstForEach","body","childNodes","filterNode","indexOf","innerHTML","isElement","nodeName","toLowerCase","allowedTagNames","allowedAttributes","listAttributeNames","attributes","attrName","removeAttribute","attrValue","getNamedItem","value","trim","reparent","styles","split","map","style","styleName","Boolean","join","setAttribute","_filterEscape","_filterEscapeSync","escapeNode","before","document","createTextNode","after","parentNode","insertBefore","trimPattern","str","replace","attrNames","attr","push","name","list","fn","o","ownerDocument","undefined","nodeType","filterSync","filterEscape","filterEscapeSync"],"sources":["html.shim.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n /\n\n/ eslint-env browser /\n\nimport {curry, forEach, includes, reduce} from 'lodash';\n\nexport {escape, escapeSync} from './html-base';\n\n/\n Some browsers don't implement {@link Element#remove()} or\n * {@link NodeList#remove()} or {@link HTMLCollection#remove()}. This wrapper\n * calls the appropriate `#remove()` method if available, or falls back to a\n * non-global-polluting polyfill.\n * @param {Element\|NodeList\|HTMLCollection} node\n * @returns {undefined}\n /\nfunction removeNode(node) {\n if (node.remove) {\n node.remove();\n\n return;\n }\n\n if (node.parentElement) {\n node.parentElement.removeChild(node);\n\n return;\n }\n\n if ('length' in node) {\n for (let i = node.length - 1; i >= 0; i -= 1) {\n removeNode(node[i]);\n }\n\n return;\n }\n\n throw new Error('Could not find a way to remove node');\n}\n\n/\n @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filter(...args) {\n return new Promise((resolve) => {\n resolve(_filterSync(...args));\n });\n}\n\n/\n Curried async HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filter = curry(_filter, 4);\n\n/\n @param {function} processCallback callback function to do additional\n * processing on node. of the form process(node)\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @private\n * @returns {string}\n /\nfunction _filterSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = new DOMParser().parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n depthFirstForEach(node.childNodes, filterNode);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n } else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n } else if (attrName === 'style') {\n const styles = node.attributes\n .getNamedItem('style')\n .value.split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n } else {\n reparent(node);\n }\n }\n}\n\n/\n Same as _filter, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {Promise<string>}\n /\nfunction _filterEscape(...args) {\n return new Promise((resolve) => {\n resolve(_filterEscapeSync(...args));\n });\n}\n\n/\n Same as _filterSync, but escapes rather than removes disallowed values\n * @param {Function} processCallback\n * @param {Object} allowedTags\n * @param {Array<string>} allowedStyles\n * @param {string} html\n * @returns {string}\n /\nfunction _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {\n if (!html \|\| !allowedStyles \|\| !allowedTags) {\n if (html.length === 0) {\n return html;\n }\n\n throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');\n }\n\n const doc = new DOMParser().parseFromString(html, 'text/html');\n\n depthFirstForEach(doc.body.childNodes, filterNode);\n processCallback(doc.body);\n\n if (html.indexOf('body') === 1) {\n return `<body>${doc.body.innerHTML}</body>`;\n }\n\n return doc.body.innerHTML;\n\n /\n @param {Node} node\n * @private\n * @returns {undefined}\n /\n function filterNode(node) {\n if (!isElement(node)) {\n return;\n }\n\n depthFirstForEach(node.childNodes, filterNode);\n\n const nodeName = node.nodeName.toLowerCase();\n const allowedTagNames = Object.keys(allowedTags);\n\n if (includes(allowedTagNames, nodeName)) {\n const allowedAttributes = allowedTags[nodeName];\n\n forEach(listAttributeNames(node.attributes), (attrName) => {\n if (!includes(allowedAttributes, attrName)) {\n node.removeAttribute(attrName);\n } else if (attrName === 'href' \|\| attrName === 'src') {\n const attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();\n\n // We're doing at runtime what the no-script-url rule does at compile\n // time\n // eslint-disable-next-line no-script-url\n if (attrValue.indexOf('javascript:') === 0 \|\| attrValue.indexOf('vbscript:') === 0) {\n reparent(node);\n }\n } else if (attrName === 'style') {\n const styles = node.attributes\n .getNamedItem('style')\n .value.split(';')\n .map((style) => {\n const styleName = trim(style.split(':')[0]);\n\n if (includes(allowedStyles, styleName)) {\n return style;\n }\n\n return null;\n })\n .filter((style) => Boolean(style))\n .join(';');\n\n node.setAttribute('style', styles);\n }\n });\n } else {\n escapeNode(node);\n }\n }\n}\n\n/\n Escapes a given html node\n * @param {Node} node\n * @returns {undefined}\n /\nfunction escapeNode(node) {\n const before = document.createTextNode(`<${node.nodeName.toLowerCase()}>`);\n const after = document.createTextNode(`</${node.nodeName.toLowerCase()}>`);\n\n node.parentNode.insertBefore(before, node);\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n node.parentNode.insertBefore(after, node);\n\n removeNode(node);\n}\n\nconst trimPattern = /^\\s\|\\s$/g;\n\n/\n @param {string} str\n * @returns {string}\n /\nfunction trim(str) {\n return str.replace(trimPattern, '');\n}\n\n/\n @param {Node} node\n * @private\n * @returns {undefined}\n /\nfunction reparent(node) {\n while (node.childNodes.length > 0) {\n node.parentNode.insertBefore(node.childNodes[0], node);\n }\n removeNode(node);\n}\n\n/\n @param {NamedNodeMap} attributes\n * @private\n * @returns {Array<string>}\n /\nfunction listAttributeNames(attributes) {\n return reduce(\n attributes,\n (attrNames, attr) => {\n attrNames.push(attr.name);\n\n return attrNames;\n },\n []\n );\n}\n\n/\n @param {Array} list\n * @param {Function} fn\n * @private\n * @returns {undefined}\n /\nfunction depthFirstForEach(list, fn) {\n for (let i = list.length; i >= 0; i -= 1) {\n fn(list[i]);\n }\n}\n\n/\n @param {Node} o\n * @private\n * @returns {Boolean}\n /\nfunction isElement(o) {\n if (!o) {\n return false;\n }\n\n if (o.ownerDocument === undefined) {\n return false;\n }\n\n if (o.nodeType !== 1) {\n return false;\n }\n\n if (typeof o.nodeName !== 'string') {\n return false;\n }\n\n return true;\n}\n\n/\n Curried HTML filter.\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n /\nexport const filterSync = curry(_filterSync, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {Promise<string>}\n /\nexport const filterEscape = curry(_filterEscape, 4);\n\n/\n Curried HTML filter that escapes rather than removes disallowed tags\n * @param {Object} allowedTags Map of tagName -> array of allowed attributes\n * @param {Array<string>} allowedStyles Array of allowed styles\n * @param {string} html html to filter\n * @returns {string}\n */\nexport const filterEscapeSync = curry(_filterEscapeSync, 4);\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAQA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,UAAU,CAACC,IAAI,EAAE;EACxB,IAAIA,IAAI,CAACC,MAAM,EAAE;IACfD,IAAI,CAACC,MAAM,EAAE;IAEb;EACF;EAEA,IAAID,IAAI,CAACE,aAAa,EAAE;IACtBF,IAAI,CAACE,aAAa,CAACC,WAAW,CAACH,IAAI,CAAC;IAEpC;EACF;EAEA,IAAI,QAAQ,IAAIA,IAAI,EAAE;IACpB,KAAK,IAAII,CAAC,GAAGJ,IAAI,CAACK,MAAM,GAAG,CAAC,EAAED,CAAC,IAAI,CAAC,EAAEA,CAAC,IAAI,CAAC,EAAE;MAC5CL,UAAU,CAACC,IAAI,CAACI,CAAC,CAAC,CAAC;IACrB;IAEA;EACF;EAEA,MAAM,IAAIE,KAAK,CAAC,qCAAqC,CAAC;AACxD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASC,OAAO,GAAU;EAAA,kCAANC,IAAI;IAAJA,IAAI;EAAA;EACtB,OAAO,qBAAY,UAACC,OAAO,EAAK;IAC9BA,OAAO,CAACC,WAAW,eAAIF,IAAI,CAAC,CAAC;EAC/B,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,IAAMG,MAAM,GAAG,qBAAMJ,OAAO,EAAE,CAAC,CAAC;;AAEvC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AARA;AASA,SAASG,WAAW,CAACE,eAAe,EAAEC,WAAW,EAAEC,aAAa,EAAEC,IAAI,EAAE;EACtE,IAAI,CAACA,IAAI,IAAI,CAACD,aAAa,IAAI,CAACD,WAAW,EAAE;IAC3C,IAAIE,IAAI,CAACV,MAAM,KAAK,CAAC,EAAE;MACrB,OAAOU,IAAI;IACb;IAEA,MAAM,IAAIT,KAAK,CAAC,6DAA6D,CAAC;EAChF;EAEA,IAAMU,GAAG,GAAG,IAAIC,SAAS,EAAE,CAACC,eAAe,CAACH,IAAI,EAAE,WAAW,CAAC;EAE9DI,iBAAiB,CAACH,GAAG,CAACI,IAAI,CAACC,UAAU,EAAEC,UAAU,CAAC;EAClDV,eAAe,CAACI,GAAG,CAACI,IAAI,CAAC;EAEzB,IAAIL,IAAI,CAACQ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE;IAC9B,uBAAgBP,GAAG,CAACI,IAAI,CAACI,SAAS;EACpC;EAEA,OAAOR,GAAG,CAACI,IAAI,CAACI,SAAS;;EAEzB;AACF;AACA;AACA;AACA;EACE,SAASF,UAAU,CAACtB,IAAI,EAAE;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAI,CAAC,EAAE;MACpB;IACF;IAEA,IAAM0B,QAAQ,GAAG1B,IAAI,CAAC0B,QAAQ,CAACC,WAAW,EAAE;IAC5C,IAAMC,eAAe,GAAG,mBAAYf,WAAW,CAAC;IAEhDM,iBAAiB,CAACnB,IAAI,CAACqB,UAAU,EAAEC,UAAU,CAAC;IAE9C,IAAI,wBAASM,eAAe,EAAEF,QAAQ,CAAC,EAAE;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAQ,CAAC;MAE/C,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAU,CAAC,EAAE,UAACC,QAAQ,EAAK;QACzD,IAAI,CAAC,wBAASH,iBAAiB,EAAEG,QAAQ,CAAC,EAAE;UAC1ChC,IAAI,CAACiC,eAAe,CAACD,QAAQ,CAAC;QAChC,CAAC,MAAM,IAAIA,QAAQ,KAAK,MAAM,IAAIA,QAAQ,KAAK,KAAK,EAAE;UACpD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAU,CAACI,YAAY,CAACH,QAAQ,CAAC,CAACI,KAAK,CAACC,IAAI,EAAE,CAACV,WAAW,EAAE;;UAEnF;UACA;UACA;UACA,IAAIO,SAAS,CAACX,OAAO,CAAC,aAAa,CAAC,KAAK,CAAC,IAAIW,SAAS,CAACX,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE;YAClFe,QAAQ,CAACtC,IAAI,CAAC;UAChB;QACF,CAAC,MAAM,IAAIgC,QAAQ,KAAK,OAAO,EAAE;UAC/B,IAAMO,MAAM,GAAGvC,IAAI,CAAC+B,UAAU,CAC3BI,YAAY,CAAC,OAAO,CAAC,CACrBC,KAAK,CAACI,KAAK,CAAC,GAAG,CAAC,CAChBC,GAAG,CAAC,UAACC,KAAK,EAAK;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAE3C,IAAI,wBAAS1B,aAAa,EAAE6B,SAAS,CAAC,EAAE;cACtC,OAAOD,KAAK;YACd;YAEA,OAAO,IAAI;UACb,CAAC,CAAC,CACD/B,MAAM,CAAC,UAAC+B,KAAK;YAAA,OAAKE,OAAO,CAACF,KAAK,CAAC;UAAA,EAAC,CACjCG,IAAI,CAAC,GAAG,CAAC;UAEZ7C,IAAI,CAAC8C,YAAY,CAAC,OAAO,EAAEP,MAAM,CAAC;QACpC;MACF,CAAC,CAAC;IACJ,CAAC,MAAM;MACLD,QAAQ,CAACtC,IAAI,CAAC;IAChB;EACF;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS+C,aAAa,GAAU;EAAA,mCAANvC,IAAI;IAAJA,IAAI;EAAA;EAC5B,OAAO,qBAAY,UAACC,OAAO,EAAK;IAC9BA,OAAO,CAACuC,iBAAiB,eAAIxC,IAAI,CAAC,CAAC;EACrC,CAAC,CAAC;AACJ;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAASwC,iBAAiB,CAACpC,eAAe,EAAEC,WAAW,EAAEC,aAAa,EAAEC,IAAI,EAAE;EAC5E,IAAI,CAACA,IAAI,IAAI,CAACD,aAAa,IAAI,CAACD,WAAW,EAAE;IAC3C,IAAIE,IAAI,CAACV,MAAM,KAAK,CAAC,EAAE;MACrB,OAAOU,IAAI;IACb;IAEA,MAAM,IAAIT,KAAK,CAAC,6DAA6D,CAAC;EAChF;EAEA,IAAMU,GAAG,GAAG,IAAIC,SAAS,EAAE,CAACC,eAAe,CAACH,IAAI,EAAE,WAAW,CAAC;EAE9DI,iBAAiB,CAACH,GAAG,CAACI,IAAI,CAACC,UAAU,EAAEC,UAAU,CAAC;EAClDV,eAAe,CAACI,GAAG,CAACI,IAAI,CAAC;EAEzB,IAAIL,IAAI,CAACQ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE;IAC9B,uBAAgBP,GAAG,CAACI,IAAI,CAACI,SAAS;EACpC;EAEA,OAAOR,GAAG,CAACI,IAAI,CAACI,SAAS;;EAEzB;AACF;AACA;AACA;AACA;EACE,SAASF,UAAU,CAACtB,IAAI,EAAE;IACxB,IAAI,CAACyB,SAAS,CAACzB,IAAI,CAAC,EAAE;MACpB;IACF;IAEAmB,iBAAiB,CAACnB,IAAI,CAACqB,UAAU,EAAEC,UAAU,CAAC;IAE9C,IAAMI,QAAQ,GAAG1B,IAAI,CAAC0B,QAAQ,CAACC,WAAW,EAAE;IAC5C,IAAMC,eAAe,GAAG,mBAAYf,WAAW,CAAC;IAEhD,IAAI,wBAASe,eAAe,EAAEF,QAAQ,CAAC,EAAE;MACvC,IAAMG,iBAAiB,GAAGhB,WAAW,CAACa,QAAQ,CAAC;MAE/C,uBAAQI,kBAAkB,CAAC9B,IAAI,CAAC+B,UAAU,CAAC,EAAE,UAACC,QAAQ,EAAK;QACzD,IAAI,CAAC,wBAASH,iBAAiB,EAAEG,QAAQ,CAAC,EAAE;UAC1ChC,IAAI,CAACiC,eAAe,CAACD,QAAQ,CAAC;QAChC,CAAC,MAAM,IAAIA,QAAQ,KAAK,MAAM,IAAIA,QAAQ,KAAK,KAAK,EAAE;UACpD,IAAME,SAAS,GAAGlC,IAAI,CAAC+B,UAAU,CAACI,YAAY,CAACH,QAAQ,CAAC,CAACI,KAAK,CAACT,WAAW,EAAE;;UAE5E;UACA;UACA;UACA,IAAIO,SAAS,CAACX,OAAO,CAAC,aAAa,CAAC,KAAK,CAAC,IAAIW,SAAS,CAACX,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE;YAClFe,QAAQ,CAACtC,IAAI,CAAC;UAChB;QACF,CAAC,MAAM,IAAIgC,QAAQ,KAAK,OAAO,EAAE;UAC/B,IAAMO,MAAM,GAAGvC,IAAI,CAAC+B,UAAU,CAC3BI,YAAY,CAAC,OAAO,CAAC,CACrBC,KAAK,CAACI,KAAK,CAAC,GAAG,CAAC,CAChBC,GAAG,CAAC,UAACC,KAAK,EAAK;YACd,IAAMC,SAAS,GAAGN,IAAI,CAACK,KAAK,CAACF,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAE3C,IAAI,wBAAS1B,aAAa,EAAE6B,SAAS,CAAC,EAAE;cACtC,OAAOD,KAAK;YACd;YAEA,OAAO,IAAI;UACb,CAAC,CAAC,CACD/B,MAAM,CAAC,UAAC+B,KAAK;YAAA,OAAKE,OAAO,CAACF,KAAK,CAAC;UAAA,EAAC,CACjCG,IAAI,CAAC,GAAG,CAAC;UAEZ7C,IAAI,CAAC8C,YAAY,CAAC,OAAO,EAAEP,MAAM,CAAC;QACpC;MACF,CAAC,CAAC;IACJ,CAAC,MAAM;MACLU,UAAU,CAACjD,IAAI,CAAC;IAClB;EACF;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA,SAASiD,UAAU,CAACjD,IAAI,EAAE;EACxB,IAAMkD,MAAM,GAAGC,QAAQ,CAACC,cAAc,YAAKpD,IAAI,CAAC0B,QAAQ,CAACC,WAAW,EAAE,OAAI;EAC1E,IAAM0B,KAAK,GAAGF,QAAQ,CAACC,cAAc,aAAMpD,IAAI,CAAC0B,QAAQ,CAACC,WAAW,EAAE,OAAI;EAE1E3B,IAAI,CAACsD,UAAU,CAACC,YAAY,CAACL,MAAM,EAAElD,IAAI,CAAC;EAC1C,OAAOA,IAAI,CAACqB,UAAU,CAAChB,MAAM,GAAG,CAAC,EAAE;IACjCL,IAAI,CAACsD,UAAU,CAACC,YAAY,CAACvD,IAAI,CAACqB,UAAU,CAAC,CAAC,CAAC,EAAErB,IAAI,CAAC;EACxD;EACAA,IAAI,CAACsD,UAAU,CAACC,YAAY,CAACF,KAAK,EAAErD,IAAI,CAAC;EAEzCD,UAAU,CAACC,IAAI,CAAC;AAClB;AAEA,IAAMwD,WAAW,GAAG,UAAU;;AAE9B;AACA;AACA;AACA;AACA,SAASnB,IAAI,CAACoB,GAAG,EAAE;EACjB,OAAOA,GAAG,CAACC,OAAO,CAACF,WAAW,EAAE,EAAE,CAAC;AACrC;;AAEA;AACA;AACA;AACA;AACA;AACA,SAASlB,QAAQ,CAACtC,IAAI,EAAE;EACtB,OAAOA,IAAI,CAACqB,UAAU,CAAChB,MAAM,GAAG,CAAC,EAAE;IACjCL,IAAI,CAACsD,UAAU,CAACC,YAAY,CAACvD,IAAI,CAACqB,UAAU,CAAC,CAAC,CAAC,EAAErB,IAAI,CAAC;EACxD;EACAD,UAAU,CAACC,IAAI,CAAC;AAClB;;AAEA;AACA;AACA;AACA;AACA;AACA,SAAS8B,kBAAkB,CAACC,UAAU,EAAE;EACtC,OAAO,sBACLA,UAAU,EACV,UAAC4B,SAAS,EAAEC,IAAI,EAAK;IACnBD,SAAS,CAACE,IAAI,CAACD,IAAI,CAACE,IAAI,CAAC;IAEzB,OAAOH,SAAS;EAClB,CAAC,EACD,EAAE,CACH;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASxC,iBAAiB,CAAC4C,IAAI,EAAEC,EAAE,EAAE;EACnC,KAAK,IAAI5D,CAAC,GAAG2D,IAAI,CAAC1D,MAAM,EAAED,CAAC,IAAI,CAAC,EAAEA,CAAC,IAAI,CAAC,EAAE;IACxC4D,EAAE,CAACD,IAAI,CAAC3D,CAAC,CAAC,CAAC;EACb;AACF;;AAEA;AACA;AACA;AACA;AACA;AACA,SAASqB,SAAS,CAACwC,CAAC,EAAE;EACpB,IAAI,CAACA,CAAC,EAAE;IACN,OAAO,KAAK;EACd;EAEA,IAAIA,CAAC,CAACC,aAAa,KAAKC,SAAS,EAAE;IACjC,OAAO,KAAK;EACd;EAEA,IAAIF,CAAC,CAACG,QAAQ,KAAK,CAAC,EAAE;IACpB,OAAO,KAAK;EACd;EAEA,IAAI,OAAOH,CAAC,CAACvC,QAAQ,KAAK,QAAQ,EAAE;IAClC,OAAO,KAAK;EACd;EAEA,OAAO,IAAI;AACb;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,IAAM2C,UAAU,GAAG,qBAAM3D,WAAW,EAAE,CAAC,CAAC;;AAE/C;AACA;AACA;AACA;AACA;AACA;AACA;AANA;AAOO,IAAM4D,YAAY,GAAG,qBAAMvB,aAAa,EAAE,CAAC,CAAC;;AAEnD;AACA;AACA;AACA;AACA;AACA;AACA;AANA;AAOO,IAAMwB,gBAAgB,GAAG,qBAAMvB,iBAAiB,EAAE,CAAC,CAAC;AAAC"}

package/dist/index.js CHANGED Viewed

@@ -1,52 +1,44 @@
 "use strict";
 var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
 _Object$defineProperty(exports, "__esModule", {
   value: true
 });
 _Object$defineProperty(exports, "escape", {
   enumerable: true,
   get: function get() {
     return _html.escape;
   }
 });
 _Object$defineProperty(exports, "escapeSync", {
   enumerable: true,
   get: function get() {
     return _html.escapeSync;
   }
 });
 _Object$defineProperty(exports, "filter", {
   enumerable: true,
   get: function get() {
     return _html.filter;
   }
 });
 _Object$defineProperty(exports, "filterEscape", {
   enumerable: true,
   get: function get() {
     return _html.filterEscape;
   }
 });
 _Object$defineProperty(exports, "filterEscapeSync", {
   enumerable: true,
   get: function get() {
     return _html.filterEscapeSync;
   }
 });
 _Object$defineProperty(exports, "filterSync", {
   enumerable: true,
   get: function get() {
     return _html.filterSync;
   }
 });
 var _html = require("./html");
 //# sourceMappingURL=index.js.map

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":[],"sources":["index.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nexport {escape, escapeSync, filter, filterSync, filterEscape, filterEscapeSync} from './html';\n"],"mappings":"~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~AAIA"}
1	+ {"version":3,"names":[],"sources":["index.js"],"sourcesContent":["/!\n Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nexport {escape, escapeSync, filter, filterSync, filterEscape, filterEscapeSync} from './html';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAIA"}

package/dist/types/html-base.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Escapes HTML
+ * @param {[type]} html
+ * @returns {[type]}
+ */
+export function escape(html: [type]): [type];
+/**
+ * Synchronously escape HTML
+ * @param {[type]} html
+ * @returns {[type]}
+ */
+export function escapeSync(html: [type]): [type];

package/dist/types/html.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export const filter: import("lodash").CurriedFunction1<any, string>;
+export const filterSync: import("lodash").CurriedFunction4<Function, any, string[], string, string>;
+export const filterEscape: import("lodash").CurriedFunction1<any, string>;
+export const filterEscapeSync: import("lodash").CurriedFunction4<Function, any, string[], string, string>;
+export { escape, escapeSync } from "./html-base";

package/dist/types/html.shim.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * Curried async HTML filter.
+ * @param {Object} allowedTags Map of tagName -> array of allowed attributes
+ * @param {Array<string>} allowedStyles Array of allowed styles
+ * @param {string} html html to filter
+ * @returns {string}
+ */
+export const filter: import("lodash").CurriedFunction1<any, string>;
+/**
+ * Curried HTML filter.
+ * @param {Object} allowedTags Map of tagName -> array of allowed attributes
+ * @param {Array<string>} allowedStyles Array of allowed styles
+ * @param {string} html html to filter
+ * @returns {string}
+ */
+export const filterSync: import("lodash").CurriedFunction4<Function, any, string[], string, string>;
+/**
+ * Curried HTML filter that escapes rather than removes disallowed tags
+ * @param {Object} allowedTags Map of tagName -> array of allowed attributes
+ * @param {Array<string>} allowedStyles Array of allowed styles
+ * @param {string} html html to filter
+ * @returns {Promise<string>}
+ */
+export const filterEscape: import("lodash").CurriedFunction1<any, Promise<string>>;
+/**
+ * Curried HTML filter that escapes rather than removes disallowed tags
+ * @param {Object} allowedTags Map of tagName -> array of allowed attributes
+ * @param {Array<string>} allowedStyles Array of allowed styles
+ * @param {string} html html to filter
+ * @returns {string}
+ */
+export const filterEscapeSync: import("lodash").CurriedFunction4<Function, any, string[], string, string>;
+export { escape, escapeSync } from "./html-base";

package/dist/types/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { escape, escapeSync, filter, filterSync, filterEscape, filterEscapeSync } from "./html";

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@webex/helper-html",
-  "version": "3.0.0-beta.8",
+  "version": "3.0.0-bnr.0",
   "description": "HTML Utiltities",
   "license": "MIT",
   "main": "dist/index.js",
@@ -24,11 +24,11 @@
     ]
   },
   "devDependencies": {
-    "@webex/test-helper-chai": "3.0.0-beta.8",
-    "@webex/test-helper-mocha": "3.0.0-beta.8"
+    "@webex/test-helper-chai": "3.0.0-bnr.0",
+    "@webex/test-helper-mocha": "3.0.0-bnr.0"
   },
   "dependencies": {
-    "@webex/helper-html": "3.0.0-beta.8",
+    "@webex/helper-html": "3.0.0-bnr.0",
     "lodash": "^4.17.21"
   }
 }

package/src/html.shim.js CHANGED Viewed

@@ -80,7 +80,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
     throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');
   }
-  const doc = (new DOMParser()).parseFromString(html, 'text/html');
+  const doc = new DOMParser().parseFromString(html, 'text/html');
   depthFirstForEach(doc.body.childNodes, filterNode);
   processCallback(doc.body);
@@ -112,8 +112,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
       forEach(listAttributeNames(node.attributes), (attrName) => {
         if (!includes(allowedAttributes, attrName)) {
           node.removeAttribute(attrName);
-        }
-        else if (attrName === 'href' || attrName === 'src') {
+        } else if (attrName === 'href' || attrName === 'src') {
           const attrValue = node.attributes.getNamedItem(attrName).value.trim().toLowerCase();
           // We're doing at runtime what the no-script-url rule does at compile
@@ -122,13 +121,10 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
           if (attrValue.indexOf('javascript:') === 0 || attrValue.indexOf('vbscript:') === 0) {
             reparent(node);
           }
-        }
-        else if (attrName === 'style') {
-          const styles = node
-            .attributes
+        } else if (attrName === 'style') {
+          const styles = node.attributes
             .getNamedItem('style')
-            .value
-            .split(';')
+            .value.split(';')
             .map((style) => {
               const styleName = trim(style.split(':')[0]);
@@ -144,8 +140,7 @@ function _filterSync(processCallback, allowedTags, allowedStyles, html) {
           node.setAttribute('style', styles);
         }
       });
-    }
-    else {
+    } else {
       reparent(node);
     }
   }
@@ -182,7 +177,7 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
     throw new Error('`allowedTags`, `allowedStyles`, and `html` must be provided');
   }
-  const doc = (new DOMParser()).parseFromString(html, 'text/html');
+  const doc = new DOMParser().parseFromString(html, 'text/html');
   depthFirstForEach(doc.body.childNodes, filterNode);
   processCallback(doc.body);
@@ -214,8 +209,7 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
       forEach(listAttributeNames(node.attributes), (attrName) => {
         if (!includes(allowedAttributes, attrName)) {
           node.removeAttribute(attrName);
-        }
-        else if (attrName === 'href' || attrName === 'src') {
+        } else if (attrName === 'href' || attrName === 'src') {
           const attrValue = node.attributes.getNamedItem(attrName).value.toLowerCase();
           // We're doing at runtime what the no-script-url rule does at compile
@@ -224,13 +218,10 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
           if (attrValue.indexOf('javascript:') === 0 || attrValue.indexOf('vbscript:') === 0) {
             reparent(node);
           }
-        }
-        else if (attrName === 'style') {
-          const styles = node
-            .attributes
+        } else if (attrName === 'style') {
+          const styles = node.attributes
             .getNamedItem('style')
-            .value
-            .split(';')
+            .value.split(';')
             .map((style) => {
               const styleName = trim(style.split(':')[0]);
@@ -246,8 +237,7 @@ function _filterEscapeSync(processCallback, allowedTags, allowedStyles, html) {
           node.setAttribute('style', styles);
         }
       });
-    }
-    else {
+    } else {
       escapeNode(node);
     }
   }
@@ -299,11 +289,15 @@ function reparent(node) {
  * @returns {Array<string>}
  */
 function listAttributeNames(attributes) {
-  return reduce(attributes, (attrNames, attr) => {
-    attrNames.push(attr.name);
-    return attrNames;
-  }, []);
+  return reduce(
+    attributes,
+    (attrNames, attr) => {
+      attrNames.push(attr.name);
+      return attrNames;
+    },
+    []
+  );
 }
 /**

package/test/unit/spec/html.js CHANGED Viewed

@@ -9,7 +9,7 @@ import {
   filter,
   filterSync,
   filterEscape,
-  filterEscapeSync
+  filterEscapeSync,
 } from '@webex/helper-html';
 import {skipInNode} from '@webex/test-helper-mocha';
@@ -29,7 +29,7 @@ skipInNode(describe)('html', () => {
     span: ['style'],
     ul: ['style'],
     body: ['style', 'xmlns', 'xml:lang'],
-    'webex-mention': ['data-object-id', 'data-object-type']
+    'webex-mention': ['data-object-id', 'data-object-type'],
   };
   const allowedStyles = [
@@ -42,7 +42,7 @@ skipInNode(describe)('html', () => {
     'margin-left',
     'margin-right',
     'text-align',
-    'text-decoration'
+    'text-decoration',
   ];
   /**
@@ -58,12 +58,15 @@ skipInNode(describe)('html', () => {
   const cfilterEscapeSync = filterEscapeSync(noop, allowedTags, allowedStyles);
   describe('#filter()', () => {
-    it('sanitizes trivial html', () => cfilter('<p data-test="5"><em>foo</em></p>')
-      .then((result) => assert.deepEqual(result, '<p><em>foo</em></p>')));
+    it('sanitizes trivial html', () =>
+      cfilter('<p data-test="5"><em>foo</em></p>').then((result) =>
+        assert.deepEqual(result, '<p><em>foo</em></p>')
+      ));
   });
   describe('#filterSync()', () => {
-    it('sanitizes trivial html', () => assert.deepEqual(cfilterSync('<p data-test="5"><em>foo</em></p>'), '<p><em>foo</em></p>'));
+    it('sanitizes trivial html', () =>
+      assert.deepEqual(cfilterSync('<p data-test="5"><em>foo</em></p>'), '<p><em>foo</em></p>'));
   });
   [
@@ -72,147 +75,154 @@ skipInNode(describe)('html', () => {
       // emptry string
       it: 'accepts blank strings',
       input: '',
-      output: ''
+      output: '',
     },
     {
       it: 'allows custom tags',
-      input: '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>',
-      output: '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>'
+      input:
+        '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>',
+      output:
+        '<webex-mention data-object-id="88888888-4444-4444-4444-AAAAAAAAAAAA">John Doe</webex-mention>',
     },
     {
       it: 'filters tags',
-      input: '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
-      output: '<p>text1<em>text2</em>text3text4<strong>text5</strong>text6</p>'
+      input:
+        '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
+      output: '<p>text1<em>text2</em>text3text4<strong>text5</strong>text6</p>',
     },
     {
       it: 'filters attributes',
       input: '<p remove="me" style="font-size:large"><em>foo</em></p>',
-      output: /<p style="font-size:\s?large;?"><em>foo<\/em><\/p>/
+      output: /<p style="font-size:\s?large;?"><em>foo<\/em><\/p>/,
     },
     {
       it: 'filters styles',
       input: '<p style="color:red;remove:me;font-size:large"><em>foo</em></p>',
-      output: /<p style="color:\s?red;\s?font-size:\s?large;?"><em>foo<\/em><\/p>/
+      output: /<p style="color:\s?red;\s?font-size:\s?large;?"><em>foo<\/em><\/p>/,
     },
     {
       it: 'filters child attributes',
       input: '<body><span bcd="abc" style="font-size:large"><p><em>foo</em></p></span></body>',
-      output: /<body><span style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/span><\/body>/
+      output: /<body><span style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/span><\/body>/,
     },
     {
       it: 'filters disallowed attributes from allowed tags',
       input: '<strong style="font-size:large"><span>text</span></strong>',
-      output: '<strong><span>text</span></strong>'
+      output: '<strong><span>text</span></strong>',
     },
     {
       it: 'filters javascript: from a href',
       input: '<p><a href="javascript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'filters javascript: from a href (mixed case)',
       input: '<p><a href="JavaScript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'filters vbscript: from a href',
       input: '<p><a href="vbscript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'filters vbscript: from a href (mixed case)',
       input: '<p><a href="VBScript:window.close(); return false">click here</a></p>',
-      output: '<p>click here</p>'
+      output: '<p>click here</p>',
     },
     {
       it: 'does not filter arbitrary strings from a href',
       input: '<p><a href="window.close(); return false">click here</a></p>',
-      output: '<p><a href="window.close(); return false">click here</a></p>'
+      output: '<p><a href="window.close(); return false">click here</a></p>',
     },
     {
       it: 'filters javascript: from img src',
       input: '<p><img src="javascript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'filters javascript: from img src (mixed case)',
       input: '<p><img src="javaScript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'filters vbscript: from img src',
       input: '<p><img src="vbscript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'filters vbscript: from img src (mixed case)',
       input: '<p><img src="VBScript:window.close(); return false">foo</img>bar</p>',
-      output: '<p>foobar</p>'
+      output: '<p>foobar</p>',
     },
     {
       it: 'does not filter arbitrary strings from img src',
       input: '<p><img src="window.close(); return false">foo</img></p>',
-      output: '<p><img src="window.close(); return false">foo</p>'
+      output: '<p><img src="window.close(); return false">foo</p>',
     },
     {
       it: 'correctly cleans nested a/img tags with javscript: href/src',
-      input: '<p><a href="javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src="javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
-      output: '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>'
+      input:
+        '<p><a href="javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src="javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
+      output:
+        '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>',
     },
     {
       it: 'correctly cleans nested a/img tags with javscript: href/src, even cleverly obfuscated with whitespace',
-      input: '<p><a href=" javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src=" javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
-      output: '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>'
+      input:
+        '<p><a href=" javascript:window.close()">Click here<img src="http://example.com/img">bar</img></a> for something with <a href="http://www.cisco.com/">MORE<img src=" javascript:window.location=`http://www.cisco.com`">of my</img>MOJO</a></p>',
+      output:
+        '<p>Click here<img src="http://example.com/img">bar for something with <a href="http://www.cisco.com/">MOREof myMOJO</a></p>',
     },
     {
       it: 'handles weirder nesting',
-      input: '<p>text</p><div><p>text0</p><div style="font-size: large;"><span>text1</span><span>text2</span><script></script></div></div>',
-      output: '<p>text</p><p>text0</p><span>text1</span><span>text2</span>'
+      input:
+        '<p>text</p><div><p>text0</p><div style="font-size: large;"><span>text1</span><span>text2</span><script></script></div></div>',
+      output: '<p>text</p><p>text0</p><span>text1</span><span>text2</span>',
     },
     {
       it: 'filters bad html from unwrapped strings',
       input: 'Hi <script></script><em style="font-size:large;">Steve</em>',
-      output: 'Hi <em>Steve</em>'
+      output: 'Hi <em>Steve</em>',
     },
     {
       it: 'filters disallowed attributes from a href',
       input: '<a remove="me" href="http://www.jabber.org/"><p><em>foo</em></p></a>',
-      output: '<a href="http://www.jabber.org/"><p><em>foo</em></p></a>'
+      output: '<a href="http://www.jabber.org/"><p><em>foo</em></p></a>',
     },
     {
       it: 'filters disallowed attributes from a style',
       input: '<a remove="me" style="font-size:large"><p><em>foo</em></p></a>',
-      output: /<a style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/a>/
+      output: /<a style="font-size:\s?large;?"><p><em>foo<\/em><\/p><\/a>/,
     },
     {
       it: 'filters disallowed attributes from a type',
       input: '<a remove="me" type="stuff"><p><em>foo</em></p></a>',
-      output: '<a type="stuff"><p><em>foo</em></p></a>'
+      output: '<a type="stuff"><p><em>foo</em></p></a>',
     },
     {
       it: 'filters disallowed attributes from img src',
       input: '<img remove="me" src="http://www.xmpp.org/images/psa-license.jpg">bar</img>',
-      output: '<img src="http://www.xmpp.org/images/psa-license.jpg">bar'
+      output: '<img src="http://www.xmpp.org/images/psa-license.jpg">bar',
     },
     {
       it: 'filters disallowed attributes from img alt',
       input: '<img remove="me" alt="A License to Jabber">bar</img>',
-      output: '<img alt="A License to Jabber">bar'
+      output: '<img alt="A License to Jabber">bar',
     },
     {
       it: 'filters disallowed attributes from img height',
       input: '<img remove="me" height="261">bar</img>',
-      output: '<img height="261">bar'
+      output: '<img height="261">bar',
     },
     {
       it: 'filters disallowed attributes from img width',
       input: '<img remove="me" width="537">bar</img>',
-      output: '<img width="537">bar'
-    }
+      output: '<img width="537">bar',
+    },
   ].forEach((def) => {
     describe('#filter()', () => {
-      it(def.it, () => cfilter(def.input)
-        .then((out) => assert.match(out, def.output)));
+      it(def.it, () => cfilter(def.input).then((out) => assert.match(out, def.output)));
     });
     describe('#filterSync()', () => {
@@ -222,14 +232,15 @@ skipInNode(describe)('html', () => {
     });
   });
-  [{
-    it: 'escapes html',
-    input: 'This is an <b>invalid</b> tag',
-    output: 'This is an &lt;b&gt;invalid&lt;/b&gt; tag'
-  }].forEach((def) => {
+  [
+    {
+      it: 'escapes html',
+      input: 'This is an <b>invalid</b> tag',
+      output: 'This is an &lt;b&gt;invalid&lt;/b&gt; tag',
+    },
+  ].forEach((def) => {
     describe('#escape()', () => {
-      it(def.it, () => escape(def.input)
-        .then((result) => assert.deepEqual(result, def.output)));
+      it(def.it, () => escape(def.input).then((result) => assert.deepEqual(result, def.output)));
     });
     describe('#escapeSync()', () => {
@@ -243,24 +254,27 @@ skipInNode(describe)('html', () => {
     {
       it: 'escapes invalid tags',
       input: '<bar>text1<em>text2</em>text3</bar>',
-      output: '&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;'
+      output: '&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;',
     },
     {
       it: 'escapes deeply nested invalid tags',
-      input: '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
-      output: '<p>&lt;remove-me&gt;&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;text4&lt;/remove-me&gt;<strong>text5</strong>text6</p>'
+      input:
+        '<p><remove-me><bar>text1<em>text2</em>text3</bar>text4</remove-me><strong>text5</strong>text6</p>',
+      output:
+        '<p>&lt;remove-me&gt;&lt;bar&gt;text1<em>text2</em>text3&lt;/bar&gt;text4&lt;/remove-me&gt;<strong>text5</strong>text6</p>',
     },
     {
       it: 'esapes special characters',
       input: '<b>&<</b>',
-      output: '<b>&amp;&lt;</b>'
-    }
+      output: '<b>&amp;&lt;</b>',
+    },
   ].forEach((def) => {
     describe('#filterEscape()', () => {
-      it(def.it, () => cfilterEscape(def.input)
-        .then((out) => {
+      it(def.it, () =>
+        cfilterEscape(def.input).then((out) => {
           assert.match(out, def.output);
-        }));
+        })
+      );
     });
     describe('#filterEscapeSync()', () => {