@whitesev/domutils 1.5.0 → 1.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.amd.js +20 -4
- package/dist/index.amd.js.map +1 -1
- package/dist/index.cjs.js +20 -4
- package/dist/index.cjs.js.map +1 -1
- package/dist/index.esm.js +20 -4
- package/dist/index.esm.js.map +1 -1
- package/dist/index.iife.js +20 -4
- package/dist/index.iife.js.map +1 -1
- package/dist/index.system.js +20 -4
- package/dist/index.system.js.map +1 -1
- package/dist/index.umd.js +20 -4
- package/dist/index.umd.js.map +1 -1
- package/dist/types/src/DOMUtilsCommonUtils.d.ts +4 -0
- package/package.json +1 -1
- package/src/DOMUtils.ts +16 -4
- package/src/DOMUtilsCommonUtils.ts +16 -14
package/dist/index.esm.js
CHANGED
|
@@ -55,6 +55,22 @@ const DOMUtilsCommonUtils = {
|
|
|
55
55
|
isShow(element) {
|
|
56
56
|
return Boolean(element.getClientRects().length);
|
|
57
57
|
},
|
|
58
|
+
/**
|
|
59
|
+
* 获取安全的html
|
|
60
|
+
*/
|
|
61
|
+
getSafeHTML(text) {
|
|
62
|
+
// @ts-ignore
|
|
63
|
+
if (globalThis.trustedTypes) {
|
|
64
|
+
// @ts-ignore
|
|
65
|
+
const policy = globalThis.trustedTypes.createPolicy("safe-innerHTML", {
|
|
66
|
+
createHTML: (html) => html,
|
|
67
|
+
});
|
|
68
|
+
return policy.createHTML(text);
|
|
69
|
+
}
|
|
70
|
+
else {
|
|
71
|
+
return text;
|
|
72
|
+
}
|
|
73
|
+
},
|
|
58
74
|
/**
|
|
59
75
|
* 在CSP策略下设置innerHTML
|
|
60
76
|
* @param $el 元素
|
|
@@ -1624,7 +1640,7 @@ class DOMUtils extends DOMUtilsEvent {
|
|
|
1624
1640
|
}
|
|
1625
1641
|
function elementAppendChild(ele, text) {
|
|
1626
1642
|
if (typeof content === "string") {
|
|
1627
|
-
ele.insertAdjacentHTML("beforeend", text);
|
|
1643
|
+
ele.insertAdjacentHTML("beforeend", DOMUtilsCommonUtils.getSafeHTML(text));
|
|
1628
1644
|
}
|
|
1629
1645
|
else {
|
|
1630
1646
|
ele.appendChild(text);
|
|
@@ -1670,7 +1686,7 @@ class DOMUtils extends DOMUtilsEvent {
|
|
|
1670
1686
|
return;
|
|
1671
1687
|
}
|
|
1672
1688
|
if (typeof content === "string") {
|
|
1673
|
-
element.insertAdjacentHTML("afterbegin", content);
|
|
1689
|
+
element.insertAdjacentHTML("afterbegin", DOMUtilsCommonUtils.getSafeHTML(content));
|
|
1674
1690
|
}
|
|
1675
1691
|
else {
|
|
1676
1692
|
let $firstChild = element.firstChild;
|
|
@@ -1707,7 +1723,7 @@ class DOMUtils extends DOMUtilsEvent {
|
|
|
1707
1723
|
return;
|
|
1708
1724
|
}
|
|
1709
1725
|
if (typeof content === "string") {
|
|
1710
|
-
element.insertAdjacentHTML("afterend", content);
|
|
1726
|
+
element.insertAdjacentHTML("afterend", DOMUtilsCommonUtils.getSafeHTML(content));
|
|
1711
1727
|
}
|
|
1712
1728
|
else {
|
|
1713
1729
|
let $parent = element.parentElement;
|
|
@@ -1746,7 +1762,7 @@ class DOMUtils extends DOMUtilsEvent {
|
|
|
1746
1762
|
return;
|
|
1747
1763
|
}
|
|
1748
1764
|
if (typeof content === "string") {
|
|
1749
|
-
element.insertAdjacentHTML("beforebegin", content);
|
|
1765
|
+
element.insertAdjacentHTML("beforebegin", DOMUtilsCommonUtils.getSafeHTML(content));
|
|
1750
1766
|
}
|
|
1751
1767
|
else {
|
|
1752
1768
|
let $parent = element.parentElement;
|