@whitesev/pops 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/index.amd.js +21 -20
  2. package/dist/index.amd.js.map +1 -1
  3. package/dist/index.cjs.js +21 -20
  4. package/dist/index.cjs.js.map +1 -1
  5. package/dist/index.esm.js +21 -20
  6. package/dist/index.esm.js.map +1 -1
  7. package/dist/index.iife.js +21 -20
  8. package/dist/index.iife.js.map +1 -1
  9. package/dist/index.system.js +21 -20
  10. package/dist/index.system.js.map +1 -1
  11. package/dist/index.umd.js +21 -20
  12. package/dist/index.umd.js.map +1 -1
  13. package/dist/types/src/utils/PopsSafeUtils.d.ts +4 -0
  14. package/package.json +1 -1
  15. package/src/components/rightClickMenu/index.ts +2 -1
  16. package/src/utils/PopsDOMUtils.ts +12 -3
  17. package/src/utils/PopsSafeUtils.ts +16 -14
package/dist/index.iife.js CHANGED
@@ -314,27 +314,28 @@ var pops = (function () {
314
314
  const popsUtils = new PopsUtils();
315
315
 
316
316
  const PopsSafeUtils = {
317
+ /**
318
+ * 获取安全的html
319
+ */
320
+ getSafeHTML(text) {
321
+ // @ts-ignore
322
+ if (globalThis.trustedTypes) {
323
+ // @ts-ignore
324
+ const policy = globalThis.trustedTypes.createPolicy("safe-innerHTML", {
325
+ createHTML: (html) => html,
326
+ });
327
+ return policy.createHTML(text);
328
+ }
329
+ else {
330
+ return text;
331
+ }
332
+ },
317
333
  /**
318
334
  * 设置安全的html
319
335
  */
320
336
  setSafeHTML($el, text) {
321
337
  // 创建 TrustedHTML 策略(需 CSP 允许)
322
- try {
323
- $el.innerHTML = text;
324
- }
325
- catch (error) {
326
- // @ts-ignore
327
- if (globalThis.trustedTypes) {
328
- // @ts-ignore
329
- const policy = globalThis.trustedTypes.createPolicy("safe-innerHTML", {
330
- createHTML: (html) => html,
331
- });
332
- $el.innerHTML = policy.createHTML(text);
333
- }
334
- else {
335
- throw new Error("trustedTypes is not defined");
336
- }
337
- }
338
+ $el.innerHTML = this.getSafeHTML(text);
338
339
  },
339
340
  };
340
341
 
@@ -1526,7 +1527,7 @@ var pops = (function () {
1526
1527
  }
1527
1528
  function elementAppendChild(ele, text) {
1528
1529
  if (typeof content === "string") {
1529
- ele.insertAdjacentHTML("beforeend", text);
1530
+ ele.insertAdjacentHTML("beforeend", PopsSafeUtils.getSafeHTML(text));
1530
1531
  }
1531
1532
  else {
1532
1533
  ele.appendChild(text);
@@ -1661,7 +1662,7 @@ var pops = (function () {
1661
1662
  return;
1662
1663
  }
1663
1664
  if (typeof content === "string") {
1664
- element.insertAdjacentHTML("beforebegin", content);
1665
+ element.insertAdjacentHTML("beforebegin", PopsSafeUtils.getSafeHTML(content));
1665
1666
  }
1666
1667
  else {
1667
1668
  element.parentElement.insertBefore(content, element);
@@ -1684,7 +1685,7 @@ var pops = (function () {
1684
1685
  return;
1685
1686
  }
1686
1687
  if (typeof content === "string") {
1687
- element.insertAdjacentHTML("afterend", content);
1688
+ element.insertAdjacentHTML("afterend", PopsSafeUtils.getSafeHTML(content));
1688
1689
  }
1689
1690
  else {
1690
1691
  element.parentElement.insertBefore(content, element.nextSibling);
@@ -8987,7 +8988,7 @@ var pops = (function () {
8987
8988
  menuLiElement.appendChild(iconElement);
8988
8989
  }
8989
8990
  /* 插入文字 */
8990
- menuLiElement.insertAdjacentHTML("beforeend", `<span>${item.text}</span>`);
8991
+ menuLiElement.insertAdjacentHTML("beforeend", PopsSafeUtils.getSafeHTML(`<span>${item.text}</span>`));
8991
8992
  /* 如果存在子数据,显示 */
8992
8993
  if (item.item && Array.isArray(item.item)) {
8993
8994
  popsDOMUtils.addClassName(menuLiElement, `pops-${PopsType}-item`);