@whitesev/pops 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/index.amd.js +21 -20
  2. package/dist/index.amd.js.map +1 -1
  3. package/dist/index.cjs.js +21 -20
  4. package/dist/index.cjs.js.map +1 -1
  5. package/dist/index.esm.js +21 -20
  6. package/dist/index.esm.js.map +1 -1
  7. package/dist/index.iife.js +21 -20
  8. package/dist/index.iife.js.map +1 -1
  9. package/dist/index.system.js +21 -20
  10. package/dist/index.system.js.map +1 -1
  11. package/dist/index.umd.js +21 -20
  12. package/dist/index.umd.js.map +1 -1
  13. package/dist/types/src/utils/PopsSafeUtils.d.ts +4 -0
  14. package/package.json +1 -1
  15. package/src/components/rightClickMenu/index.ts +2 -1
  16. package/src/utils/PopsDOMUtils.ts +12 -3
  17. package/src/utils/PopsSafeUtils.ts +16 -14
package/dist/index.system.js CHANGED
@@ -316,27 +316,28 @@ System.register('pops', [], (function (exports) {
316
316
  const popsUtils = new PopsUtils();
317
317
 
318
318
  const PopsSafeUtils = {
319
+ /**
320
+ * 获取安全的html
321
+ */
322
+ getSafeHTML(text) {
323
+ // @ts-ignore
324
+ if (globalThis.trustedTypes) {
325
+ // @ts-ignore
326
+ const policy = globalThis.trustedTypes.createPolicy("safe-innerHTML", {
327
+ createHTML: (html) => html,
328
+ });
329
+ return policy.createHTML(text);
330
+ }
331
+ else {
332
+ return text;
333
+ }
334
+ },
319
335
  /**
320
336
  * 设置安全的html
321
337
  */
322
338
  setSafeHTML($el, text) {
323
339
  // 创建 TrustedHTML 策略(需 CSP 允许)
324
- try {
325
- $el.innerHTML = text;
326
- }
327
- catch (error) {
328
- // @ts-ignore
329
- if (globalThis.trustedTypes) {
330
- // @ts-ignore
331
- const policy = globalThis.trustedTypes.createPolicy("safe-innerHTML", {
332
- createHTML: (html) => html,
333
- });
334
- $el.innerHTML = policy.createHTML(text);
335
- }
336
- else {
337
- throw new Error("trustedTypes is not defined");
338
- }
339
- }
340
+ $el.innerHTML = this.getSafeHTML(text);
340
341
  },
341
342
  };
342
343
 
@@ -1528,7 +1529,7 @@ System.register('pops', [], (function (exports) {
1528
1529
  }
1529
1530
  function elementAppendChild(ele, text) {
1530
1531
  if (typeof content === "string") {
1531
- ele.insertAdjacentHTML("beforeend", text);
1532
+ ele.insertAdjacentHTML("beforeend", PopsSafeUtils.getSafeHTML(text));
1532
1533
  }
1533
1534
  else {
1534
1535
  ele.appendChild(text);
@@ -1663,7 +1664,7 @@ System.register('pops', [], (function (exports) {
1663
1664
  return;
1664
1665
  }
1665
1666
  if (typeof content === "string") {
1666
- element.insertAdjacentHTML("beforebegin", content);
1667
+ element.insertAdjacentHTML("beforebegin", PopsSafeUtils.getSafeHTML(content));
1667
1668
  }
1668
1669
  else {
1669
1670
  element.parentElement.insertBefore(content, element);
@@ -1686,7 +1687,7 @@ System.register('pops', [], (function (exports) {
1686
1687
  return;
1687
1688
  }
1688
1689
  if (typeof content === "string") {
1689
- element.insertAdjacentHTML("afterend", content);
1690
+ element.insertAdjacentHTML("afterend", PopsSafeUtils.getSafeHTML(content));
1690
1691
  }
1691
1692
  else {
1692
1693
  element.parentElement.insertBefore(content, element.nextSibling);
@@ -8989,7 +8990,7 @@ System.register('pops', [], (function (exports) {
8989
8990
  menuLiElement.appendChild(iconElement);
8990
8991
  }
8991
8992
  /* 插入文字 */
8992
- menuLiElement.insertAdjacentHTML("beforeend", `<span>${item.text}</span>`);
8993
+ menuLiElement.insertAdjacentHTML("beforeend", PopsSafeUtils.getSafeHTML(`<span>${item.text}</span>`));
8993
8994
  /* 如果存在子数据,显示 */
8994
8995
  if (item.item && Array.isArray(item.item)) {
8995
8996
  popsDOMUtils.addClassName(menuLiElement, `pops-${PopsType}-item`);