docxmlater 10.3.3 → 10.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/core/DocumentParser.d.ts.map +1 -1
  2. package/dist/core/DocumentParser.js +13 -4
  3. package/dist/core/DocumentParser.js.map +1 -1
  4. package/dist/core/RelationshipManager.js +2 -2
  5. package/dist/core/RelationshipManager.js.map +1 -1
  6. package/package.json +1 -1
  7. package/src/core/DocumentParser.ts +24 -4
  8. package/src/core/RelationshipManager.ts +3 -3
package/dist/core/RelationshipManager.js CHANGED
@@ -166,8 +166,8 @@ class RelationshipManager {
166
166
  }
167
167
  static fromXml(xml) {
168
168
  const manager = new RelationshipManager();
169
- if (xml.length > 100000) {
170
- throw new Error('Relationships XML file too large (>100KB). Possible malicious input or corrupted file.');
169
+ if (xml.length > 10000000) {
170
+ throw new Error('Relationships XML file too large (>10MB). Possible malicious input or corrupted file.');
171
171
  }
172
172
  const relationshipElements = XMLParser_1.XMLParser.extractElements(xml, 'Relationship');
173
173
  if (relationshipElements.length > 1000) {
package/dist/core/RelationshipManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"RelationshipManager.js","sourceRoot":"","sources":["../../src/core/RelationshipManager.ts"],"names":[],"mappings":";;;AAOA,iDAAgE;AAChE,gDAA6C;AAC7C,oDAA2D;AAK3D,MAAa,mBAAmB;IACtB,aAAa,CAA4B;IACzC,MAAM,CAAS;IAKvB;QACE,IAAI,CAAC,aAAa,GAAG,IAAI,GAAG,EAAE,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IAOD,eAAe,CAAC,YAA0B;QACxC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,YAAY,CAAC,CAAC;QAG3D,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC;QACxD,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvC,IAAI,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBACzB,IAAI,CAAC,MAAM,GAAG,KAAK,GAAG,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAMD,eAAe,CAAC,EAAU;QACxB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC;IAKD,mBAAmB;QACjB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;IACjD,CAAC;IAMD,sBAAsB,CAAC,IAA+B;QACpD,OAAO,IAAI,CAAC,mBAAmB,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,IAAI,CAAC,CAAC;IAC5E,CAAC;IAMD,eAAe,CAAC,EAAU;QACxB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC;IAOD,kBAAkB,CAAC,EAAU;QAC3B,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC;IAKD,QAAQ;QACN,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;IACjC,CAAC;IAKD,KAAK;QACH,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAMD,UAAU;QACR,OAAO,MAAM,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;IAC/B,CAAC;IAMD,SAAS;QACP,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAMD,YAAY;QACV,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;IAMD,YAAY;QACV,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;IAMD,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAMD,cAAc;QACZ,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC;IAClE,CAAC;IAMD,QAAQ;QACN,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC;IAOD,QAAQ,CAAC,MAAc;QACrB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACpE,CAAC;IAOD,SAAS,CAAC,MAAc;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACrE,CAAC;IAOD,SAAS,CAAC,MAAc;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACrE,CAAC;IAOD,YAAY,CAAC,GAAW;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;IACrE,CAAC;IAaD,qBAAqB,CAAC,cAAsB,EAAE,MAAc;QAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,KAAK,CAAC;QACf,CAAC;QAGD,IAAI,YAAY,CAAC,OAAO,EAAE,KAAK,+BAAgB,CAAC,SAAS,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CACb,gBAAgB,cAAc,oCAAoC;gBAChE,WAAW,YAAY,CAAC,OAAO,EAAE,cAAc,+BAAgB,CAAC,SAAS,EAAE,CAC9E,CAAC;QACJ,CAAC;QAGD,YAAY,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IAQD,qBAAqB,CAAC,SAAiB;QACrC,OAAO,IAAI,CAAC,mBAAmB,EAAE,CAAC,IAAI,CACpC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,+BAAgB,CAAC,SAAS,IAAI,GAAG,CAAC,SAAS,EAAE,KAAK,SAAS,CACvF,CAAC;IACJ,CAAC;IAYD,oBAAoB,CAAC,GAAW;QAE9B,MAAM,QAAQ,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,QAAQ,CAAC;QAClB,CAAC;QAGD,OAAO,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAYD,wBAAwB,CAAC,aAA0B;QACjD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,QAAQ,GAAa,EAAE,CAAC;QAG9B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC7C,IAAI,GAAG,CAAC,OAAO,EAAE,KAAK,+BAAgB,CAAC,SAAS,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;gBACpF,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QAGD,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAMD,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAMD,YAAY;QACV,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;IAMD,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAMD,SAAS;QACP,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAMD,WAAW;QACT,MAAM,aAAa,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAEjD,IAAI,GAAG,GAAG,2DAA2D,CAAC;QACtE,GAAG,IAAI,wFAAwF,CAAC;QAEhG,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,GAAG,IAAI,GAAG,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,GAAG,IAAI,kBAAkB,CAAC;QAE1B,OAAO,GAAG,CAAC;IACb,CAAC;IAMD,MAAM,CAAC,iBAAiB;QACtB,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC1C,OAAO,CAAC,SAAS,EAAE,CAAC;QACpB,OAAO,CAAC,YAAY,EAAE,CAAC;QACvB,OAAO,CAAC,YAAY,EAAE,CAAC;QACvB,OAAO,CAAC,WAAW,EAAE,CAAC;QACtB,OAAO,CAAC,cAAc,EAAE,CAAC;QACzB,OAAO,CAAC,QAAQ,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC;IACjB,CAAC;IAMD,MAAM,CAAC,MAAM;QACX,OAAO,IAAI,mBAAmB,EAAE,CAAC;IACnC,CAAC;IAOD,MAAM,CAAC,OAAO,CAAC,GAAW;QACxB,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAG1C,IAAI,GAAG,CAAC,MAAM,GAAG,MAAM,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,wFAAwF,CACzF,CAAC;QACJ,CAAC;QAGD,MAAM,oBAAoB,GAAG,qBAAS,CAAC,eAAe,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;QAG5E,IAAI,oBAAoB,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;QAC3F,CAAC;QAGD,KAAK,MAAM,mBAAmB,IAAI,oBAAoB,EAAE,CAAC;YAEvD,MAAM,EAAE,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;YACjE,MAAM,IAAI,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,QAAQ,CAAC,CAAC;YACzE,MAAM,UAAU,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,YAAY,CAAC,CAAC;YAGjF,IAAI,EAAE,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;gBAEzB,MAAM,mBAAmB,GACvB,UAAU,KAAK,UAAU,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,KAAK,SAAS;oBAChF,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS,CAAC;gBAGhB,IAAI,eAAe,GAAG,MAAM,CAAC;gBAC7B,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;oBAChC,MAAM,MAAM,GAAG,IAAA,iCAAoB,EAAC,MAAM,CAAC,CAAC;oBAC5C,IAAI,MAAM,EAAE,CAAC;wBACX,eAAe,GAAG,MAAM,CAAC,GAAG,CAAC;oBAC/B,CAAC;gBACH,CAAC;gBAGD,MAAM,YAAY,GAAG,2BAAY,CAAC,MAAM,CAAC;oBACvC,EAAE;oBACF,IAAI;oBACJ,MAAM,EAAE,eAAe;oBACvB,UAAU,EAAE,mBAAmB,IAAI,UAAU;iBAC9C,CAAC,CAAC;gBAEH,OAAO,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAxaD,kDAwaC","sourcesContent":["/**\n * RelationshipManager - Manages collections of relationships\n *\n * Handles relationship creation, tracking, and XML generation for various\n * document parts (document.xml, header.xml, footer.xml, etc.)\n */\n\nimport { Relationship, RelationshipType } from './Relationship';\nimport { XMLParser } from '../xml/XMLParser';\nimport { sanitizeHyperlinkUrl } from '../utils/validation';\n\n/**\n * Manages relationships for a document or document part\n */\nexport class RelationshipManager {\n private relationships: Map<string, Relationship>;\n private nextId: number;\n\n /**\n * Creates a new relationship manager\n */\n constructor() {\n this.relationships = new Map();\n this.nextId = 1;\n }\n\n /**\n * Adds a relationship\n * @param relationship The relationship to add\n * @returns The relationship that was added\n */\n addRelationship(relationship: Relationship): Relationship {\n this.relationships.set(relationship.getId(), relationship);\n\n // Update next ID if necessary\n const idMatch = /^rId(\\d+)$/.exec(relationship.getId());\n if (idMatch?.[1]) {\n const idNum = parseInt(idMatch[1], 10);\n if (idNum >= this.nextId) {\n this.nextId = idNum + 1;\n }\n }\n\n return relationship;\n }\n\n /**\n * Gets a relationship by ID\n * @param id The relationship ID\n */\n getRelationship(id: string): Relationship | undefined {\n return this.relationships.get(id);\n }\n\n /**\n * Gets all relationships\n */\n getAllRelationships(): Relationship[] {\n return Array.from(this.relationships.values());\n }\n\n /**\n * Gets relationships of a specific type\n * @param type The relationship type\n */\n getRelationshipsByType(type: string | RelationshipType): Relationship[] {\n return this.getAllRelationships().filter((rel) => rel.getType() === type);\n }\n\n /**\n * Checks if a relationship exists\n * @param id The relationship ID\n */\n hasRelationship(id: string): boolean {\n return this.relationships.has(id);\n }\n\n /**\n * Removes a relationship\n * @param id The relationship ID\n * @returns True if removed, false if not found\n */\n removeRelationship(id: string): boolean {\n return this.relationships.delete(id);\n }\n\n /**\n * Gets the number of relationships\n */\n getCount(): number {\n return this.relationships.size;\n }\n\n /**\n * Clears all relationships\n */\n clear(): this {\n this.relationships.clear();\n this.nextId = 1;\n return this;\n }\n\n /**\n * Generates a new unique relationship ID\n * @returns New relationship ID (e.g., 'rId1', 'rId2')\n */\n generateId(): string {\n return `rId${this.nextId++}`;\n }\n\n /**\n * Adds a styles relationship\n * @returns The created relationship\n */\n addStyles(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createStyles(id));\n }\n\n /**\n * Adds a numbering relationship\n * @returns The created relationship\n */\n addNumbering(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createNumbering(id));\n }\n\n /**\n * Adds a fontTable relationship\n * @returns The created relationship\n */\n addFontTable(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createFontTable(id));\n }\n\n /**\n * Adds a settings relationship\n * @returns The created relationship\n */\n addSettings(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createSettings(id));\n }\n\n /**\n * Adds a webSettings relationship\n * @returns The created relationship\n */\n addWebSettings(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createWebSettings(id));\n }\n\n /**\n * Adds a theme relationship\n * @returns The created relationship\n */\n addTheme(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createTheme(id));\n }\n\n /**\n * Adds an image relationship\n * @param target Image path relative to the part (e.g., 'media/image1.png')\n * @returns The created relationship\n */\n addImage(target: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createImage(id, target));\n }\n\n /**\n * Adds a header relationship\n * @param target Header file path (e.g., 'header1.xml')\n * @returns The created relationship\n */\n addHeader(target: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createHeader(id, target));\n }\n\n /**\n * Adds a footer relationship\n * @param target Footer file path (e.g., 'footer1.xml')\n * @returns The created relationship\n */\n addFooter(target: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createFooter(id, target));\n }\n\n /**\n * Adds a hyperlink relationship\n * @param url The hyperlink URL\n * @returns The created relationship\n */\n addHyperlink(url: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createHyperlink(id, url));\n }\n\n /**\n * Updates the target URL of an existing hyperlink relationship\n *\n * This method modifies an existing relationship's target in-place, maintaining\n * the same relationship ID. This is crucial for proper OpenXML compliance\n * per ECMA-376 §17.16.22, as it prevents orphaned relationships.\n *\n * @param relationshipId The ID of the relationship to update\n * @param newUrl The new URL to set\n * @returns True if updated, false if relationship not found\n */\n updateHyperlinkTarget(relationshipId: string, newUrl: string): boolean {\n const relationship = this.getRelationship(relationshipId);\n if (!relationship) {\n return false;\n }\n\n // Verify this is a hyperlink relationship\n if (relationship.getType() !== RelationshipType.HYPERLINK) {\n throw new Error(\n `Relationship ${relationshipId} is not a hyperlink relationship. ` +\n `Type is ${relationship.getType()}, expected ${RelationshipType.HYPERLINK}`\n );\n }\n\n // Update the target URL\n relationship.setTarget(newUrl);\n return true;\n }\n\n /**\n * Finds a hyperlink relationship by its target URL\n *\n * @param targetUrl The URL to search for\n * @returns The matching relationship, or undefined if not found\n */\n findHyperlinkByTarget(targetUrl: string): Relationship | undefined {\n return this.getAllRelationships().find(\n (rel) => rel.getType() === RelationshipType.HYPERLINK && rel.getTarget() === targetUrl\n );\n }\n\n /**\n * Gets or creates a hyperlink relationship for the given URL\n *\n * This method ensures we don't create duplicate relationships for the same URL.\n * If a relationship already exists for the URL, it returns the existing one.\n * Otherwise, it creates a new relationship.\n *\n * @param url The hyperlink URL\n * @returns The existing or newly created relationship\n */\n getOrCreateHyperlink(url: string): Relationship {\n // Check if relationship already exists for this URL\n const existing = this.findHyperlinkByTarget(url);\n if (existing) {\n return existing;\n }\n\n // Create new relationship\n return this.addHyperlink(url);\n }\n\n /**\n * Removes orphaned hyperlink relationships\n *\n * This method removes hyperlink relationships that are no longer referenced\n * by any hyperlink in the document. Call this after updating URLs to clean\n * up any orphaned relationships.\n *\n * @param referencedIds Set of relationship IDs that are still in use\n * @returns Number of relationships removed\n */\n removeOrphanedHyperlinks(referencedIds: Set<string>): number {\n let removed = 0;\n const toRemove: string[] = [];\n\n // Find orphaned relationships\n for (const rel of this.getAllRelationships()) {\n if (rel.getType() === RelationshipType.HYPERLINK && !referencedIds.has(rel.getId())) {\n toRemove.push(rel.getId());\n }\n }\n\n // Remove orphaned relationships\n for (const id of toRemove) {\n if (this.removeRelationship(id)) {\n removed++;\n }\n }\n\n return removed;\n }\n\n /**\n * Adds a comments relationship\n * @returns The created relationship\n */\n addComments(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createComments(id));\n }\n\n /**\n * Adds a footnotes relationship\n * @returns The created relationship\n */\n addFootnotes(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createFootnotes(id));\n }\n\n /**\n * Adds an endnotes relationship\n * @returns The created relationship\n */\n addEndnotes(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createEndnotes(id));\n }\n\n /**\n * Adds a people relationship (track changes authors)\n * @returns The created relationship\n */\n addPeople(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createPeople(id));\n }\n\n /**\n * Generates the relationships XML file content\n * @returns Complete XML string for .rels file\n */\n generateXml(): string {\n const relationships = this.getAllRelationships();\n\n let xml = '<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\\n';\n xml += '<Relationships xmlns=\"http://schemas.openxmlformats.org/package/2006/relationships\">\\n';\n\n for (const rel of relationships) {\n xml += rel.toXML() + '\\n';\n }\n\n xml += '</Relationships>';\n\n return xml;\n }\n\n /**\n * Creates a new relationship manager with common document relationships\n * @returns RelationshipManager with styles, numbering, fontTable, settings, and theme relationships\n */\n static createForDocument(): RelationshipManager {\n const manager = new RelationshipManager();\n manager.addStyles();\n manager.addNumbering();\n manager.addFontTable();\n manager.addSettings();\n manager.addWebSettings();\n manager.addTheme();\n return manager;\n }\n\n /**\n * Creates an empty relationship manager\n * @returns Empty RelationshipManager\n */\n static create(): RelationshipManager {\n return new RelationshipManager();\n }\n\n /**\n * Parses relationships from XML string and creates a populated manager\n * @param xml The relationships XML content (.rels file)\n * @returns RelationshipManager with parsed relationships\n */\n static fromXml(xml: string): RelationshipManager {\n const manager = new RelationshipManager();\n\n // Prevent ReDoS: validate input size (typical .rels files are < 10KB)\n if (xml.length > 100000) {\n throw new Error(\n 'Relationships XML file too large (>100KB). Possible malicious input or corrupted file.'\n );\n }\n\n // Use XMLParser to extract all Relationship elements\n const relationshipElements = XMLParser.extractElements(xml, 'Relationship');\n\n // Prevent infinite loops: check relationship count\n if (relationshipElements.length > 1000) {\n throw new Error('Too many relationships in XML file (>1000). Possible malicious input.');\n }\n\n // Process each relationship element\n for (const relationshipElement of relationshipElements) {\n // Extract attributes using XMLParser\n const id = XMLParser.extractAttribute(relationshipElement, 'Id');\n const type = XMLParser.extractAttribute(relationshipElement, 'Type');\n const target = XMLParser.extractAttribute(relationshipElement, 'Target');\n const targetMode = XMLParser.extractAttribute(relationshipElement, 'TargetMode');\n\n // Only create relationship if all required attributes present\n if (id && type && target) {\n // Validate targetMode before type assertion\n const validatedTargetMode =\n targetMode === 'Internal' || targetMode === 'External' || targetMode === undefined\n ? targetMode\n : undefined;\n\n // Sanitize hyperlink URLs (strip browser extension prefixes)\n let sanitizedTarget = target;\n if (type.endsWith('/hyperlink')) {\n const result = sanitizeHyperlinkUrl(target);\n if (result) {\n sanitizedTarget = result.url;\n }\n }\n\n // Create and add relationship\n const relationship = Relationship.create({\n id,\n type,\n target: sanitizedTarget,\n targetMode: validatedTargetMode || 'Internal',\n });\n\n manager.addRelationship(relationship);\n }\n }\n\n return manager;\n }\n}\n"]}
1
+ {"version":3,"file":"RelationshipManager.js","sourceRoot":"","sources":["../../src/core/RelationshipManager.ts"],"names":[],"mappings":";;;AAOA,iDAAgE;AAChE,gDAA6C;AAC7C,oDAA2D;AAK3D,MAAa,mBAAmB;IACtB,aAAa,CAA4B;IACzC,MAAM,CAAS;IAKvB;QACE,IAAI,CAAC,aAAa,GAAG,IAAI,GAAG,EAAE,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IAClB,CAAC;IAOD,eAAe,CAAC,YAA0B;QACxC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,YAAY,CAAC,CAAC;QAG3D,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC;QACxD,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvC,IAAI,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBACzB,IAAI,CAAC,MAAM,GAAG,KAAK,GAAG,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAMD,eAAe,CAAC,EAAU;QACxB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC;IAKD,mBAAmB;QACjB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;IACjD,CAAC;IAMD,sBAAsB,CAAC,IAA+B;QACpD,OAAO,IAAI,CAAC,mBAAmB,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,IAAI,CAAC,CAAC;IAC5E,CAAC;IAMD,eAAe,CAAC,EAAU;QACxB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC;IAOD,kBAAkB,CAAC,EAAU;QAC3B,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC;IAKD,QAAQ;QACN,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;IACjC,CAAC;IAKD,KAAK;QACH,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAMD,UAAU;QACR,OAAO,MAAM,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;IAC/B,CAAC;IAMD,SAAS;QACP,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAMD,YAAY;QACV,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;IAMD,YAAY;QACV,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;IAMD,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAMD,cAAc;QACZ,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC;IAClE,CAAC;IAMD,QAAQ;QACN,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC;IAOD,QAAQ,CAAC,MAAc;QACrB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,WAAW,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACpE,CAAC;IAOD,SAAS,CAAC,MAAc;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACrE,CAAC;IAOD,SAAS,CAAC,MAAc;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACrE,CAAC;IAOD,YAAY,CAAC,GAAW;QACtB,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;IACrE,CAAC;IAaD,qBAAqB,CAAC,cAAsB,EAAE,MAAc;QAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,KAAK,CAAC;QACf,CAAC;QAGD,IAAI,YAAY,CAAC,OAAO,EAAE,KAAK,+BAAgB,CAAC,SAAS,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CACb,gBAAgB,cAAc,oCAAoC;gBAChE,WAAW,YAAY,CAAC,OAAO,EAAE,cAAc,+BAAgB,CAAC,SAAS,EAAE,CAC9E,CAAC;QACJ,CAAC;QAGD,YAAY,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IAQD,qBAAqB,CAAC,SAAiB;QACrC,OAAO,IAAI,CAAC,mBAAmB,EAAE,CAAC,IAAI,CACpC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,+BAAgB,CAAC,SAAS,IAAI,GAAG,CAAC,SAAS,EAAE,KAAK,SAAS,CACvF,CAAC;IACJ,CAAC;IAYD,oBAAoB,CAAC,GAAW;QAE9B,MAAM,QAAQ,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,QAAQ,CAAC;QAClB,CAAC;QAGD,OAAO,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAYD,wBAAwB,CAAC,aAA0B;QACjD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,QAAQ,GAAa,EAAE,CAAC;QAG9B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC7C,IAAI,GAAG,CAAC,OAAO,EAAE,KAAK,+BAAgB,CAAC,SAAS,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC;gBACpF,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QAGD,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAMD,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAMD,YAAY;QACV,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;IAMD,WAAW;QACT,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IAMD,SAAS;QACP,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,eAAe,CAAC,2BAAY,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC;IAMD,WAAW;QACT,MAAM,aAAa,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAEjD,IAAI,GAAG,GAAG,2DAA2D,CAAC;QACtE,GAAG,IAAI,wFAAwF,CAAC;QAEhG,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,GAAG,IAAI,GAAG,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC;QAC5B,CAAC;QAED,GAAG,IAAI,kBAAkB,CAAC;QAE1B,OAAO,GAAG,CAAC;IACb,CAAC;IAMD,MAAM,CAAC,iBAAiB;QACtB,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAC1C,OAAO,CAAC,SAAS,EAAE,CAAC;QACpB,OAAO,CAAC,YAAY,EAAE,CAAC;QACvB,OAAO,CAAC,YAAY,EAAE,CAAC;QACvB,OAAO,CAAC,WAAW,EAAE,CAAC;QACtB,OAAO,CAAC,cAAc,EAAE,CAAC;QACzB,OAAO,CAAC,QAAQ,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC;IACjB,CAAC;IAMD,MAAM,CAAC,MAAM;QACX,OAAO,IAAI,mBAAmB,EAAE,CAAC;IACnC,CAAC;IAOD,MAAM,CAAC,OAAO,CAAC,GAAW;QACxB,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;QAG1C,IAAI,GAAG,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CACb,uFAAuF,CACxF,CAAC;QACJ,CAAC;QAGD,MAAM,oBAAoB,GAAG,qBAAS,CAAC,eAAe,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;QAG5E,IAAI,oBAAoB,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;QAC3F,CAAC;QAGD,KAAK,MAAM,mBAAmB,IAAI,oBAAoB,EAAE,CAAC;YAEvD,MAAM,EAAE,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;YACjE,MAAM,IAAI,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,QAAQ,CAAC,CAAC;YACzE,MAAM,UAAU,GAAG,qBAAS,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,YAAY,CAAC,CAAC;YAGjF,IAAI,EAAE,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;gBAEzB,MAAM,mBAAmB,GACvB,UAAU,KAAK,UAAU,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,KAAK,SAAS;oBAChF,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS,CAAC;gBAGhB,IAAI,eAAe,GAAG,MAAM,CAAC;gBAC7B,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;oBAChC,MAAM,MAAM,GAAG,IAAA,iCAAoB,EAAC,MAAM,CAAC,CAAC;oBAC5C,IAAI,MAAM,EAAE,CAAC;wBACX,eAAe,GAAG,MAAM,CAAC,GAAG,CAAC;oBAC/B,CAAC;gBACH,CAAC;gBAGD,MAAM,YAAY,GAAG,2BAAY,CAAC,MAAM,CAAC;oBACvC,EAAE;oBACF,IAAI;oBACJ,MAAM,EAAE,eAAe;oBACvB,UAAU,EAAE,mBAAmB,IAAI,UAAU;iBAC9C,CAAC,CAAC;gBAEH,OAAO,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAxaD,kDAwaC","sourcesContent":["/**\n * RelationshipManager - Manages collections of relationships\n *\n * Handles relationship creation, tracking, and XML generation for various\n * document parts (document.xml, header.xml, footer.xml, etc.)\n */\n\nimport { Relationship, RelationshipType } from './Relationship';\nimport { XMLParser } from '../xml/XMLParser';\nimport { sanitizeHyperlinkUrl } from '../utils/validation';\n\n/**\n * Manages relationships for a document or document part\n */\nexport class RelationshipManager {\n private relationships: Map<string, Relationship>;\n private nextId: number;\n\n /**\n * Creates a new relationship manager\n */\n constructor() {\n this.relationships = new Map();\n this.nextId = 1;\n }\n\n /**\n * Adds a relationship\n * @param relationship The relationship to add\n * @returns The relationship that was added\n */\n addRelationship(relationship: Relationship): Relationship {\n this.relationships.set(relationship.getId(), relationship);\n\n // Update next ID if necessary\n const idMatch = /^rId(\\d+)$/.exec(relationship.getId());\n if (idMatch?.[1]) {\n const idNum = parseInt(idMatch[1], 10);\n if (idNum >= this.nextId) {\n this.nextId = idNum + 1;\n }\n }\n\n return relationship;\n }\n\n /**\n * Gets a relationship by ID\n * @param id The relationship ID\n */\n getRelationship(id: string): Relationship | undefined {\n return this.relationships.get(id);\n }\n\n /**\n * Gets all relationships\n */\n getAllRelationships(): Relationship[] {\n return Array.from(this.relationships.values());\n }\n\n /**\n * Gets relationships of a specific type\n * @param type The relationship type\n */\n getRelationshipsByType(type: string | RelationshipType): Relationship[] {\n return this.getAllRelationships().filter((rel) => rel.getType() === type);\n }\n\n /**\n * Checks if a relationship exists\n * @param id The relationship ID\n */\n hasRelationship(id: string): boolean {\n return this.relationships.has(id);\n }\n\n /**\n * Removes a relationship\n * @param id The relationship ID\n * @returns True if removed, false if not found\n */\n removeRelationship(id: string): boolean {\n return this.relationships.delete(id);\n }\n\n /**\n * Gets the number of relationships\n */\n getCount(): number {\n return this.relationships.size;\n }\n\n /**\n * Clears all relationships\n */\n clear(): this {\n this.relationships.clear();\n this.nextId = 1;\n return this;\n }\n\n /**\n * Generates a new unique relationship ID\n * @returns New relationship ID (e.g., 'rId1', 'rId2')\n */\n generateId(): string {\n return `rId${this.nextId++}`;\n }\n\n /**\n * Adds a styles relationship\n * @returns The created relationship\n */\n addStyles(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createStyles(id));\n }\n\n /**\n * Adds a numbering relationship\n * @returns The created relationship\n */\n addNumbering(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createNumbering(id));\n }\n\n /**\n * Adds a fontTable relationship\n * @returns The created relationship\n */\n addFontTable(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createFontTable(id));\n }\n\n /**\n * Adds a settings relationship\n * @returns The created relationship\n */\n addSettings(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createSettings(id));\n }\n\n /**\n * Adds a webSettings relationship\n * @returns The created relationship\n */\n addWebSettings(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createWebSettings(id));\n }\n\n /**\n * Adds a theme relationship\n * @returns The created relationship\n */\n addTheme(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createTheme(id));\n }\n\n /**\n * Adds an image relationship\n * @param target Image path relative to the part (e.g., 'media/image1.png')\n * @returns The created relationship\n */\n addImage(target: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createImage(id, target));\n }\n\n /**\n * Adds a header relationship\n * @param target Header file path (e.g., 'header1.xml')\n * @returns The created relationship\n */\n addHeader(target: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createHeader(id, target));\n }\n\n /**\n * Adds a footer relationship\n * @param target Footer file path (e.g., 'footer1.xml')\n * @returns The created relationship\n */\n addFooter(target: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createFooter(id, target));\n }\n\n /**\n * Adds a hyperlink relationship\n * @param url The hyperlink URL\n * @returns The created relationship\n */\n addHyperlink(url: string): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createHyperlink(id, url));\n }\n\n /**\n * Updates the target URL of an existing hyperlink relationship\n *\n * This method modifies an existing relationship's target in-place, maintaining\n * the same relationship ID. This is crucial for proper OpenXML compliance\n * per ECMA-376 §17.16.22, as it prevents orphaned relationships.\n *\n * @param relationshipId The ID of the relationship to update\n * @param newUrl The new URL to set\n * @returns True if updated, false if relationship not found\n */\n updateHyperlinkTarget(relationshipId: string, newUrl: string): boolean {\n const relationship = this.getRelationship(relationshipId);\n if (!relationship) {\n return false;\n }\n\n // Verify this is a hyperlink relationship\n if (relationship.getType() !== RelationshipType.HYPERLINK) {\n throw new Error(\n `Relationship ${relationshipId} is not a hyperlink relationship. ` +\n `Type is ${relationship.getType()}, expected ${RelationshipType.HYPERLINK}`\n );\n }\n\n // Update the target URL\n relationship.setTarget(newUrl);\n return true;\n }\n\n /**\n * Finds a hyperlink relationship by its target URL\n *\n * @param targetUrl The URL to search for\n * @returns The matching relationship, or undefined if not found\n */\n findHyperlinkByTarget(targetUrl: string): Relationship | undefined {\n return this.getAllRelationships().find(\n (rel) => rel.getType() === RelationshipType.HYPERLINK && rel.getTarget() === targetUrl\n );\n }\n\n /**\n * Gets or creates a hyperlink relationship for the given URL\n *\n * This method ensures we don't create duplicate relationships for the same URL.\n * If a relationship already exists for the URL, it returns the existing one.\n * Otherwise, it creates a new relationship.\n *\n * @param url The hyperlink URL\n * @returns The existing or newly created relationship\n */\n getOrCreateHyperlink(url: string): Relationship {\n // Check if relationship already exists for this URL\n const existing = this.findHyperlinkByTarget(url);\n if (existing) {\n return existing;\n }\n\n // Create new relationship\n return this.addHyperlink(url);\n }\n\n /**\n * Removes orphaned hyperlink relationships\n *\n * This method removes hyperlink relationships that are no longer referenced\n * by any hyperlink in the document. Call this after updating URLs to clean\n * up any orphaned relationships.\n *\n * @param referencedIds Set of relationship IDs that are still in use\n * @returns Number of relationships removed\n */\n removeOrphanedHyperlinks(referencedIds: Set<string>): number {\n let removed = 0;\n const toRemove: string[] = [];\n\n // Find orphaned relationships\n for (const rel of this.getAllRelationships()) {\n if (rel.getType() === RelationshipType.HYPERLINK && !referencedIds.has(rel.getId())) {\n toRemove.push(rel.getId());\n }\n }\n\n // Remove orphaned relationships\n for (const id of toRemove) {\n if (this.removeRelationship(id)) {\n removed++;\n }\n }\n\n return removed;\n }\n\n /**\n * Adds a comments relationship\n * @returns The created relationship\n */\n addComments(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createComments(id));\n }\n\n /**\n * Adds a footnotes relationship\n * @returns The created relationship\n */\n addFootnotes(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createFootnotes(id));\n }\n\n /**\n * Adds an endnotes relationship\n * @returns The created relationship\n */\n addEndnotes(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createEndnotes(id));\n }\n\n /**\n * Adds a people relationship (track changes authors)\n * @returns The created relationship\n */\n addPeople(): Relationship {\n const id = this.generateId();\n return this.addRelationship(Relationship.createPeople(id));\n }\n\n /**\n * Generates the relationships XML file content\n * @returns Complete XML string for .rels file\n */\n generateXml(): string {\n const relationships = this.getAllRelationships();\n\n let xml = '<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\\n';\n xml += '<Relationships xmlns=\"http://schemas.openxmlformats.org/package/2006/relationships\">\\n';\n\n for (const rel of relationships) {\n xml += rel.toXML() + '\\n';\n }\n\n xml += '</Relationships>';\n\n return xml;\n }\n\n /**\n * Creates a new relationship manager with common document relationships\n * @returns RelationshipManager with styles, numbering, fontTable, settings, and theme relationships\n */\n static createForDocument(): RelationshipManager {\n const manager = new RelationshipManager();\n manager.addStyles();\n manager.addNumbering();\n manager.addFontTable();\n manager.addSettings();\n manager.addWebSettings();\n manager.addTheme();\n return manager;\n }\n\n /**\n * Creates an empty relationship manager\n * @returns Empty RelationshipManager\n */\n static create(): RelationshipManager {\n return new RelationshipManager();\n }\n\n /**\n * Parses relationships from XML string and creates a populated manager\n * @param xml The relationships XML content (.rels file)\n * @returns RelationshipManager with parsed relationships\n */\n static fromXml(xml: string): RelationshipManager {\n const manager = new RelationshipManager();\n\n // Prevent ReDoS: validate input size (typical .rels files are < 10KB, max 10MB)\n if (xml.length > 10000000) {\n throw new Error(\n 'Relationships XML file too large (>10MB). Possible malicious input or corrupted file.'\n );\n }\n\n // Use XMLParser to extract all Relationship elements\n const relationshipElements = XMLParser.extractElements(xml, 'Relationship');\n\n // Prevent infinite loops: check relationship count\n if (relationshipElements.length > 1000) {\n throw new Error('Too many relationships in XML file (>1000). Possible malicious input.');\n }\n\n // Process each relationship element\n for (const relationshipElement of relationshipElements) {\n // Extract attributes using XMLParser\n const id = XMLParser.extractAttribute(relationshipElement, 'Id');\n const type = XMLParser.extractAttribute(relationshipElement, 'Type');\n const target = XMLParser.extractAttribute(relationshipElement, 'Target');\n const targetMode = XMLParser.extractAttribute(relationshipElement, 'TargetMode');\n\n // Only create relationship if all required attributes present\n if (id && type && target) {\n // Validate targetMode before type assertion\n const validatedTargetMode =\n targetMode === 'Internal' || targetMode === 'External' || targetMode === undefined\n ? targetMode\n : undefined;\n\n // Sanitize hyperlink URLs (strip browser extension prefixes)\n let sanitizedTarget = target;\n if (type.endsWith('/hyperlink')) {\n const result = sanitizeHyperlinkUrl(target);\n if (result) {\n sanitizedTarget = result.url;\n }\n }\n\n // Create and add relationship\n const relationship = Relationship.create({\n id,\n type,\n target: sanitizedTarget,\n targetMode: validatedTargetMode || 'Internal',\n });\n\n manager.addRelationship(relationship);\n }\n }\n\n return manager;\n }\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "docxmlater",
3
- "version": "10.3.3",
3
+ "version": "10.3.4",
4
4
  "description": "A comprehensive DOCX editing framework for creating, reading, and manipulating Microsoft Word documents",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/src/core/DocumentParser.ts CHANGED
@@ -2687,6 +2687,7 @@ export class DocumentParser {
2687
2687
 
2688
2688
  const content = paragraph.getContent();
2689
2689
  const groupedContent: any[] = [];
2690
+ // Invariant: only Run instances — non-Run items filtered at entry (line ~3109)
2690
2691
  let fieldRuns: Run[] = [];
2691
2692
  let fieldRevisions: Revision[] = []; // Track revisions inside field result section
2692
2693
  let instructionRevisions: Revision[] = []; // Track revisions in instruction area
@@ -2766,7 +2767,12 @@ export class DocumentParser {
2766
2767
  // We need to reconstruct the original order based on field state transitions
2767
2768
  let hasSep = false;
2768
2769
  for (const run of fieldRuns) {
2769
- if (!(run instanceof Run)) continue;
2770
+ if (!((run as unknown) instanceof Run)) {
2771
+ defaultLogger.warn(
2772
+ `Non-Run item in fieldRuns: ${(run as any)?.constructor?.name}`
2773
+ );
2774
+ continue;
2775
+ }
2770
2776
  const runContent = run.getContent();
2771
2777
  const fieldCharToken = runContent.find((c: any) => c.type === 'fieldChar');
2772
2778
 
@@ -2817,7 +2823,12 @@ export class DocumentParser {
2817
2823
  let hasSeparate = false;
2818
2824
 
2819
2825
  for (const run of fieldRuns) {
2820
- if (!(run instanceof Run)) continue;
2826
+ if (!((run as unknown) instanceof Run)) {
2827
+ defaultLogger.warn(
2828
+ `Non-Run item in fieldRuns: ${(run as any)?.constructor?.name}`
2829
+ );
2830
+ continue;
2831
+ }
2821
2832
  const runContent = run.getContent();
2822
2833
  const instrText = runContent.find((c: any) => c.type === 'instructionText');
2823
2834
  if (instrText) {
@@ -3109,6 +3120,9 @@ export class DocumentParser {
3109
3120
  if (nestingDepth > 0) {
3110
3121
  // Non-Run items (e.g., w:proofErr) can't be processed as field runs.
3111
3122
  // Drop them — Word regenerates these markers on open.
3123
+ defaultLogger.debug(
3124
+ `Dropping non-Run item inside field (depth=${nestingDepth}): ${(item as any)?.getElementType?.() || (item as any)?.constructor?.name}`
3125
+ );
3112
3126
  continue;
3113
3127
  } else if (fieldRuns.length > 0) {
3114
3128
  // Incomplete field - add as individual runs
@@ -3615,7 +3629,10 @@ export class DocumentParser {
3615
3629
  let formFieldData: any = undefined;
3616
3630
 
3617
3631
  for (const run of fieldRuns) {
3618
- if (!(run instanceof Run)) continue;
3632
+ if (!((run as unknown) instanceof Run)) {
3633
+ defaultLogger.warn(`Non-Run item in fieldRuns: ${(run as any)?.constructor?.name}`);
3634
+ continue;
3635
+ }
3619
3636
  const runContent = run.getContent();
3620
3637
 
3621
3638
  // Check for fieldChar tokens
@@ -3660,7 +3677,10 @@ export class DocumentParser {
3660
3677
  const resultContentElements: XMLElement[] = [];
3661
3678
  let pastSeparator = false;
3662
3679
  for (const run of fieldRuns) {
3663
- if (!(run instanceof Run)) continue;
3680
+ if (!((run as unknown) instanceof Run)) {
3681
+ defaultLogger.warn(`Non-Run item in fieldRuns: ${(run as any)?.constructor?.name}`);
3682
+ continue;
3683
+ }
3664
3684
  const rc = run.getContent();
3665
3685
  const fc = rc.find((c: any) => c.type === 'fieldChar');
3666
3686
  if (fc?.fieldCharType === 'separate') {
package/src/core/RelationshipManager.ts CHANGED
@@ -382,10 +382,10 @@ export class RelationshipManager {
382
382
  static fromXml(xml: string): RelationshipManager {
383
383
  const manager = new RelationshipManager();
384
384
 
385
- // Prevent ReDoS: validate input size (typical .rels files are < 10KB)
386
- if (xml.length > 100000) {
385
+ // Prevent ReDoS: validate input size (typical .rels files are < 10KB, max 10MB)
386
+ if (xml.length > 10000000) {
387
387
  throw new Error(
388
- 'Relationships XML file too large (>100KB). Possible malicious input or corrupted file.'
388
+ 'Relationships XML file too large (>10MB). Possible malicious input or corrupted file.'
389
389
  );
390
390
  }
391
391