npm - monaco-editor-core - Versions diffs - 0.54.0-dev-20250910 → 0.54.0-dev-20250911 - Mend

monaco-editor-core 0.54.0-dev-20250910 → 0.54.0-dev-20250911

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (247) hide show

package/esm/vs/base/browser/domSanitize.js CHANGED Viewed

@@ -2,9 +2,9 @@
  *  Copyright (c) Microsoft Corporation. All rights reserved.
  *  Licensed under the MIT License. See License.txt in the project root for license information.
  *--------------------------------------------------------------------------------------------*/
-import { DisposableStore, toDisposable } from '../common/lifecycle.js';
 import { Schemas } from '../common/network.js';
 import { reset } from './dom.js';
+// eslint-disable-next-line no-restricted-imports
 import dompurify from './dompurify/dompurify.js';
 /**
  * List of safe, non-input html tags.
@@ -97,25 +97,32 @@ export const defaultAllowedAttrs = Object.freeze([
     'height',
     'align',
 ]);
-function addDompurifyHook(hook, cb) {
-    dompurify.addHook(hook, cb);
-    return toDisposable(() => dompurify.removeHook(hook));
+const fakeRelativeUrlProtocol = 'vscode-relative-path';
+function validateLink(value, allowedProtocols) {
+    if (allowedProtocols.override === '*') {
+        return true; // allow all protocols
+    }
+    try {
+        const url = new URL(value, fakeRelativeUrlProtocol + '://');
+        if (allowedProtocols.override.includes(url.protocol.replace(/:$/, ''))) {
+            return true;
+        }
+        if (allowedProtocols.allowRelativePaths
+            && url.protocol === fakeRelativeUrlProtocol + ':'
+            && !value.trim().toLowerCase().startsWith(fakeRelativeUrlProtocol)) {
+            return true;
+        }
+        return false;
+    }
+    catch (e) {
+        return false;
+    }
 }
 /**
  * Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`
  * attributes are valid.
  */
 function hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols, allowedMediaProtocols) {
-    // https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html
-    // build an anchor to map URLs to
-    const anchor = document.createElement('a');
-    function validateLink(value, allowedProtocols) {
-        if (allowedProtocols === '*') {
-            return true; // allow all protocols
-        }
-        anchor.href = value;
-        return allowedProtocols.includes(anchor.protocol.replace(/:$/, ''));
-    }
     dompurify.addHook('afterSanitizeAttributes', (node) => {
         // check all href/src attributes for validity
         for (const attr of ['href', 'src']) {
@@ -134,7 +141,6 @@ function hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols, allowedMediaProt
             }
         }
     });
-    return toDisposable(() => dompurify.removeHook('afterSanitizeAttributes'));
 }
 const defaultDomPurifyConfig = Object.freeze({
     ALLOWED_TAGS: [...basicMarkupHtmlTags],
@@ -154,7 +160,6 @@ export function sanitizeHtml(untrusted, config) {
     return doSanitizeHtml(untrusted, config, 'trusted');
 }
 function doSanitizeHtml(untrusted, config, outputType) {
-    const store = new DisposableStore();
     try {
         const resolvedConfig = { ...defaultDomPurifyConfig };
         if (config?.allowedTags) {
@@ -196,12 +201,18 @@ function doSanitizeHtml(untrusted, config, outputType) {
             }
         }
         resolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);
-        store.add(hookDomPurifyHrefAndSrcSanitizer(config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https], config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https]));
+        hookDomPurifyHrefAndSrcSanitizer({
+            override: config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],
+            allowRelativePaths: config?.allowRelativeLinkPaths ?? false
+        }, {
+            override: config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https],
+            allowRelativePaths: config?.allowRelativeMediaPaths ?? false
+        });
         if (config?.replaceWithPlaintext) {
-            store.add(addDompurifyHook('uponSanitizeElement', replaceWithPlainTextHook));
+            dompurify.addHook('uponSanitizeElement', replaceWithPlainTextHook);
         }
         if (allowedAttrPredicates.size) {
-            store.add(addDompurifyHook('uponSanitizeAttribute', (node, e) => {
+            dompurify.addHook('uponSanitizeAttribute', (node, e) => {
                 const predicate = allowedAttrPredicates.get(e.attrName);
                 if (predicate) {
                     const result = predicate.shouldKeep(node, e);
@@ -216,7 +227,7 @@ function doSanitizeHtml(untrusted, config, outputType) {
                 else {
                     e.keepAttr = allowedAttrNames.has(e.attrName);
                 }
-            }));
+            });
         }
         if (outputType === 'dom') {
             return dompurify.sanitize(untrusted, {
@@ -232,7 +243,7 @@ function doSanitizeHtml(untrusted, config, outputType) {
         }
     }
     finally {
-        store.dispose();
+        dompurify.removeAllHooks();
     }
 }
 const selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];

package/esm/vs/base/browser/domSanitize.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src/vs/base/browser/domSanitize.ts","vs/base/browser/domSanitize.ts"],"names":[],"mappings":"AAAA;;;gGAGgG;AAEhG,OAAO,EAAE,eAAe,EAAe,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACpF,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,SAAS,MAAM,0BAA0B,CAAC;AAGjD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,GAAG;IACH,MAAM;IACN,GAAG;IACH,KAAK;IACL,YAAY;IACZ,IAAI;IACJ,SAAS;IACT,MAAM;IACN,MAAM;IACN,KAAK;IACL,UAAU;IACV,IAAI;IACJ,KAAK;IACL,SAAS;IACT,KAAK;IACL,KAAK;IACL,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,YAAY;IACZ,QAAQ;IACR,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,IAAI;IACJ,MAAM;IACN,IAAI;IACJ,GAAG;IACH,KAAK;IACL,GAAG;IACH,IAAI;IACJ,IAAI;IACJ,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,KAAK;IACL,SAAS;IACT,KAAK;IACL,OAAO;IACP,OAAO;IACP,IAAI;IACJ,OAAO;IACP,IAAI;IACJ,OAAO;IACP,MAAM;IACN,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,IAAI;IACJ,KAAK;IACL,OAAO;IACP,KAAK;CACL,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,MAAM;IACN,QAAQ;IACR,KAAK;IACL,KAAK;IACL,OAAO;IACP,KAAK;IACL,MAAM;IACN,MAAM;IACN,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,aAAa;IACb,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,OAAO;CACP,CAAC,CAAC;AAQH,SAAS,gBAAgB,CAAC,IAAqD,EAAE,EAAO;IACvF,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC5B,OAAO,YAAY,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,SAAS,gCAAgC,CAAC,oBAA6C,EAAE,qBAAwC;IAChI,kFAAkF;IAClF,iCAAiC;IACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;IAE3C,SAAS,YAAY,CAAC,KAAa,EAAE,gBAAyC;QAC7E,IAAI,gBAAgB,KAAK,GAAG,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,CAAC,sBAAsB;QACpC,CAAC;QAED,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC;QACpB,OAAO,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,CAAC,IAAI,EAAE,EAAE;QACrD,6CAA6C;QAC7C,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAW,CAAC;gBACpD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;oBAErB,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,oBAAoB,CAAC,EAAE,CAAC;wBAClF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBAEF,CAAC;qBAAM,CAAC,CAAA,QAAQ;oBACf,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,CAAC;wBACrD,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBACF,CAAC;YACF,CAAC;QACF,CAAC;IACF,CAAC,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,yBAAyB,CAAC,CAAC,CAAC;AAC5E,CAAC;AAqDD,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,sDAAsD;IACtD,uBAAuB,EAAE,IAAI;CACF,CAAC,CAAC;AAE9B;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiB,EAAE,MAA2B;IAC1E,OAAO,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC;AAID,SAAS,cAAc,CAAC,SAAiB,EAAE,MAAsC,EAAE,UAA6B;IAC/G,MAAM,KAAK,GAAG,IAAI,eAAe,EAAE,CAAC;IACpC,IAAI,CAAC;QACJ,MAAM,cAAc,GAAqB,EAAE,GAAG,sBAAsB,EAAE,CAAC;QAEvE,IAAI,MAAM,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;gBACjC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YAChE,CAAC;YAED,IAAI,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBAChC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACvG,CAAC;QACF,CAAC;QAED,IAAI,kBAAkB,GAA0C,CAAC,GAAG,mBAAmB,CAAC,CAAC;QACzF,IAAI,MAAM,EAAE,iBAAiB,EAAE,CAAC;YAC/B,IAAI,MAAM,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC;gBACvC,kBAAkB,GAAG,CAAC,GAAG,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;gBACtC,kBAAkB,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YACnF,CAAC;QACF,CAAC;QAED,uDAAuD;QACvD,kBAAkB,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAkC,EAAE;YACpF,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;YAC3B,CAAC;YACD,OAAO;gBACN,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE;gBAC/C,UAAU,EAAE,IAAI,CAAC,UAAU;aAC3B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QACvH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAiC,CAAC;QACvE,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;YACvC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,8DAA8D;gBAC9D,qBAAqB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACP,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;YACrD,CAAC;QACF,CAAC;QAED,cAAc,CAAC,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE3D,KAAK,CAAC,GAAG,CAAC,gCAAgC,CACzC,MAAM,EAAE,oBAAoB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,EACvE,MAAM,EAAE,qBAAqB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE5E,IAAI,MAAM,EAAE,oBAAoB,EAAE,CAAC;YAClC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAC9E,CAAC;QAED,IAAI,qBAAqB,CAAC,IAAI,EAAE,CAAC;YAChC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,uBAAuB,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;gBAC/D,MAAM,SAAS,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBACxD,IAAI,SAAS,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC7C,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;wBAChC,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC;wBAClB,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;oBACtB,CAAC;yBAAM,CAAC;wBACP,CAAC,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACrB,CAAC;gBACF,CAAC;qBAAM,CAAC;oBACP,CAAC,CAAC,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBAC/C,CAAC;YACF,CAAC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,UAAU,KAAK,KAAK,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;aAAM,CAAC;YACP,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;IACF,CAAC;YAAS,CAAC;QACV,KAAK,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;AACF,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAE7J,SAAS,wBAAwB,CAAC,OAAgB,EAAE,IAAwC,EAAE,OAAyB;IACtH,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;QAChE,MAAM,WAAW,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,iEAAiE;YACjE,mGAAmG;YACnG,oEAAoE;YACpE,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACP,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;IACF,CAAC;AACF,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACrD,IAAI,YAAoB,CAAC;IACzB,IAAI,UAA8B,CAAC;IACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,YAAY,GAAG,OAAO,OAAO,CAAC,WAAW,KAAK,CAAC;IAChD,CAAC;SAAM,CAAC;QACP,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAC9C,MAAM,aAAa,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC7C,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC;iBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,KAAK,GAAG,CAAC;iBAC3C,IAAI,CAAC,GAAG,CAAC;YACX,CAAC,CAAC,EAAE,CAAC;QACN,YAAY,GAAG,IAAI,OAAO,GAAG,UAAU,GAAG,CAAC;QAC3C,IAAI,CAAC,aAAa,EAAE,CAAC;YACpB,UAAU,GAAG,KAAK,OAAO,GAAG,CAAC;QAC9B,CAAC;IACF,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,sBAAsB,EAAE,CAAC;IACnD,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACpE,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,OAAO,CAAC,UAAU,EAAE,CAAC;QAC3B,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjG,IAAI,cAAc,EAAE,CAAC;QACpB,QAAQ,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAiB,EAAE,SAAiB,EAAE,MAA2B;IACjG,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AACvB,CAAC","file":"domSanitize.js","sourceRoot":"file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src","sourcesContent":["/---------------------------------------------------------------------------------------------\n Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n --------------------------------------------------------------------------------------------/\n\nimport { DisposableStore, IDisposable, toDisposable } from '../common/lifecycle.js';\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\nimport dompurify from './dompurify/dompurify.js';\n\n\n/*\n List of safe, non-input html tags.\n /\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\ntype UponSanitizeElementCb = (currentNode: Element, data: dompurify.SanitizeElementHookEvent, config: dompurify.Config) => void;\ntype UponSanitizeAttributeCb = (currentNode: Element, data: dompurify.SanitizeAttributeHookEvent, config: dompurify.Config) => void;\n\nfunction addDompurifyHook(hook: 'uponSanitizeElement', cb: UponSanitizeElementCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeAttribute', cb: UponSanitizeAttributeCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeElement' \| 'uponSanitizeAttribute', cb: any): IDisposable {\n\tdompurify.addHook(hook, cb);\n\treturn toDisposable(() => dompurify.removeHook(hook));\n}\n\n/\n Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n /\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: readonly string[] \| '', allowedMediaProtocols: readonly string[]): IDisposable {\n\t// https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html\n\t// build an anchor to map URLs to\n\tconst anchor = document.createElement('a');\n\n\tfunction validateLink(value: string, allowedProtocols: readonly string[] \| ''): boolean {\n\t\tif (allowedProtocols === '') {\n\t\t\treturn true; // allow all protocols\n\t\t}\n\n\t\tanchor.href = value;\n\t\treturn allowedProtocols.includes(anchor.protocol.replace(/:$/, ''));\n\t}\n\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\n\t\t\t\t} else {// 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\treturn toDisposable(() => dompurify.removeHook('afterSanitizeAttributes'));\n}\n\n/*\n Predicate that checks if an attribute should be kept or removed.\n \n @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n /\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean \| string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\nexport interface DomSanitizerConfig {\n\t/\n\t Configured the allowed html tags.\n\t /\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/\n\t Configured the allowed html attributes.\n\t /\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t};\n\n\t/\n\t List of allowed protocols for `href` attributes.\n\t /\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] \| '';\n\t};\n\n\t/*\n\t List of allowed protocols for `src` attributes.\n\t /\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[];\n\t};\n\n\t/\n\t If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t \n\t For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t /\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/\n Sanitizes an html string.\n \n @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n \n @returns A sanitized string of html.\n /\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom' \| 'trusted'): TrustedHTML \| DocumentFragment {\n\tconst store = new DisposableStore();\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string \| SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string \| SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\tstore.add(hookDomPurifyHrefAndSrcSanitizer(\n\t\t\tconfig?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\tconfig?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https]));\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeElement', replaceWithPlainTextHook));\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t}));\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tstore.dispose();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string \| undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/\n Sanitizes the given `value` and reset the given `node` with it.\n /\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n","/---------------------------------------------------------------------------------------------\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n --------------------------------------------------------------------------------------------/\n\nimport { DisposableStore, IDisposable, toDisposable } from '../common/lifecycle.js';\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\nimport dompurify from './dompurify/dompurify.js';\n\n\n/*\n List of safe, non-input html tags.\n /\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\ntype UponSanitizeElementCb = (currentNode: Element, data: dompurify.SanitizeElementHookEvent, config: dompurify.Config) => void;\ntype UponSanitizeAttributeCb = (currentNode: Element, data: dompurify.SanitizeAttributeHookEvent, config: dompurify.Config) => void;\n\nfunction addDompurifyHook(hook: 'uponSanitizeElement', cb: UponSanitizeElementCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeAttribute', cb: UponSanitizeAttributeCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeElement' \| 'uponSanitizeAttribute', cb: any): IDisposable {\n\tdompurify.addHook(hook, cb);\n\treturn toDisposable(() => dompurify.removeHook(hook));\n}\n\n/\n Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n /\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: readonly string[] \| '', allowedMediaProtocols: readonly string[]): IDisposable {\n\t// https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html\n\t// build an anchor to map URLs to\n\tconst anchor = document.createElement('a');\n\n\tfunction validateLink(value: string, allowedProtocols: readonly string[] \| ''): boolean {\n\t\tif (allowedProtocols === '') {\n\t\t\treturn true; // allow all protocols\n\t\t}\n\n\t\tanchor.href = value;\n\t\treturn allowedProtocols.includes(anchor.protocol.replace(/:$/, ''));\n\t}\n\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\n\t\t\t\t} else {// 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\treturn toDisposable(() => dompurify.removeHook('afterSanitizeAttributes'));\n}\n\n/*\n Predicate that checks if an attribute should be kept or removed.\n \n @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n /\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean \| string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\nexport interface DomSanitizerConfig {\n\t/\n\t Configured the allowed html tags.\n\t /\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/\n\t Configured the allowed html attributes.\n\t /\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t};\n\n\t/\n\t List of allowed protocols for `href` attributes.\n\t /\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] \| '';\n\t};\n\n\t/*\n\t List of allowed protocols for `src` attributes.\n\t /\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[];\n\t};\n\n\t/\n\t If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t \n\t For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t /\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/\n Sanitizes an html string.\n \n @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n \n @returns A sanitized string of html.\n /\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom' \| 'trusted'): TrustedHTML \| DocumentFragment {\n\tconst store = new DisposableStore();\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string \| SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string \| SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\tstore.add(hookDomPurifyHrefAndSrcSanitizer(\n\t\t\tconfig?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\tconfig?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https]));\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeElement', replaceWithPlainTextHook));\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t}));\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tstore.dispose();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string \| undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/\n Sanitizes the given `value` and reset the given `node` with it.\n */\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n"]}
1	+ {"version":3,"sources":["file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src/vs/base/browser/domSanitize.ts","vs/base/browser/domSanitize.ts"],"names":[],"mappings":"AAAA;;;gGAGgG;AAEhG,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,iDAAiD;AACjD,OAAO,SAAS,MAAM,0BAA0B,CAAC;AAEjD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,GAAG;IACH,MAAM;IACN,GAAG;IACH,KAAK;IACL,YAAY;IACZ,IAAI;IACJ,SAAS;IACT,MAAM;IACN,MAAM;IACN,KAAK;IACL,UAAU;IACV,IAAI;IACJ,KAAK;IACL,SAAS;IACT,KAAK;IACL,KAAK;IACL,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,YAAY;IACZ,QAAQ;IACR,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,IAAI;IACJ,MAAM;IACN,IAAI;IACJ,GAAG;IACH,KAAK;IACL,GAAG;IACH,IAAI;IACJ,IAAI;IACJ,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,KAAK;IACL,SAAS;IACT,KAAK;IACL,OAAO;IACP,OAAO;IACP,IAAI;IACJ,OAAO;IACP,IAAI;IACJ,OAAO;IACP,MAAM;IACN,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,IAAI;IACJ,KAAK;IACL,OAAO;IACP,KAAK;CACL,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,MAAM;IACN,QAAQ;IACR,KAAK;IACL,KAAK;IACL,OAAO;IACP,KAAK;IACL,MAAM;IACN,MAAM;IACN,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,aAAa;IACb,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,OAAO;CACP,CAAC,CAAC;AAGH,MAAM,uBAAuB,GAAG,sBAAsB,CAAC;AAOvD,SAAS,YAAY,CAAC,KAAa,EAAE,gBAAoC;IACxE,IAAI,gBAAgB,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC,CAAC,sBAAsB;IACpC,CAAC;IAED,IAAI,CAAC;QACJ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,EAAE,uBAAuB,GAAG,KAAK,CAAC,CAAC;QAC5D,IAAI,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;YACxE,OAAO,IAAI,CAAC;QACb,CAAC;QAED,IAAI,gBAAgB,CAAC,kBAAkB;eACnC,GAAG,CAAC,QAAQ,KAAK,uBAAuB,GAAG,GAAG;eAC9C,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,EACjE,CAAC;YACF,OAAO,IAAI,CAAC;QACb,CAAC;QAED,OAAO,KAAK,CAAC;IACd,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACd,CAAC;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gCAAgC,CAAC,oBAAwC,EAAE,qBAAyC;IAC5H,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,CAAC,IAAI,EAAE,EAAE;QACrD,6CAA6C;QAC7C,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAW,CAAC;gBACpD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;oBACrB,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,oBAAoB,CAAC,EAAE,CAAC;wBAClF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBACF,CAAC;qBAAM,CAAC,CAAC,QAAQ;oBAChB,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,CAAC;wBACrD,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBACF,CAAC;YACF,CAAC;QACF,CAAC;IACF,CAAC,CAAC,CAAC;AACJ,CAAC;AAgED,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,sDAAsD;IACtD,uBAAuB,EAAE,IAAI;CACF,CAAC,CAAC;AAE9B;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiB,EAAE,MAA2B;IAC1E,OAAO,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC;AAID,SAAS,cAAc,CAAC,SAAiB,EAAE,MAAsC,EAAE,UAA6B;IAC/G,IAAI,CAAC;QACJ,MAAM,cAAc,GAAqB,EAAE,GAAG,sBAAsB,EAAE,CAAC;QAEvE,IAAI,MAAM,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;gBACjC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YAChE,CAAC;YAED,IAAI,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBAChC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACvG,CAAC;QACF,CAAC;QAED,IAAI,kBAAkB,GAA0C,CAAC,GAAG,mBAAmB,CAAC,CAAC;QACzF,IAAI,MAAM,EAAE,iBAAiB,EAAE,CAAC;YAC/B,IAAI,MAAM,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC;gBACvC,kBAAkB,GAAG,CAAC,GAAG,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;gBACtC,kBAAkB,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YACnF,CAAC;QACF,CAAC;QAED,uDAAuD;QACvD,kBAAkB,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAkC,EAAE;YACpF,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;YAC3B,CAAC;YACD,OAAO;gBACN,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE;gBAC/C,UAAU,EAAE,IAAI,CAAC,UAAU;aAC3B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QACvH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAiC,CAAC;QACvE,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;YACvC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,8DAA8D;gBAC9D,qBAAqB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACP,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;YACrD,CAAC;QACF,CAAC;QAED,cAAc,CAAC,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE3D,gCAAgC,CAC/B;YACC,QAAQ,EAAE,MAAM,EAAE,oBAAoB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;YACjF,kBAAkB,EAAE,MAAM,EAAE,sBAAsB,IAAI,KAAK;SAC3D,EACD;YACC,QAAQ,EAAE,MAAM,EAAE,qBAAqB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;YAClF,kBAAkB,EAAE,MAAM,EAAE,uBAAuB,IAAI,KAAK;SAC5D,CAAC,CAAC;QAEJ,IAAI,MAAM,EAAE,oBAAoB,EAAE,CAAC;YAClC,SAAS,CAAC,OAAO,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,qBAAqB,CAAC,IAAI,EAAE,CAAC;YAChC,SAAS,CAAC,OAAO,CAAC,uBAAuB,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;gBACtD,MAAM,SAAS,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBACxD,IAAI,SAAS,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC7C,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;wBAChC,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC;wBAClB,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;oBACtB,CAAC;yBAAM,CAAC;wBACP,CAAC,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACrB,CAAC;gBACF,CAAC;qBAAM,CAAC;oBACP,CAAC,CAAC,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBAC/C,CAAC;YACF,CAAC,CAAC,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,KAAK,KAAK,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;aAAM,CAAC;YACP,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;IACF,CAAC;YAAS,CAAC;QACV,SAAS,CAAC,cAAc,EAAE,CAAC;IAC5B,CAAC;AACF,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAE7J,SAAS,wBAAwB,CAAC,OAAgB,EAAE,IAAwC,EAAE,OAAyB;IACtH,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;QAChE,MAAM,WAAW,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,iEAAiE;YACjE,mGAAmG;YACnG,oEAAoE;YACpE,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACP,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;IACF,CAAC;AACF,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACrD,IAAI,YAAoB,CAAC;IACzB,IAAI,UAA8B,CAAC;IACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,YAAY,GAAG,OAAO,OAAO,CAAC,WAAW,KAAK,CAAC;IAChD,CAAC;SAAM,CAAC;QACP,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAC9C,MAAM,aAAa,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC7C,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC;iBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,KAAK,GAAG,CAAC;iBAC3C,IAAI,CAAC,GAAG,CAAC;YACX,CAAC,CAAC,EAAE,CAAC;QACN,YAAY,GAAG,IAAI,OAAO,GAAG,UAAU,GAAG,CAAC;QAC3C,IAAI,CAAC,aAAa,EAAE,CAAC;YACpB,UAAU,GAAG,KAAK,OAAO,GAAG,CAAC;QAC9B,CAAC;IACF,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,sBAAsB,EAAE,CAAC;IACnD,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACpE,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,OAAO,CAAC,UAAU,EAAE,CAAC;QAC3B,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjG,IAAI,cAAc,EAAE,CAAC;QACpB,QAAQ,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAiB,EAAE,SAAiB,EAAE,MAA2B;IACjG,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AACvB,CAAC","file":"domSanitize.js","sourceRoot":"file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src","sourcesContent":["/---------------------------------------------------------------------------------------------\n Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n --------------------------------------------------------------------------------------------/\n\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\n// eslint-disable-next-line no-restricted-imports\nimport dompurify from './dompurify/dompurify.js';\n\n/*\n List of safe, non-input html tags.\n /\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\nconst fakeRelativeUrlProtocol = 'vscode-relative-path';\n\ninterface AllowedLinksConfig {\n\treadonly override: readonly string[] \| '';\n\treadonly allowRelativePaths: boolean;\n}\n\nfunction validateLink(value: string, allowedProtocols: AllowedLinksConfig): boolean {\n\tif (allowedProtocols.override === '') {\n\t\treturn true; // allow all protocols\n\t}\n\n\ttry {\n\t\tconst url = new URL(value, fakeRelativeUrlProtocol + '://');\n\t\tif (allowedProtocols.override.includes(url.protocol.replace(/:$/, ''))) {\n\t\t\treturn true;\n\t\t}\n\n\t\tif (allowedProtocols.allowRelativePaths\n\t\t\t&& url.protocol === fakeRelativeUrlProtocol + ':'\n\t\t\t&& !value.trim().toLowerCase().startsWith(fakeRelativeUrlProtocol)\n\t\t) {\n\t\t\treturn true;\n\t\t}\n\n\t\treturn false;\n\t} catch (e) {\n\t\treturn false;\n\t}\n}\n\n/\n Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n /\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: AllowedLinksConfig, allowedMediaProtocols: AllowedLinksConfig) {\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t} else { // 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n}\n\n/\n Predicate that checks if an attribute should be kept or removed.\n \n @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n /\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean \| string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\n\nexport interface DomSanitizerConfig {\n\t/\n\t Configured the allowed html tags.\n\t /\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/\n\t Configured the allowed html attributes.\n\t /\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t};\n\n\t/\n\t List of allowed protocols for `href` attributes.\n\t /\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] \| '';\n\t};\n\n\t/*\n\t If set, allows relative paths for links.\n\t /\n\treadonly allowRelativeLinkPaths?: boolean;\n\n\t/\n\t List of allowed protocols for `src` attributes.\n\t /\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[] \| '';\n\t};\n\n\t/*\n\t If set, allows relative paths for media (images, videos, etc).\n\t /\n\treadonly allowRelativeMediaPaths?: boolean;\n\n\t/\n\t If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t \n\t For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t /\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/\n Sanitizes an html string.\n \n @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n \n @returns A sanitized string of html.\n /\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom' \| 'trusted'): TrustedHTML \| DocumentFragment {\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string \| SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string \| SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\thookDomPurifyHrefAndSrcSanitizer(\n\t\t\t{\n\t\t\t\toverride: config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeLinkPaths ?? false\n\t\t\t},\n\t\t\t{\n\t\t\t\toverride: config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeMediaPaths ?? false\n\t\t\t});\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tdompurify.addHook('uponSanitizeElement', replaceWithPlainTextHook);\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tdompurify.addHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t});\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tdompurify.removeAllHooks();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string \| undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/\n Sanitizes the given `value` and reset the given `node` with it.\n /\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n","/---------------------------------------------------------------------------------------------\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n --------------------------------------------------------------------------------------------/\n\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\n// eslint-disable-next-line no-restricted-imports\nimport dompurify from './dompurify/dompurify.js';\n\n/*\n List of safe, non-input html tags.\n /\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\nconst fakeRelativeUrlProtocol = 'vscode-relative-path';\n\ninterface AllowedLinksConfig {\n\treadonly override: readonly string[] \| '';\n\treadonly allowRelativePaths: boolean;\n}\n\nfunction validateLink(value: string, allowedProtocols: AllowedLinksConfig): boolean {\n\tif (allowedProtocols.override === '') {\n\t\treturn true; // allow all protocols\n\t}\n\n\ttry {\n\t\tconst url = new URL(value, fakeRelativeUrlProtocol + '://');\n\t\tif (allowedProtocols.override.includes(url.protocol.replace(/:$/, ''))) {\n\t\t\treturn true;\n\t\t}\n\n\t\tif (allowedProtocols.allowRelativePaths\n\t\t\t&& url.protocol === fakeRelativeUrlProtocol + ':'\n\t\t\t&& !value.trim().toLowerCase().startsWith(fakeRelativeUrlProtocol)\n\t\t) {\n\t\t\treturn true;\n\t\t}\n\n\t\treturn false;\n\t} catch (e) {\n\t\treturn false;\n\t}\n}\n\n/\n Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n /\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: AllowedLinksConfig, allowedMediaProtocols: AllowedLinksConfig) {\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t} else { // 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n}\n\n/\n Predicate that checks if an attribute should be kept or removed.\n \n @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n /\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean \| string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\n\nexport interface DomSanitizerConfig {\n\t/\n\t Configured the allowed html tags.\n\t /\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/\n\t Configured the allowed html attributes.\n\t /\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string \| SanitizeAttributeRule>;\n\t};\n\n\t/\n\t List of allowed protocols for `href` attributes.\n\t /\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] \| '';\n\t};\n\n\t/*\n\t If set, allows relative paths for links.\n\t /\n\treadonly allowRelativeLinkPaths?: boolean;\n\n\t/\n\t List of allowed protocols for `src` attributes.\n\t /\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[] \| '';\n\t};\n\n\t/*\n\t If set, allows relative paths for media (images, videos, etc).\n\t /\n\treadonly allowRelativeMediaPaths?: boolean;\n\n\t/\n\t If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t \n\t For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t /\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/\n Sanitizes an html string.\n \n @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n \n @returns A sanitized string of html.\n /\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig \| undefined, outputType: 'dom' \| 'trusted'): TrustedHTML \| DocumentFragment {\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string \| SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string \| SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\thookDomPurifyHrefAndSrcSanitizer(\n\t\t\t{\n\t\t\t\toverride: config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeLinkPaths ?? false\n\t\t\t},\n\t\t\t{\n\t\t\t\toverride: config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeMediaPaths ?? false\n\t\t\t});\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tdompurify.addHook('uponSanitizeElement', replaceWithPlainTextHook);\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tdompurify.addHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t});\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tdompurify.removeAllHooks();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string \| undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/\n Sanitizes the given `value` and reset the given `node` with it.\n */\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n"]}

package/esm/vs/base/browser/ui/codicons/codicon/codicon.ttf CHANGED Viewed

Binary file

package/esm/vs/base/common/codiconsLibrary.js CHANGED Viewed

@@ -611,5 +611,7 @@ export const codiconsLibrary = {
     commentDiscussionSparkle: register('comment-discussion-sparkle', 0xec54),
     chatSparkleWarning: register('chat-sparkle-warning', 0xec55),
     chatSparkleError: register('chat-sparkle-error', 0xec56),
+    collection: register('collection', 0xec57),
+    newCollection: register('new-collection', 0xec58),
 };
 //# sourceMappingURL=codiconsLibrary.js.map