monaco-editor-core 0.54.0-dev-20250910 → 0.54.0-dev-20250912
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm/nls.keys.json +1 -1
- package/esm/nls.messages.de.js +2 -2
- package/esm/nls.messages.es.js +2 -2
- package/esm/nls.messages.fr.js +2 -2
- package/esm/nls.messages.it.js +2 -2
- package/esm/nls.messages.ja.js +2 -2
- package/esm/nls.messages.js +1 -1
- package/esm/nls.messages.json +1 -1
- package/esm/nls.messages.ko.js +2 -2
- package/esm/nls.messages.ru.js +2 -2
- package/esm/nls.messages.zh-cn.js +2 -2
- package/esm/nls.messages.zh-tw.js +2 -2
- package/esm/nls.metadata.json +8 -2
- package/esm/vs/base/browser/domSanitize.js +32 -21
- package/esm/vs/base/browser/domSanitize.js.map +1 -1
- package/esm/vs/base/browser/ui/codicons/codicon/codicon.ttf +0 -0
- package/esm/vs/base/browser/ui/menu/menu.js +2 -0
- package/esm/vs/base/browser/ui/menu/menu.js.map +1 -1
- package/esm/vs/base/common/codiconsLibrary.js +2 -0
- package/esm/vs/base/common/codiconsLibrary.js.map +1 -1
- package/esm/vs/base/common/observableInternal/index.js +3 -0
- package/esm/vs/base/common/observableInternal/index.js.map +1 -1
- package/esm/vs/base/common/observableInternal/logging/debugGetDependencyGraph.js +71 -0
- package/esm/vs/base/common/observableInternal/logging/debugGetDependencyGraph.js.map +1 -0
- package/esm/vs/base/common/observableInternal/observables/baseObservable.js +4 -0
- package/esm/vs/base/common/observableInternal/observables/baseObservable.js.map +1 -1
- package/esm/vs/base/common/observableInternal/observables/derivedImpl.js +10 -0
- package/esm/vs/base/common/observableInternal/observables/derivedImpl.js.map +1 -1
- package/esm/vs/base/common/observableInternal/observables/observableFromEvent.js +3 -0
- package/esm/vs/base/common/observableInternal/observables/observableFromEvent.js.map +1 -1
- package/esm/vs/base/common/observableInternal/reactions/autorunImpl.js +9 -0
- package/esm/vs/base/common/observableInternal/reactions/autorunImpl.js.map +1 -1
- package/esm/vs/editor/browser/config/editorConfiguration.js +1 -1
- package/esm/vs/editor/browser/controller/dragScrolling.js +4 -4
- package/esm/vs/editor/browser/controller/editContext/native/nativeEditContext.js +3 -3
- package/esm/vs/editor/browser/controller/editContext/native/screenReaderContentRich.js +3 -3
- package/esm/vs/editor/browser/controller/editContext/native/screenReaderSupport.js +6 -6
- package/esm/vs/editor/browser/controller/editContext/textArea/textAreaEditContext.js +9 -9
- package/esm/vs/editor/browser/controller/mouseHandler.js +6 -6
- package/esm/vs/editor/browser/controller/mouseTarget.js +3 -3
- package/esm/vs/editor/browser/coreCommands.js +2 -2
- package/esm/vs/editor/browser/gpu/rectangleRenderer.js +1 -1
- package/esm/vs/editor/browser/gpu/viewGpuContext.js +1 -1
- package/esm/vs/editor/browser/observableCodeEditor.js +1 -1
- package/esm/vs/editor/browser/view/viewController.js +2 -2
- package/esm/vs/editor/browser/view/viewLayer.js +1 -1
- package/esm/vs/editor/browser/view/viewOverlays.js +4 -4
- package/esm/vs/editor/browser/view.js +5 -5
- package/esm/vs/editor/browser/viewParts/blockDecorations/blockDecorations.js +1 -1
- package/esm/vs/editor/browser/viewParts/contentWidgets/contentWidgets.js +3 -3
- package/esm/vs/editor/browser/viewParts/currentLineHighlight/currentLineHighlight.js +6 -6
- package/esm/vs/editor/browser/viewParts/editorScrollbar/editorScrollbar.js +8 -8
- package/esm/vs/editor/browser/viewParts/glyphMargin/glyphMargin.js +2 -2
- package/esm/vs/editor/browser/viewParts/indentGuides/indentGuides.js +2 -2
- package/esm/vs/editor/browser/viewParts/lineNumbers/lineNumbers.js +2 -2
- package/esm/vs/editor/browser/viewParts/linesDecorations/linesDecorations.js +2 -2
- package/esm/vs/editor/browser/viewParts/margin/margin.js +2 -2
- package/esm/vs/editor/browser/viewParts/minimap/minimap.js +5 -5
- package/esm/vs/editor/browser/viewParts/overlayWidgets/overlayWidgets.js +2 -2
- package/esm/vs/editor/browser/viewParts/overviewRuler/decorationsOverviewRuler.js +4 -4
- package/esm/vs/editor/browser/viewParts/overviewRuler/overviewRuler.js +3 -3
- package/esm/vs/editor/browser/viewParts/rulers/rulers.js +2 -2
- package/esm/vs/editor/browser/viewParts/rulersGpu/rulersGpu.js +1 -1
- package/esm/vs/editor/browser/viewParts/scrollDecoration/scrollDecoration.js +3 -3
- package/esm/vs/editor/browser/viewParts/selections/selections.js +2 -2
- package/esm/vs/editor/browser/viewParts/viewCursors/viewCursor.js +2 -2
- package/esm/vs/editor/browser/viewParts/viewCursors/viewCursors.js +6 -6
- package/esm/vs/editor/browser/viewParts/viewLines/viewLineOptions.js +4 -4
- package/esm/vs/editor/browser/viewParts/viewLines/viewLines.js +11 -11
- package/esm/vs/editor/browser/viewParts/viewLinesGpu/viewLinesGpu.js +1 -1
- package/esm/vs/editor/browser/viewParts/viewZones/viewZones.js +2 -2
- package/esm/vs/editor/browser/viewParts/whitespace/whitespace.js +4 -4
- package/esm/vs/editor/browser/widget/codeEditor/codeEditorWidget.js +12 -12
- package/esm/vs/editor/browser/widget/diffEditor/commands.js +12 -1
- package/esm/vs/editor/browser/widget/diffEditor/commands.js.map +1 -1
- package/esm/vs/editor/browser/widget/diffEditor/components/accessibleDiffViewer.js +4 -4
- package/esm/vs/editor/browser/widget/diffEditor/components/diffEditorViewZones/diffEditorViewZones.js +3 -3
- package/esm/vs/editor/browser/widget/diffEditor/components/diffEditorViewZones/inlineDiffDeletedCodeMargin.js +2 -2
- package/esm/vs/editor/browser/widget/diffEditor/components/diffEditorViewZones/renderLines.js +2 -2
- package/esm/vs/editor/browser/widget/diffEditor/diffEditorWidget.js +25 -0
- package/esm/vs/editor/browser/widget/diffEditor/diffEditorWidget.js.map +1 -1
- package/esm/vs/editor/browser/widget/diffEditor/features/gutterFeature.js +1 -1
- package/esm/vs/editor/browser/widget/diffEditor/features/overviewRulerFeature.js +1 -1
- package/esm/vs/editor/common/config/editorOptions.js +155 -154
- package/esm/vs/editor/common/config/editorOptions.js.map +1 -1
- package/esm/vs/editor/common/core/editorColorRegistry.js +68 -68
- package/esm/vs/editor/common/core/ranges/lineRange.js +3 -0
- package/esm/vs/editor/common/core/ranges/lineRange.js.map +1 -1
- package/esm/vs/editor/common/cursorCommon.js +19 -19
- package/esm/vs/editor/common/editorContextKeys.js +46 -46
- package/esm/vs/editor/common/languages/modesRegistry.js +1 -1
- package/esm/vs/editor/common/languages.js +56 -56
- package/esm/vs/editor/common/model/editStack.js +1 -1
- package/esm/vs/editor/common/standalone/standaloneEnums.js +86 -85
- package/esm/vs/editor/common/standalone/standaloneEnums.js.map +1 -1
- package/esm/vs/editor/common/standaloneStrings.js +10 -10
- package/esm/vs/editor/common/viewLayout/viewLayout.js +15 -15
- package/esm/vs/editor/common/viewLayout/viewLineRenderer.js +2 -2
- package/esm/vs/editor/common/viewModel/monospaceLineBreaksComputer.js +1 -1
- package/esm/vs/editor/common/viewModel/viewModelImpl.js +14 -14
- package/esm/vs/editor/contrib/anchorSelect/browser/anchorSelect.js +6 -6
- package/esm/vs/editor/contrib/bracketMatching/browser/bracketMatching.js +6 -6
- package/esm/vs/editor/contrib/caretOperations/browser/caretOperations.js +2 -2
- package/esm/vs/editor/contrib/caretOperations/browser/transpose.js +1 -1
- package/esm/vs/editor/contrib/clipboard/browser/clipboard.js +20 -20
- package/esm/vs/editor/contrib/codeAction/browser/codeAction.js +1 -1
- package/esm/vs/editor/contrib/codeAction/browser/codeActionCommands.js +29 -29
- package/esm/vs/editor/contrib/codeAction/browser/codeActionContributions.js +3 -3
- package/esm/vs/editor/contrib/codeAction/browser/codeActionController.js +3 -3
- package/esm/vs/editor/contrib/codeAction/browser/codeActionMenu.js +8 -8
- package/esm/vs/editor/contrib/codeAction/browser/codeActionModel.js +1 -1
- package/esm/vs/editor/contrib/codeAction/browser/lightBulbWidget.js +9 -9
- package/esm/vs/editor/contrib/codelens/browser/codelensController.js +2 -2
- package/esm/vs/editor/contrib/colorPicker/browser/colorDetector.js +3 -3
- package/esm/vs/editor/contrib/colorPicker/browser/colorPickerParts/colorPickerCloseButton.js +1 -1
- package/esm/vs/editor/contrib/colorPicker/browser/colorPickerParts/colorPickerHeader.js +1 -1
- package/esm/vs/editor/contrib/colorPicker/browser/hoverColorPicker/hoverColorPickerContribution.js +1 -1
- package/esm/vs/editor/contrib/colorPicker/browser/hoverColorPicker/hoverColorPickerParticipant.js +2 -2
- package/esm/vs/editor/contrib/colorPicker/browser/standaloneColorPicker/standaloneColorPickerActions.js +7 -7
- package/esm/vs/editor/contrib/colorPicker/browser/standaloneColorPicker/standaloneColorPickerParticipant.js +1 -1
- package/esm/vs/editor/contrib/comment/browser/comment.js +6 -6
- package/esm/vs/editor/contrib/contextmenu/browser/contextmenu.js +12 -12
- package/esm/vs/editor/contrib/cursorUndo/browser/cursorUndo.js +2 -2
- package/esm/vs/editor/contrib/dropOrPasteInto/browser/copyPasteContribution.js +4 -4
- package/esm/vs/editor/contrib/dropOrPasteInto/browser/copyPasteController.js +12 -12
- package/esm/vs/editor/contrib/dropOrPasteInto/browser/defaultProviders.js +8 -8
- package/esm/vs/editor/contrib/dropOrPasteInto/browser/dropIntoEditorController.js +3 -3
- package/esm/vs/editor/contrib/dropOrPasteInto/browser/postEditWidget.js +2 -2
- package/esm/vs/editor/contrib/editorState/browser/keybindingCancellation.js +1 -1
- package/esm/vs/editor/contrib/find/browser/findController.js +17 -17
- package/esm/vs/editor/contrib/find/browser/findModel.js +6 -6
- package/esm/vs/editor/contrib/find/browser/findWidget.js +32 -32
- package/esm/vs/editor/contrib/folding/browser/folding.js +23 -23
- package/esm/vs/editor/contrib/folding/browser/foldingDecorations.js +9 -9
- package/esm/vs/editor/contrib/folding/browser/foldingDecorations.js.map +1 -1
- package/esm/vs/editor/contrib/fontZoom/browser/fontZoom.js +3 -3
- package/esm/vs/editor/contrib/format/browser/formatActions.js +2 -2
- package/esm/vs/editor/contrib/gotoError/browser/gotoError.js +8 -8
- package/esm/vs/editor/contrib/gotoError/browser/gotoErrorWidget.js +14 -14
- package/esm/vs/editor/contrib/gotoSymbol/browser/goToCommands.js +39 -39
- package/esm/vs/editor/contrib/gotoSymbol/browser/link/clickLinkGesture.js +21 -11
- package/esm/vs/editor/contrib/gotoSymbol/browser/link/clickLinkGesture.js.map +1 -1
- package/esm/vs/editor/contrib/gotoSymbol/browser/link/goToDefinitionAtPosition.js +2 -2
- package/esm/vs/editor/contrib/gotoSymbol/browser/peek/referencesController.js +4 -4
- package/esm/vs/editor/contrib/gotoSymbol/browser/peek/referencesTree.js +3 -3
- package/esm/vs/editor/contrib/gotoSymbol/browser/peek/referencesWidget.js +3 -3
- package/esm/vs/editor/contrib/gotoSymbol/browser/referencesModel.js +8 -8
- package/esm/vs/editor/contrib/gotoSymbol/browser/symbolNavigation.js +3 -3
- package/esm/vs/editor/contrib/gpu/browser/gpuActions.js +4 -4
- package/esm/vs/editor/contrib/hover/browser/hoverActionIds.js +2 -2
- package/esm/vs/editor/contrib/hover/browser/hoverActions.js +24 -24
- package/esm/vs/editor/contrib/hover/browser/markdownHoverParticipant.js +10 -10
- package/esm/vs/editor/contrib/hover/browser/markerHoverParticipant.js +6 -6
- package/esm/vs/editor/contrib/inPlaceReplace/browser/inPlaceReplace.js +2 -2
- package/esm/vs/editor/contrib/indentation/browser/indentation.js +20 -20
- package/esm/vs/editor/contrib/inlayHints/browser/inlayHintsController.js +5 -5
- package/esm/vs/editor/contrib/inlayHints/browser/inlayHintsHover.js +8 -8
- package/esm/vs/editor/contrib/inlayHints/browser/inlayHintsLocations.js +2 -2
- package/esm/vs/editor/contrib/inlineCompletions/browser/controller/commands.js +19 -19
- package/esm/vs/editor/contrib/inlineCompletions/browser/controller/inlineCompletionContextKeys.js +12 -12
- package/esm/vs/editor/contrib/inlineCompletions/browser/controller/inlineCompletionsController.js +2 -2
- package/esm/vs/editor/contrib/inlineCompletions/browser/hintsWidget/hoverParticipant.js +1 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/hintsWidget/inlineCompletionsHintsWidget.js +5 -5
- package/esm/vs/editor/contrib/inlineCompletions/browser/model/inlineCompletionsModel.js +1 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/ghostText/ghostTextView.js +5 -5
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/components/gutterIndicatorMenu.js +5 -5
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/components/gutterIndicatorView.js +4 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/components/gutterIndicatorView.js.map +1 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/inlineEditsModel.js +1 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/inlineEditsView.js +2 -0
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/inlineEditsView.js.map +1 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/inlineEditsViewProducer.js +1 -0
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/inlineEditsViewProducer.js.map +1 -1
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/theme.js +22 -21
- package/esm/vs/editor/contrib/inlineCompletions/browser/view/inlineEdits/theme.js.map +1 -1
- package/esm/vs/editor/contrib/insertFinalNewLine/browser/insertFinalNewLine.js +1 -1
- package/esm/vs/editor/contrib/lineSelection/browser/lineSelection.js +1 -1
- package/esm/vs/editor/contrib/linesOperations/browser/linesOperations.js +32 -32
- package/esm/vs/editor/contrib/linkedEditing/browser/linkedEditing.js +4 -4
- package/esm/vs/editor/contrib/links/browser/links.js +11 -11
- package/esm/vs/editor/contrib/links/browser/links.js.map +1 -1
- package/esm/vs/editor/contrib/longLinesHelper/browser/longLinesHelper.js +1 -1
- package/esm/vs/editor/contrib/message/browser/messageController.js +1 -1
- package/esm/vs/editor/contrib/middleScroll/browser/middleScrollController.js +1 -1
- package/esm/vs/editor/contrib/multicursor/browser/multicursor.js +36 -36
- package/esm/vs/editor/contrib/parameterHints/browser/parameterHints.js +1 -1
- package/esm/vs/editor/contrib/parameterHints/browser/parameterHintsModel.js +3 -3
- package/esm/vs/editor/contrib/parameterHints/browser/parameterHintsWidget.js +4 -4
- package/esm/vs/editor/contrib/peekView/browser/peekView.js +18 -18
- package/esm/vs/editor/contrib/placeholderText/browser/placeholderText.contribution.js +1 -1
- package/esm/vs/editor/contrib/placeholderText/browser/placeholderTextContribution.js +1 -1
- package/esm/vs/editor/contrib/placeholderText/browser/placeholderTextContribution.js.map +1 -1
- package/esm/vs/editor/contrib/quickAccess/browser/gotoLineQuickAccess.js +5 -5
- package/esm/vs/editor/contrib/quickAccess/browser/gotoSymbolQuickAccess.js +32 -32
- package/esm/vs/editor/contrib/readOnlyMessage/browser/contribution.js +3 -3
- package/esm/vs/editor/contrib/rename/browser/rename.js +11 -11
- package/esm/vs/editor/contrib/rename/browser/renameWidget.js +7 -7
- package/esm/vs/editor/contrib/smartSelect/browser/smartSelect.js +5 -5
- package/esm/vs/editor/contrib/snippet/browser/snippetController2.js +4 -4
- package/esm/vs/editor/contrib/snippet/browser/snippetSession.js +2 -2
- package/esm/vs/editor/contrib/snippet/browser/snippetVariables.js +4 -4
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollActions.js +11 -11
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollController.js +17 -24
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollController.js.map +1 -1
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollModelProvider.js +1 -1
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollProvider.js +12 -3
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollProvider.js.map +1 -1
- package/esm/vs/editor/contrib/stickyScroll/browser/stickyScrollWidget.js +5 -5
- package/esm/vs/editor/contrib/suggest/browser/suggest.js +8 -8
- package/esm/vs/editor/contrib/suggest/browser/suggestController.js +14 -14
- package/esm/vs/editor/contrib/suggest/browser/suggestInlineCompletions.js +2 -2
- package/esm/vs/editor/contrib/suggest/browser/suggestModel.js +11 -11
- package/esm/vs/editor/contrib/suggest/browser/suggestWidget.js +23 -23
- package/esm/vs/editor/contrib/suggest/browser/suggestWidgetDetails.js +5 -5
- package/esm/vs/editor/contrib/suggest/browser/suggestWidgetRenderer.js +5 -5
- package/esm/vs/editor/contrib/suggest/browser/wordContextKey.js +3 -3
- package/esm/vs/editor/contrib/suggest/browser/wordDistance.js +1 -1
- package/esm/vs/editor/contrib/symbolIcons/browser/symbolIcons.js +33 -33
- package/esm/vs/editor/contrib/toggleTabFocusMode/browser/toggleTabFocusMode.js +4 -4
- package/esm/vs/editor/contrib/tokenization/browser/tokenization.js +1 -1
- package/esm/vs/editor/contrib/unicodeHighlighter/browser/bannerController.js +1 -1
- package/esm/vs/editor/contrib/unicodeHighlighter/browser/unicodeHighlighter.js +27 -27
- package/esm/vs/editor/contrib/unusualLineTerminators/browser/unusualLineTerminators.js +9 -9
- package/esm/vs/editor/contrib/wordHighlighter/browser/highlightDecorations.js +9 -9
- package/esm/vs/editor/contrib/wordHighlighter/browser/wordHighlighter.js +7 -7
- package/esm/vs/editor/contrib/wordOperations/browser/wordOperations.js +4 -4
- package/esm/vs/editor/editor.api.d.ts +93 -85
- package/esm/vs/editor/standalone/browser/iPadShowKeyboard/iPadShowKeyboard.js +1 -1
- package/esm/vs/platform/accessibilitySignal/browser/accessibilitySignalService.js +62 -62
- package/esm/vs/platform/action/common/actionCommonCategories.js +6 -6
- package/esm/vs/platform/actionWidget/browser/actionList.js +4 -4
- package/esm/vs/platform/actionWidget/browser/actionWidget.js +7 -7
- package/esm/vs/platform/actions/browser/menuEntryActionViewItem.js +5 -5
- package/esm/vs/platform/actions/browser/toolbar.js +2 -2
- package/esm/vs/platform/actions/common/menuService.js +2 -2
- package/esm/vs/platform/configuration/common/configurationRegistry.js +10 -10
- package/esm/vs/platform/contextkey/browser/contextKeyService.js +1 -1
- package/esm/vs/platform/contextkey/common/contextkey.js +9 -9
- package/esm/vs/platform/contextkey/common/contextkeys.js +9 -9
- package/esm/vs/platform/contextkey/common/scanner.js +5 -5
- package/esm/vs/platform/history/browser/contextScopedHistoryWidget.js +1 -1
- package/esm/vs/platform/keybinding/common/abstractKeybindingService.js +4 -4
- package/esm/vs/platform/list/browser/listService.js +27 -27
- package/esm/vs/platform/markers/common/markerService.js +2 -2
- package/esm/vs/platform/markers/common/markers.js +6 -6
- package/esm/vs/platform/quickinput/browser/commandsQuickAccess.js +7 -7
- package/esm/vs/platform/quickinput/browser/helpQuickAccess.js +1 -1
- package/esm/vs/platform/quickinput/browser/quickInput.js +21 -13
- package/esm/vs/platform/quickinput/browser/quickInput.js.map +1 -1
- package/esm/vs/platform/quickinput/browser/quickInputActions.js +42 -8
- package/esm/vs/platform/quickinput/browser/quickInputActions.js.map +1 -1
- package/esm/vs/platform/quickinput/browser/quickInputController.js +10 -64
- package/esm/vs/platform/quickinput/browser/quickInputController.js.map +1 -1
- package/esm/vs/platform/quickinput/browser/quickInputList.js +1 -1
- package/esm/vs/platform/quickinput/browser/quickInputUtils.js +1 -1
- package/esm/vs/platform/quickinput/browser/tree/quickInputTreeAccessibilityProvider.js +1 -1
- package/esm/vs/platform/quickinput/browser/tree/quickInputTreeController.js +12 -0
- package/esm/vs/platform/quickinput/browser/tree/quickInputTreeController.js.map +1 -1
- package/esm/vs/platform/quickinput/browser/tree/quickInputTreeRenderer.js +11 -5
- package/esm/vs/platform/quickinput/browser/tree/quickInputTreeRenderer.js.map +1 -1
- package/esm/vs/platform/quickinput/common/quickInput.js.map +1 -1
- package/esm/vs/platform/theme/common/colorUtils.js +2 -2
- package/esm/vs/platform/theme/common/colors/baseColors.js +17 -17
- package/esm/vs/platform/theme/common/colors/chartsColors.js +8 -8
- package/esm/vs/platform/theme/common/colors/editorColors.js +95 -95
- package/esm/vs/platform/theme/common/colors/inputColors.js +47 -47
- package/esm/vs/platform/theme/common/colors/listColors.js +36 -36
- package/esm/vs/platform/theme/common/colors/menuColors.js +7 -7
- package/esm/vs/platform/theme/common/colors/minimapColors.js +11 -11
- package/esm/vs/platform/theme/common/colors/miscColors.js +15 -15
- package/esm/vs/platform/theme/common/colors/quickpickColors.js +9 -9
- package/esm/vs/platform/theme/common/colors/searchColors.js +3 -3
- package/esm/vs/platform/theme/common/iconRegistry.js +6 -6
- package/esm/vs/platform/undoRedo/common/undoRedoService.js +20 -20
- package/esm/vs/platform/workspace/common/workspace.js +1 -1
- package/monaco.d.ts +93 -85
- package/package.json +6 -2
- package/version.txt +1 -1
|
@@ -2,9 +2,9 @@
|
|
|
2
2
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3
3
|
* Licensed under the MIT License. See License.txt in the project root for license information.
|
|
4
4
|
*--------------------------------------------------------------------------------------------*/
|
|
5
|
-
import { DisposableStore, toDisposable } from '../common/lifecycle.js';
|
|
6
5
|
import { Schemas } from '../common/network.js';
|
|
7
6
|
import { reset } from './dom.js';
|
|
7
|
+
// eslint-disable-next-line no-restricted-imports
|
|
8
8
|
import dompurify from './dompurify/dompurify.js';
|
|
9
9
|
/**
|
|
10
10
|
* List of safe, non-input html tags.
|
|
@@ -97,25 +97,32 @@ export const defaultAllowedAttrs = Object.freeze([
|
|
|
97
97
|
'height',
|
|
98
98
|
'align',
|
|
99
99
|
]);
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
100
|
+
const fakeRelativeUrlProtocol = 'vscode-relative-path';
|
|
101
|
+
function validateLink(value, allowedProtocols) {
|
|
102
|
+
if (allowedProtocols.override === '*') {
|
|
103
|
+
return true; // allow all protocols
|
|
104
|
+
}
|
|
105
|
+
try {
|
|
106
|
+
const url = new URL(value, fakeRelativeUrlProtocol + '://');
|
|
107
|
+
if (allowedProtocols.override.includes(url.protocol.replace(/:$/, ''))) {
|
|
108
|
+
return true;
|
|
109
|
+
}
|
|
110
|
+
if (allowedProtocols.allowRelativePaths
|
|
111
|
+
&& url.protocol === fakeRelativeUrlProtocol + ':'
|
|
112
|
+
&& !value.trim().toLowerCase().startsWith(fakeRelativeUrlProtocol)) {
|
|
113
|
+
return true;
|
|
114
|
+
}
|
|
115
|
+
return false;
|
|
116
|
+
}
|
|
117
|
+
catch (e) {
|
|
118
|
+
return false;
|
|
119
|
+
}
|
|
103
120
|
}
|
|
104
121
|
/**
|
|
105
122
|
* Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`
|
|
106
123
|
* attributes are valid.
|
|
107
124
|
*/
|
|
108
125
|
function hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols, allowedMediaProtocols) {
|
|
109
|
-
// https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html
|
|
110
|
-
// build an anchor to map URLs to
|
|
111
|
-
const anchor = document.createElement('a');
|
|
112
|
-
function validateLink(value, allowedProtocols) {
|
|
113
|
-
if (allowedProtocols === '*') {
|
|
114
|
-
return true; // allow all protocols
|
|
115
|
-
}
|
|
116
|
-
anchor.href = value;
|
|
117
|
-
return allowedProtocols.includes(anchor.protocol.replace(/:$/, ''));
|
|
118
|
-
}
|
|
119
126
|
dompurify.addHook('afterSanitizeAttributes', (node) => {
|
|
120
127
|
// check all href/src attributes for validity
|
|
121
128
|
for (const attr of ['href', 'src']) {
|
|
@@ -134,7 +141,6 @@ function hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols, allowedMediaProt
|
|
|
134
141
|
}
|
|
135
142
|
}
|
|
136
143
|
});
|
|
137
|
-
return toDisposable(() => dompurify.removeHook('afterSanitizeAttributes'));
|
|
138
144
|
}
|
|
139
145
|
const defaultDomPurifyConfig = Object.freeze({
|
|
140
146
|
ALLOWED_TAGS: [...basicMarkupHtmlTags],
|
|
@@ -154,7 +160,6 @@ export function sanitizeHtml(untrusted, config) {
|
|
|
154
160
|
return doSanitizeHtml(untrusted, config, 'trusted');
|
|
155
161
|
}
|
|
156
162
|
function doSanitizeHtml(untrusted, config, outputType) {
|
|
157
|
-
const store = new DisposableStore();
|
|
158
163
|
try {
|
|
159
164
|
const resolvedConfig = { ...defaultDomPurifyConfig };
|
|
160
165
|
if (config?.allowedTags) {
|
|
@@ -196,12 +201,18 @@ function doSanitizeHtml(untrusted, config, outputType) {
|
|
|
196
201
|
}
|
|
197
202
|
}
|
|
198
203
|
resolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);
|
|
199
|
-
|
|
204
|
+
hookDomPurifyHrefAndSrcSanitizer({
|
|
205
|
+
override: config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],
|
|
206
|
+
allowRelativePaths: config?.allowRelativeLinkPaths ?? false
|
|
207
|
+
}, {
|
|
208
|
+
override: config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https],
|
|
209
|
+
allowRelativePaths: config?.allowRelativeMediaPaths ?? false
|
|
210
|
+
});
|
|
200
211
|
if (config?.replaceWithPlaintext) {
|
|
201
|
-
|
|
212
|
+
dompurify.addHook('uponSanitizeElement', replaceWithPlainTextHook);
|
|
202
213
|
}
|
|
203
214
|
if (allowedAttrPredicates.size) {
|
|
204
|
-
|
|
215
|
+
dompurify.addHook('uponSanitizeAttribute', (node, e) => {
|
|
205
216
|
const predicate = allowedAttrPredicates.get(e.attrName);
|
|
206
217
|
if (predicate) {
|
|
207
218
|
const result = predicate.shouldKeep(node, e);
|
|
@@ -216,7 +227,7 @@ function doSanitizeHtml(untrusted, config, outputType) {
|
|
|
216
227
|
else {
|
|
217
228
|
e.keepAttr = allowedAttrNames.has(e.attrName);
|
|
218
229
|
}
|
|
219
|
-
})
|
|
230
|
+
});
|
|
220
231
|
}
|
|
221
232
|
if (outputType === 'dom') {
|
|
222
233
|
return dompurify.sanitize(untrusted, {
|
|
@@ -232,7 +243,7 @@ function doSanitizeHtml(untrusted, config, outputType) {
|
|
|
232
243
|
}
|
|
233
244
|
}
|
|
234
245
|
finally {
|
|
235
|
-
|
|
246
|
+
dompurify.removeAllHooks();
|
|
236
247
|
}
|
|
237
248
|
}
|
|
238
249
|
const selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src/vs/base/browser/domSanitize.ts","vs/base/browser/domSanitize.ts"],"names":[],"mappings":"AAAA;;;gGAGgG;AAEhG,OAAO,EAAE,eAAe,EAAe,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACpF,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,SAAS,MAAM,0BAA0B,CAAC;AAGjD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,GAAG;IACH,MAAM;IACN,GAAG;IACH,KAAK;IACL,YAAY;IACZ,IAAI;IACJ,SAAS;IACT,MAAM;IACN,MAAM;IACN,KAAK;IACL,UAAU;IACV,IAAI;IACJ,KAAK;IACL,SAAS;IACT,KAAK;IACL,KAAK;IACL,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,YAAY;IACZ,QAAQ;IACR,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,IAAI;IACJ,MAAM;IACN,IAAI;IACJ,GAAG;IACH,KAAK;IACL,GAAG;IACH,IAAI;IACJ,IAAI;IACJ,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,KAAK;IACL,SAAS;IACT,KAAK;IACL,OAAO;IACP,OAAO;IACP,IAAI;IACJ,OAAO;IACP,IAAI;IACJ,OAAO;IACP,MAAM;IACN,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,IAAI;IACJ,KAAK;IACL,OAAO;IACP,KAAK;CACL,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,MAAM;IACN,QAAQ;IACR,KAAK;IACL,KAAK;IACL,OAAO;IACP,KAAK;IACL,MAAM;IACN,MAAM;IACN,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,aAAa;IACb,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,OAAO;CACP,CAAC,CAAC;AAQH,SAAS,gBAAgB,CAAC,IAAqD,EAAE,EAAO;IACvF,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC5B,OAAO,YAAY,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;AACvD,CAAC;AAED;;;GAGG;AACH,SAAS,gCAAgC,CAAC,oBAA6C,EAAE,qBAAwC;IAChI,kFAAkF;IAClF,iCAAiC;IACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;IAE3C,SAAS,YAAY,CAAC,KAAa,EAAE,gBAAyC;QAC7E,IAAI,gBAAgB,KAAK,GAAG,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,CAAC,sBAAsB;QACpC,CAAC;QAED,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC;QACpB,OAAO,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,CAAC,IAAI,EAAE,EAAE;QACrD,6CAA6C;QAC7C,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAW,CAAC;gBACpD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;oBAErB,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,oBAAoB,CAAC,EAAE,CAAC;wBAClF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBAEF,CAAC;qBAAM,CAAC,CAAA,QAAQ;oBACf,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,CAAC;wBACrD,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBACF,CAAC;YACF,CAAC;QACF,CAAC;IACF,CAAC,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,yBAAyB,CAAC,CAAC,CAAC;AAC5E,CAAC;AAqDD,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,sDAAsD;IACtD,uBAAuB,EAAE,IAAI;CACF,CAAC,CAAC;AAE9B;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiB,EAAE,MAA2B;IAC1E,OAAO,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC;AAID,SAAS,cAAc,CAAC,SAAiB,EAAE,MAAsC,EAAE,UAA6B;IAC/G,MAAM,KAAK,GAAG,IAAI,eAAe,EAAE,CAAC;IACpC,IAAI,CAAC;QACJ,MAAM,cAAc,GAAqB,EAAE,GAAG,sBAAsB,EAAE,CAAC;QAEvE,IAAI,MAAM,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;gBACjC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YAChE,CAAC;YAED,IAAI,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBAChC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACvG,CAAC;QACF,CAAC;QAED,IAAI,kBAAkB,GAA0C,CAAC,GAAG,mBAAmB,CAAC,CAAC;QACzF,IAAI,MAAM,EAAE,iBAAiB,EAAE,CAAC;YAC/B,IAAI,MAAM,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC;gBACvC,kBAAkB,GAAG,CAAC,GAAG,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;gBACtC,kBAAkB,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YACnF,CAAC;QACF,CAAC;QAED,uDAAuD;QACvD,kBAAkB,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAkC,EAAE;YACpF,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;YAC3B,CAAC;YACD,OAAO;gBACN,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE;gBAC/C,UAAU,EAAE,IAAI,CAAC,UAAU;aAC3B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QACvH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAiC,CAAC;QACvE,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;YACvC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,8DAA8D;gBAC9D,qBAAqB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACP,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;YACrD,CAAC;QACF,CAAC;QAED,cAAc,CAAC,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE3D,KAAK,CAAC,GAAG,CAAC,gCAAgC,CACzC,MAAM,EAAE,oBAAoB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,EACvE,MAAM,EAAE,qBAAqB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE5E,IAAI,MAAM,EAAE,oBAAoB,EAAE,CAAC;YAClC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAC9E,CAAC;QAED,IAAI,qBAAqB,CAAC,IAAI,EAAE,CAAC;YAChC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,uBAAuB,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;gBAC/D,MAAM,SAAS,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBACxD,IAAI,SAAS,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC7C,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;wBAChC,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC;wBAClB,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;oBACtB,CAAC;yBAAM,CAAC;wBACP,CAAC,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACrB,CAAC;gBACF,CAAC;qBAAM,CAAC;oBACP,CAAC,CAAC,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBAC/C,CAAC;YACF,CAAC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,UAAU,KAAK,KAAK,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;aAAM,CAAC;YACP,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;IACF,CAAC;YAAS,CAAC;QACV,KAAK,CAAC,OAAO,EAAE,CAAC;IACjB,CAAC;AACF,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAE7J,SAAS,wBAAwB,CAAC,OAAgB,EAAE,IAAwC,EAAE,OAAyB;IACtH,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;QAChE,MAAM,WAAW,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,iEAAiE;YACjE,mGAAmG;YACnG,oEAAoE;YACpE,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACP,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;IACF,CAAC;AACF,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACrD,IAAI,YAAoB,CAAC;IACzB,IAAI,UAA8B,CAAC;IACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,YAAY,GAAG,OAAO,OAAO,CAAC,WAAW,KAAK,CAAC;IAChD,CAAC;SAAM,CAAC;QACP,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAC9C,MAAM,aAAa,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC7C,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC;iBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,KAAK,GAAG,CAAC;iBAC3C,IAAI,CAAC,GAAG,CAAC;YACX,CAAC,CAAC,EAAE,CAAC;QACN,YAAY,GAAG,IAAI,OAAO,GAAG,UAAU,GAAG,CAAC;QAC3C,IAAI,CAAC,aAAa,EAAE,CAAC;YACpB,UAAU,GAAG,KAAK,OAAO,GAAG,CAAC;QAC9B,CAAC;IACF,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,sBAAsB,EAAE,CAAC;IACnD,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACpE,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,OAAO,CAAC,UAAU,EAAE,CAAC;QAC3B,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjG,IAAI,cAAc,EAAE,CAAC;QACpB,QAAQ,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAiB,EAAE,SAAiB,EAAE,MAA2B;IACjG,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AACvB,CAAC","file":"domSanitize.js","sourceRoot":"file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src","sourcesContent":["/*---------------------------------------------------------------------------------------------\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n *--------------------------------------------------------------------------------------------*/\n\nimport { DisposableStore, IDisposable, toDisposable } from '../common/lifecycle.js';\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\nimport dompurify from './dompurify/dompurify.js';\n\n\n/**\n * List of safe, non-input html tags.\n */\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\ntype UponSanitizeElementCb = (currentNode: Element, data: dompurify.SanitizeElementHookEvent, config: dompurify.Config) => void;\ntype UponSanitizeAttributeCb = (currentNode: Element, data: dompurify.SanitizeAttributeHookEvent, config: dompurify.Config) => void;\n\nfunction addDompurifyHook(hook: 'uponSanitizeElement', cb: UponSanitizeElementCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeAttribute', cb: UponSanitizeAttributeCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeElement' | 'uponSanitizeAttribute', cb: any): IDisposable {\n\tdompurify.addHook(hook, cb);\n\treturn toDisposable(() => dompurify.removeHook(hook));\n}\n\n/**\n * Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n */\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: readonly string[] | '*', allowedMediaProtocols: readonly string[]): IDisposable {\n\t// https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html\n\t// build an anchor to map URLs to\n\tconst anchor = document.createElement('a');\n\n\tfunction validateLink(value: string, allowedProtocols: readonly string[] | '*'): boolean {\n\t\tif (allowedProtocols === '*') {\n\t\t\treturn true; // allow all protocols\n\t\t}\n\n\t\tanchor.href = value;\n\t\treturn allowedProtocols.includes(anchor.protocol.replace(/:$/, ''));\n\t}\n\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\n\t\t\t\t} else {// 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\treturn toDisposable(() => dompurify.removeHook('afterSanitizeAttributes'));\n}\n\n/**\n * Predicate that checks if an attribute should be kept or removed.\n *\n * @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n */\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean | string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\nexport interface DomSanitizerConfig {\n\t/**\n\t * Configured the allowed html tags.\n\t */\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/**\n\t * Configured the allowed html attributes.\n\t */\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t};\n\n\t/**\n\t * List of allowed protocols for `href` attributes.\n\t */\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] | '*';\n\t};\n\n\t/**\n\t * List of allowed protocols for `src` attributes.\n\t */\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[];\n\t};\n\n\t/**\n\t * If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t *\n\t * For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t */\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/**\n * Sanitizes an html string.\n *\n * @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n *\n * @returns A sanitized string of html.\n */\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom' | 'trusted'): TrustedHTML | DocumentFragment {\n\tconst store = new DisposableStore();\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string | SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string | SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\tstore.add(hookDomPurifyHrefAndSrcSanitizer(\n\t\t\tconfig?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\tconfig?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https]));\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeElement', replaceWithPlainTextHook));\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t}));\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tstore.dispose();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string | undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/**\n * Sanitizes the given `value` and reset the given `node` with it.\n */\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n","/*---------------------------------------------------------------------------------------------\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n *--------------------------------------------------------------------------------------------*/\n\nimport { DisposableStore, IDisposable, toDisposable } from '../common/lifecycle.js';\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\nimport dompurify from './dompurify/dompurify.js';\n\n\n/**\n * List of safe, non-input html tags.\n */\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\ntype UponSanitizeElementCb = (currentNode: Element, data: dompurify.SanitizeElementHookEvent, config: dompurify.Config) => void;\ntype UponSanitizeAttributeCb = (currentNode: Element, data: dompurify.SanitizeAttributeHookEvent, config: dompurify.Config) => void;\n\nfunction addDompurifyHook(hook: 'uponSanitizeElement', cb: UponSanitizeElementCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeAttribute', cb: UponSanitizeAttributeCb): IDisposable;\nfunction addDompurifyHook(hook: 'uponSanitizeElement' | 'uponSanitizeAttribute', cb: any): IDisposable {\n\tdompurify.addHook(hook, cb);\n\treturn toDisposable(() => dompurify.removeHook(hook));\n}\n\n/**\n * Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n */\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: readonly string[] | '*', allowedMediaProtocols: readonly string[]): IDisposable {\n\t// https://github.com/cure53/DOMPurify/blob/main/demos/hooks-scheme-allowlist.html\n\t// build an anchor to map URLs to\n\tconst anchor = document.createElement('a');\n\n\tfunction validateLink(value: string, allowedProtocols: readonly string[] | '*'): boolean {\n\t\tif (allowedProtocols === '*') {\n\t\t\treturn true; // allow all protocols\n\t\t}\n\n\t\tanchor.href = value;\n\t\treturn allowedProtocols.includes(anchor.protocol.replace(/:$/, ''));\n\t}\n\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\n\t\t\t\t} else {// 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n\n\treturn toDisposable(() => dompurify.removeHook('afterSanitizeAttributes'));\n}\n\n/**\n * Predicate that checks if an attribute should be kept or removed.\n *\n * @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n */\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean | string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\nexport interface DomSanitizerConfig {\n\t/**\n\t * Configured the allowed html tags.\n\t */\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/**\n\t * Configured the allowed html attributes.\n\t */\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t};\n\n\t/**\n\t * List of allowed protocols for `href` attributes.\n\t */\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] | '*';\n\t};\n\n\t/**\n\t * List of allowed protocols for `src` attributes.\n\t */\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[];\n\t};\n\n\t/**\n\t * If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t *\n\t * For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t */\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/**\n * Sanitizes an html string.\n *\n * @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n *\n * @returns A sanitized string of html.\n */\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom' | 'trusted'): TrustedHTML | DocumentFragment {\n\tconst store = new DisposableStore();\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string | SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string | SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\tstore.add(hookDomPurifyHrefAndSrcSanitizer(\n\t\t\tconfig?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\tconfig?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https]));\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeElement', replaceWithPlainTextHook));\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tstore.add(addDompurifyHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t}));\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tstore.dispose();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string | undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/**\n * Sanitizes the given `value` and reset the given `node` with it.\n */\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n"]}
|
|
1
|
+
{"version":3,"sources":["file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src/vs/base/browser/domSanitize.ts","vs/base/browser/domSanitize.ts"],"names":[],"mappings":"AAAA;;;gGAGgG;AAEhG,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,iDAAiD;AACjD,OAAO,SAAS,MAAM,0BAA0B,CAAC;AAEjD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,GAAG;IACH,MAAM;IACN,GAAG;IACH,KAAK;IACL,YAAY;IACZ,IAAI;IACJ,SAAS;IACT,MAAM;IACN,MAAM;IACN,KAAK;IACL,UAAU;IACV,IAAI;IACJ,KAAK;IACL,SAAS;IACT,KAAK;IACL,KAAK;IACL,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,YAAY;IACZ,QAAQ;IACR,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,IAAI;IACJ,MAAM;IACN,IAAI;IACJ,GAAG;IACH,KAAK;IACL,GAAG;IACH,IAAI;IACJ,IAAI;IACJ,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,KAAK;IACL,SAAS;IACT,KAAK;IACL,OAAO;IACP,OAAO;IACP,IAAI;IACJ,OAAO;IACP,IAAI;IACJ,OAAO;IACP,MAAM;IACN,IAAI;IACJ,IAAI;IACJ,GAAG;IACH,IAAI;IACJ,KAAK;IACL,OAAO;IACP,KAAK;CACL,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;IAChD,MAAM;IACN,QAAQ;IACR,KAAK;IACL,KAAK;IACL,OAAO;IACP,KAAK;IACL,MAAM;IACN,MAAM;IACN,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,aAAa;IACb,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,OAAO;CACP,CAAC,CAAC;AAGH,MAAM,uBAAuB,GAAG,sBAAsB,CAAC;AAOvD,SAAS,YAAY,CAAC,KAAa,EAAE,gBAAoC;IACxE,IAAI,gBAAgB,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC,CAAC,sBAAsB;IACpC,CAAC;IAED,IAAI,CAAC;QACJ,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,EAAE,uBAAuB,GAAG,KAAK,CAAC,CAAC;QAC5D,IAAI,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;YACxE,OAAO,IAAI,CAAC;QACb,CAAC;QAED,IAAI,gBAAgB,CAAC,kBAAkB;eACnC,GAAG,CAAC,QAAQ,KAAK,uBAAuB,GAAG,GAAG;eAC9C,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,uBAAuB,CAAC,EACjE,CAAC;YACF,OAAO,IAAI,CAAC;QACb,CAAC;QAED,OAAO,KAAK,CAAC;IACd,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACd,CAAC;AACF,CAAC;AAED;;;GAGG;AACH,SAAS,gCAAgC,CAAC,oBAAwC,EAAE,qBAAyC;IAC5H,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,CAAC,IAAI,EAAE,EAAE;QACrD,6CAA6C;QAC7C,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAW,CAAC;gBACpD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;oBACrB,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,oBAAoB,CAAC,EAAE,CAAC;wBAClF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBACF,CAAC;qBAAM,CAAC,CAAC,QAAQ;oBAChB,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,CAAC;wBACrD,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC5B,CAAC;gBACF,CAAC;YACF,CAAC;QACF,CAAC;IACF,CAAC,CAAC,CAAC;AACJ,CAAC;AAgED,MAAM,sBAAsB,GAAG,MAAM,CAAC,MAAM,CAAC;IAC5C,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,YAAY,EAAE,CAAC,GAAG,mBAAmB,CAAC;IACtC,sDAAsD;IACtD,uBAAuB,EAAE,IAAI;CACF,CAAC,CAAC;AAE9B;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiB,EAAE,MAA2B;IAC1E,OAAO,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC;AAID,SAAS,cAAc,CAAC,SAAiB,EAAE,MAAsC,EAAE,UAA6B;IAC/G,IAAI,CAAC;QACJ,MAAM,cAAc,GAAqB,EAAE,GAAG,sBAAsB,EAAE,CAAC;QAEvE,IAAI,MAAM,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;gBACjC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YAChE,CAAC;YAED,IAAI,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;gBAChC,cAAc,CAAC,YAAY,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACvG,CAAC;QACF,CAAC;QAED,IAAI,kBAAkB,GAA0C,CAAC,GAAG,mBAAmB,CAAC,CAAC;QACzF,IAAI,MAAM,EAAE,iBAAiB,EAAE,CAAC;YAC/B,IAAI,MAAM,CAAC,iBAAiB,CAAC,QAAQ,EAAE,CAAC;gBACvC,kBAAkB,GAAG,CAAC,GAAG,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,MAAM,CAAC,iBAAiB,CAAC,OAAO,EAAE,CAAC;gBACtC,kBAAkB,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YACnF,CAAC;QACF,CAAC;QAED,uDAAuD;QACvD,kBAAkB,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAkC,EAAE;YACpF,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;YAC3B,CAAC;YACD,OAAO;gBACN,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE;gBAC/C,UAAU,EAAE,IAAI,CAAC,UAAU;aAC3B,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QACvH,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAiC,CAAC;QACvE,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,CAAC;YACvC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9B,8DAA8D;gBAC9D,qBAAqB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACP,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;YACrD,CAAC;QACF,CAAC;QAED,cAAc,CAAC,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAE3D,gCAAgC,CAC/B;YACC,QAAQ,EAAE,MAAM,EAAE,oBAAoB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;YACjF,kBAAkB,EAAE,MAAM,EAAE,sBAAsB,IAAI,KAAK;SAC3D,EACD;YACC,QAAQ,EAAE,MAAM,EAAE,qBAAqB,EAAE,QAAQ,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC;YAClF,kBAAkB,EAAE,MAAM,EAAE,uBAAuB,IAAI,KAAK;SAC5D,CAAC,CAAC;QAEJ,IAAI,MAAM,EAAE,oBAAoB,EAAE,CAAC;YAClC,SAAS,CAAC,OAAO,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,qBAAqB,CAAC,IAAI,EAAE,CAAC;YAChC,SAAS,CAAC,OAAO,CAAC,uBAAuB,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;gBACtD,MAAM,SAAS,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBACxD,IAAI,SAAS,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC7C,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;wBAChC,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC;wBAClB,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;oBACtB,CAAC;yBAAM,CAAC;wBACP,CAAC,CAAC,QAAQ,GAAG,MAAM,CAAC;oBACrB,CAAC;gBACF,CAAC;qBAAM,CAAC;oBACP,CAAC,CAAC,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;gBAC/C,CAAC;YACF,CAAC,CAAC,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,KAAK,KAAK,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;aAAM,CAAC;YACP,OAAO,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE;gBACpC,GAAG,cAAc;gBACjB,mBAAmB,EAAE,IAAI;aACzB,CAAC,CAAC;QACJ,CAAC;IACF,CAAC;YAAS,CAAC;QACV,SAAS,CAAC,cAAc,EAAE,CAAC;IAC5B,CAAC;AACF,CAAC;AAED,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;AAE7J,SAAS,wBAAwB,CAAC,OAAgB,EAAE,IAAwC,EAAE,OAAyB;IACtH,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;QAChE,MAAM,WAAW,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,iEAAiE;YACjE,mGAAmG;YACnG,oEAAoE;YACpE,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACP,OAAO,CAAC,aAAa,EAAE,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;IACF,CAAC;AACF,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACrD,IAAI,YAAoB,CAAC;IACzB,IAAI,UAA8B,CAAC;IACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,YAAY,EAAE,CAAC;QAC5C,YAAY,GAAG,OAAO,OAAO,CAAC,WAAW,KAAK,CAAC;IAChD,CAAC;SAAM,CAAC;QACP,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAC9C,MAAM,aAAa,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC7C,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC;iBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,KAAK,GAAG,CAAC;iBAC3C,IAAI,CAAC,GAAG,CAAC;YACX,CAAC,CAAC,EAAE,CAAC;QACN,YAAY,GAAG,IAAI,OAAO,GAAG,UAAU,GAAG,CAAC;QAC3C,IAAI,CAAC,aAAa,EAAE,CAAC;YACpB,UAAU,GAAG,KAAK,OAAO,GAAG,CAAC;QAC9B,CAAC;IACF,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,sBAAsB,EAAE,CAAC;IACnD,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACpE,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC/B,OAAO,OAAO,CAAC,UAAU,EAAE,CAAC;QAC3B,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjG,IAAI,cAAc,EAAE,CAAC;QACpB,QAAQ,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAiB,EAAE,SAAiB,EAAE,MAA2B;IACjG,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AACvB,CAAC","file":"domSanitize.js","sourceRoot":"file:///mnt/vss/_work/1/s/dependencies/vscode/out-editor-src","sourcesContent":["/*---------------------------------------------------------------------------------------------\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n *--------------------------------------------------------------------------------------------*/\n\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\n// eslint-disable-next-line no-restricted-imports\nimport dompurify from './dompurify/dompurify.js';\n\n/**\n * List of safe, non-input html tags.\n */\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\nconst fakeRelativeUrlProtocol = 'vscode-relative-path';\n\ninterface AllowedLinksConfig {\n\treadonly override: readonly string[] | '*';\n\treadonly allowRelativePaths: boolean;\n}\n\nfunction validateLink(value: string, allowedProtocols: AllowedLinksConfig): boolean {\n\tif (allowedProtocols.override === '*') {\n\t\treturn true; // allow all protocols\n\t}\n\n\ttry {\n\t\tconst url = new URL(value, fakeRelativeUrlProtocol + '://');\n\t\tif (allowedProtocols.override.includes(url.protocol.replace(/:$/, ''))) {\n\t\t\treturn true;\n\t\t}\n\n\t\tif (allowedProtocols.allowRelativePaths\n\t\t\t&& url.protocol === fakeRelativeUrlProtocol + ':'\n\t\t\t&& !value.trim().toLowerCase().startsWith(fakeRelativeUrlProtocol)\n\t\t) {\n\t\t\treturn true;\n\t\t}\n\n\t\treturn false;\n\t} catch (e) {\n\t\treturn false;\n\t}\n}\n\n/**\n * Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n */\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: AllowedLinksConfig, allowedMediaProtocols: AllowedLinksConfig) {\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t} else { // 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n}\n\n/**\n * Predicate that checks if an attribute should be kept or removed.\n *\n * @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n */\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean | string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\n\nexport interface DomSanitizerConfig {\n\t/**\n\t * Configured the allowed html tags.\n\t */\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/**\n\t * Configured the allowed html attributes.\n\t */\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t};\n\n\t/**\n\t * List of allowed protocols for `href` attributes.\n\t */\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] | '*';\n\t};\n\n\t/**\n\t * If set, allows relative paths for links.\n\t */\n\treadonly allowRelativeLinkPaths?: boolean;\n\n\t/**\n\t * List of allowed protocols for `src` attributes.\n\t */\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[] | '*';\n\t};\n\n\t/**\n\t * If set, allows relative paths for media (images, videos, etc).\n\t */\n\treadonly allowRelativeMediaPaths?: boolean;\n\n\t/**\n\t * If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t *\n\t * For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t */\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/**\n * Sanitizes an html string.\n *\n * @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n *\n * @returns A sanitized string of html.\n */\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom' | 'trusted'): TrustedHTML | DocumentFragment {\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string | SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string | SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\thookDomPurifyHrefAndSrcSanitizer(\n\t\t\t{\n\t\t\t\toverride: config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeLinkPaths ?? false\n\t\t\t},\n\t\t\t{\n\t\t\t\toverride: config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeMediaPaths ?? false\n\t\t\t});\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tdompurify.addHook('uponSanitizeElement', replaceWithPlainTextHook);\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tdompurify.addHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t});\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tdompurify.removeAllHooks();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string | undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/**\n * Sanitizes the given `value` and reset the given `node` with it.\n */\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n","/*---------------------------------------------------------------------------------------------\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License. See License.txt in the project root for license information.\n *--------------------------------------------------------------------------------------------*/\n\nimport { Schemas } from '../common/network.js';\nimport { reset } from './dom.js';\n// eslint-disable-next-line no-restricted-imports\nimport dompurify from './dompurify/dompurify.js';\n\n/**\n * List of safe, non-input html tags.\n */\nexport const basicMarkupHtmlTags = Object.freeze([\n\t'a',\n\t'abbr',\n\t'b',\n\t'bdo',\n\t'blockquote',\n\t'br',\n\t'caption',\n\t'cite',\n\t'code',\n\t'col',\n\t'colgroup',\n\t'dd',\n\t'del',\n\t'details',\n\t'dfn',\n\t'div',\n\t'dl',\n\t'dt',\n\t'em',\n\t'figcaption',\n\t'figure',\n\t'h1',\n\t'h2',\n\t'h3',\n\t'h4',\n\t'h5',\n\t'h6',\n\t'hr',\n\t'i',\n\t'img',\n\t'ins',\n\t'kbd',\n\t'label',\n\t'li',\n\t'mark',\n\t'ol',\n\t'p',\n\t'pre',\n\t'q',\n\t'rp',\n\t'rt',\n\t'ruby',\n\t'samp',\n\t'small',\n\t'small',\n\t'source',\n\t'span',\n\t'strike',\n\t'strong',\n\t'sub',\n\t'summary',\n\t'sup',\n\t'table',\n\t'tbody',\n\t'td',\n\t'tfoot',\n\t'th',\n\t'thead',\n\t'time',\n\t'tr',\n\t'tt',\n\t'u',\n\t'ul',\n\t'var',\n\t'video',\n\t'wbr',\n]);\n\nexport const defaultAllowedAttrs = Object.freeze([\n\t'href',\n\t'target',\n\t'src',\n\t'alt',\n\t'title',\n\t'for',\n\t'name',\n\t'role',\n\t'tabindex',\n\t'x-dispatch',\n\t'required',\n\t'checked',\n\t'placeholder',\n\t'type',\n\t'start',\n\t'width',\n\t'height',\n\t'align',\n]);\n\n\nconst fakeRelativeUrlProtocol = 'vscode-relative-path';\n\ninterface AllowedLinksConfig {\n\treadonly override: readonly string[] | '*';\n\treadonly allowRelativePaths: boolean;\n}\n\nfunction validateLink(value: string, allowedProtocols: AllowedLinksConfig): boolean {\n\tif (allowedProtocols.override === '*') {\n\t\treturn true; // allow all protocols\n\t}\n\n\ttry {\n\t\tconst url = new URL(value, fakeRelativeUrlProtocol + '://');\n\t\tif (allowedProtocols.override.includes(url.protocol.replace(/:$/, ''))) {\n\t\t\treturn true;\n\t\t}\n\n\t\tif (allowedProtocols.allowRelativePaths\n\t\t\t&& url.protocol === fakeRelativeUrlProtocol + ':'\n\t\t\t&& !value.trim().toLowerCase().startsWith(fakeRelativeUrlProtocol)\n\t\t) {\n\t\t\treturn true;\n\t\t}\n\n\t\treturn false;\n\t} catch (e) {\n\t\treturn false;\n\t}\n}\n\n/**\n * Hooks dompurify using `afterSanitizeAttributes` to check that all `href` and `src`\n * attributes are valid.\n */\nfunction hookDomPurifyHrefAndSrcSanitizer(allowedLinkProtocols: AllowedLinksConfig, allowedMediaProtocols: AllowedLinksConfig) {\n\tdompurify.addHook('afterSanitizeAttributes', (node) => {\n\t\t// check all href/src attributes for validity\n\t\tfor (const attr of ['href', 'src']) {\n\t\t\tif (node.hasAttribute(attr)) {\n\t\t\t\tconst attrValue = node.getAttribute(attr) as string;\n\t\t\t\tif (attr === 'href') {\n\t\t\t\t\tif (!attrValue.startsWith('#') && !validateLink(attrValue, allowedLinkProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t} else { // 'src'\n\t\t\t\t\tif (!validateLink(attrValue, allowedMediaProtocols)) {\n\t\t\t\t\t\tnode.removeAttribute(attr);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t});\n}\n\n/**\n * Predicate that checks if an attribute should be kept or removed.\n *\n * @returns A boolean indicating whether the attribute should be kept or a string with the sanitized value (which implicitly keeps the attribute)\n */\nexport type SanitizeAttributePredicate = (node: Element, data: { readonly attrName: string; readonly attrValue: string }) => boolean | string;\n\nexport interface SanitizeAttributeRule {\n\treadonly attributeName: string;\n\tshouldKeep: SanitizeAttributePredicate;\n}\n\n\nexport interface DomSanitizerConfig {\n\t/**\n\t * Configured the allowed html tags.\n\t */\n\treadonly allowedTags?: {\n\t\treadonly override?: readonly string[];\n\t\treadonly augment?: readonly string[];\n\t};\n\n\t/**\n\t * Configured the allowed html attributes.\n\t */\n\treadonly allowedAttributes?: {\n\t\treadonly override?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t\treadonly augment?: ReadonlyArray<string | SanitizeAttributeRule>;\n\t};\n\n\t/**\n\t * List of allowed protocols for `href` attributes.\n\t */\n\treadonly allowedLinkProtocols?: {\n\t\treadonly override?: readonly string[] | '*';\n\t};\n\n\t/**\n\t * If set, allows relative paths for links.\n\t */\n\treadonly allowRelativeLinkPaths?: boolean;\n\n\t/**\n\t * List of allowed protocols for `src` attributes.\n\t */\n\treadonly allowedMediaProtocols?: {\n\t\treadonly override?: readonly string[] | '*';\n\t};\n\n\t/**\n\t * If set, allows relative paths for media (images, videos, etc).\n\t */\n\treadonly allowRelativeMediaPaths?: boolean;\n\n\t/**\n\t * If set, replaces unsupported tags with their plaintext representation instead of removing them.\n\t *\n\t * For example, <p><bad>\"text\"</bad></p> becomes <p>\"<bad>text</bad>\"</p>.\n\t */\n\treadonly replaceWithPlaintext?: boolean;\n}\n\nconst defaultDomPurifyConfig = Object.freeze({\n\tALLOWED_TAGS: [...basicMarkupHtmlTags],\n\tALLOWED_ATTR: [...defaultAllowedAttrs],\n\t// We sanitize the src/href attributes later if needed\n\tALLOW_UNKNOWN_PROTOCOLS: true,\n} satisfies dompurify.Config);\n\n/**\n * Sanitizes an html string.\n *\n * @param untrusted The HTML string to sanitize.\n * @param config Optional configuration for sanitization. If not provided, defaults to a safe configuration.\n *\n * @returns A sanitized string of html.\n */\nexport function sanitizeHtml(untrusted: string, config?: DomSanitizerConfig): TrustedHTML {\n\treturn doSanitizeHtml(untrusted, config, 'trusted');\n}\n\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom'): DocumentFragment;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'trusted'): TrustedHTML;\nfunction doSanitizeHtml(untrusted: string, config: DomSanitizerConfig | undefined, outputType: 'dom' | 'trusted'): TrustedHTML | DocumentFragment {\n\ttry {\n\t\tconst resolvedConfig: dompurify.Config = { ...defaultDomPurifyConfig };\n\n\t\tif (config?.allowedTags) {\n\t\t\tif (config.allowedTags.override) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...config.allowedTags.override];\n\t\t\t}\n\n\t\t\tif (config.allowedTags.augment) {\n\t\t\t\tresolvedConfig.ALLOWED_TAGS = [...(resolvedConfig.ALLOWED_TAGS ?? []), ...config.allowedTags.augment];\n\t\t\t}\n\t\t}\n\n\t\tlet resolvedAttributes: Array<string | SanitizeAttributeRule> = [...defaultAllowedAttrs];\n\t\tif (config?.allowedAttributes) {\n\t\t\tif (config.allowedAttributes.override) {\n\t\t\t\tresolvedAttributes = [...config.allowedAttributes.override];\n\t\t\t}\n\n\t\t\tif (config.allowedAttributes.augment) {\n\t\t\t\tresolvedAttributes = [...resolvedAttributes, ...config.allowedAttributes.augment];\n\t\t\t}\n\t\t}\n\n\t\t// All attr names are lower-case in the sanitizer hooks\n\t\tresolvedAttributes = resolvedAttributes.map((attr): string | SanitizeAttributeRule => {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\treturn attr.toLowerCase();\n\t\t\t}\n\t\t\treturn {\n\t\t\t\tattributeName: attr.attributeName.toLowerCase(),\n\t\t\t\tshouldKeep: attr.shouldKeep,\n\t\t\t};\n\t\t});\n\n\t\tconst allowedAttrNames = new Set(resolvedAttributes.map(attr => typeof attr === 'string' ? attr : attr.attributeName));\n\t\tconst allowedAttrPredicates = new Map<string, SanitizeAttributeRule>();\n\t\tfor (const attr of resolvedAttributes) {\n\t\t\tif (typeof attr === 'string') {\n\t\t\t\t// New string attribute value clears previously set predicates\n\t\t\t\tallowedAttrPredicates.delete(attr);\n\t\t\t} else {\n\t\t\t\tallowedAttrPredicates.set(attr.attributeName, attr);\n\t\t\t}\n\t\t}\n\n\t\tresolvedConfig.ALLOWED_ATTR = Array.from(allowedAttrNames);\n\n\t\thookDomPurifyHrefAndSrcSanitizer(\n\t\t\t{\n\t\t\t\toverride: config?.allowedLinkProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeLinkPaths ?? false\n\t\t\t},\n\t\t\t{\n\t\t\t\toverride: config?.allowedMediaProtocols?.override ?? [Schemas.http, Schemas.https],\n\t\t\t\tallowRelativePaths: config?.allowRelativeMediaPaths ?? false\n\t\t\t});\n\n\t\tif (config?.replaceWithPlaintext) {\n\t\t\tdompurify.addHook('uponSanitizeElement', replaceWithPlainTextHook);\n\t\t}\n\n\t\tif (allowedAttrPredicates.size) {\n\t\t\tdompurify.addHook('uponSanitizeAttribute', (node, e) => {\n\t\t\t\tconst predicate = allowedAttrPredicates.get(e.attrName);\n\t\t\t\tif (predicate) {\n\t\t\t\t\tconst result = predicate.shouldKeep(node, e);\n\t\t\t\t\tif (typeof result === 'string') {\n\t\t\t\t\t\te.keepAttr = true;\n\t\t\t\t\t\te.attrValue = result;\n\t\t\t\t\t} else {\n\t\t\t\t\t\te.keepAttr = result;\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\te.keepAttr = allowedAttrNames.has(e.attrName);\n\t\t\t\t}\n\t\t\t});\n\t\t}\n\n\t\tif (outputType === 'dom') {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_DOM_FRAGMENT: true\n\t\t\t});\n\t\t} else {\n\t\t\treturn dompurify.sanitize(untrusted, {\n\t\t\t\t...resolvedConfig,\n\t\t\t\tRETURN_TRUSTED_TYPE: true\n\t\t\t});\n\t\t}\n\t} finally {\n\t\tdompurify.removeAllHooks();\n\t}\n}\n\nconst selfClosingTags = ['area', 'base', 'br', 'col', 'command', 'embed', 'hr', 'img', 'input', 'keygen', 'link', 'meta', 'param', 'source', 'track', 'wbr'];\n\nfunction replaceWithPlainTextHook(element: Element, data: dompurify.SanitizeElementHookEvent, _config: dompurify.Config) {\n\tif (!data.allowedTags[data.tagName] && data.tagName !== 'body') {\n\t\tconst replacement = convertTagToPlaintext(element);\n\t\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\t\t// Workaround for https://github.com/cure53/DOMPurify/issues/1005\n\t\t\t// The comment will be deleted in the next phase. However if we try to remove it now, it will cause\n\t\t\t// an exception. Instead we insert the text node before the comment.\n\t\t\telement.parentElement?.insertBefore(replacement, element);\n\t\t} else {\n\t\t\telement.parentElement?.replaceChild(replacement, element);\n\t\t}\n\t}\n}\n\nexport function convertTagToPlaintext(element: Element): DocumentFragment {\n\tlet startTagText: string;\n\tlet endTagText: string | undefined;\n\tif (element.nodeType === Node.COMMENT_NODE) {\n\t\tstartTagText = `<!--${element.textContent}-->`;\n\t} else {\n\t\tconst tagName = element.tagName.toLowerCase();\n\t\tconst isSelfClosing = selfClosingTags.includes(tagName);\n\t\tconst attrString = element.attributes.length ?\n\t\t\t' ' + Array.from(element.attributes)\n\t\t\t\t.map(attr => `${attr.name}=\"${attr.value}\"`)\n\t\t\t\t.join(' ')\n\t\t\t: '';\n\t\tstartTagText = `<${tagName}${attrString}>`;\n\t\tif (!isSelfClosing) {\n\t\t\tendTagText = `</${tagName}>`;\n\t\t}\n\t}\n\n\tconst fragment = document.createDocumentFragment();\n\tconst textNode = element.ownerDocument.createTextNode(startTagText);\n\tfragment.appendChild(textNode);\n\twhile (element.firstChild) {\n\t\tfragment.appendChild(element.firstChild);\n\t}\n\n\tconst endTagTextNode = endTagText ? element.ownerDocument.createTextNode(endTagText) : undefined;\n\tif (endTagTextNode) {\n\t\tfragment.appendChild(endTagTextNode);\n\t}\n\n\treturn fragment;\n}\n\n/**\n * Sanitizes the given `value` and reset the given `node` with it.\n */\nexport function safeSetInnerHtml(node: HTMLElement, untrusted: string, config?: DomSanitizerConfig): void {\n\tconst fragment = doSanitizeHtml(untrusted, config, 'dom');\n\treset(node, fragment);\n}\n"]}
|
|
Binary file
|
|
@@ -654,6 +654,8 @@ class SubmenuMenuActionViewItem extends BaseMenuActionViewItem {
|
|
|
654
654
|
this.submenuContainer.style.position = 'fixed';
|
|
655
655
|
this.submenuContainer.style.top = '0';
|
|
656
656
|
this.submenuContainer.style.left = '0';
|
|
657
|
+
// Fix to #263546, for submenu of treeView view/item/context z-index issue - ensure submenu appears above other elements
|
|
658
|
+
this.submenuContainer.style.zIndex = '1';
|
|
657
659
|
this.parentData.submenu = new Menu(this.submenuContainer, this.submenuActions.length ? this.submenuActions : [new EmptySubmenuAction()], this.submenuOptions, this.menuStyle);
|
|
658
660
|
// layout submenu
|
|
659
661
|
const entryBox = this.element.getBoundingClientRect();
|