pptx-react-viewer 1.1.4 → 1.1.5

package/node_modules/pptx-viewer-core/dist/index.mjs

@@ -10321,7 +10321,7 @@ var PptxAnimationWriteService = class {
       return existingRawTiming;
     }
     if (existingRawTiming) {
-      const cloned = JSON.parse(JSON.stringify(existingRawTiming));
+      const cloned = typeof structuredClone === "function" ? structuredClone(existingRawTiming) : JSON.parse(JSON.stringify(existingRawTiming));
       return surgicallyUpdateTimingTree(cloned, validAnimations);
     }
     this.nextId = 1;
@@ -10461,7 +10461,14 @@ var PptxRuntimeDependencyFactory = class {
       // 0x80070570 (ERROR_FILE_CORRUPT) and shows the repair dialog.
       // More generally, OOXML element text is always an untyped string;
       // downstream callers coerce where needed.
-      parseTagValue: false
+      parseTagValue: false,
+      // Security hardening (Load M3): explicitly disable XML entity
+      // processing. PPTX XML never uses DOCTYPE / DTDs, so allowing
+      // entity expansion serves only as an attack surface
+      // (billion-laughs / external-entity / future fast-xml-parser
+      // regressions). v5.5.5 currently defaults to safe behaviour but
+      // pinning this makes the guarantee explicit and forward-stable.
+      processEntities: false
     });
   }
   createBuilder() {
@@ -11011,6 +11018,23 @@ function arrayBufferToBase64(buffer) {
   return btoa(binary);
 }
 
+// src/core/core/types.ts
+var DEFAULT_MAX_UNCOMPRESSED_BYTES = 500 * 1024 * 1024;
+var MAX_ZIP_ENTRY_COUNT = 65536;
+var ZipBombError = class extends Error {
+  code = "ZIP_BOMB";
+  uncompressedBytes;
+  limit;
+  entryCount;
+  constructor(message, details) {
+    super(message);
+    this.name = "ZipBombError";
+    this.uncompressedBytes = details.uncompressedBytes;
+    this.limit = details.limit;
+    this.entryCount = details.entryCount;
+  }
+};
+
 // ../mtx-decompressor/dist/index.mjs
 var Stream = class _Stream {
   buf;
@@ -11600,14 +11624,8 @@ function decodeSimpleGlyph(numContours, streams, out, calcBBox, minX, minY, maxX
     const flag = flagBytes[i];
     onCurve[i] = flag & 128 ? 0 : 1;
     const enc = TRIPLET_ENCODINGS[flag & 127];
-    const extraBytes = enc.byteCount - 1;
-    const subBuf = new Uint8Array(extraBytes);
-    for (let b = 0; b < extraBytes; b++) {
-      subBuf[b] = sGlyph.readU8();
-    }
-    const sub = new Stream(subBuf, extraBytes);
-    let dx = sub.readNBits(enc.xBits) + enc.deltaX;
-    let dy = sub.readNBits(enc.yBits) + enc.deltaY;
+    let dx = sGlyph.readNBits(enc.xBits) + enc.deltaX;
+    let dy = sGlyph.readNBits(enc.yBits) + enc.deltaY;
     if (enc.xSign !== 0) {
       dx *= enc.xSign;
     }
@@ -12159,6 +12177,8 @@ var MAX_2BYTE_DIST = 512;
 var PRELOAD_SIZE = 2 * 32 * 96 + 4 * 256;
 var LEN_MIN = 2;
 var DIST_MIN = 1;
+var MAX_OUT_LEN = 4 * 1024 * 1024;
+var MAX_OUT = 16 * 1024 * 1024;
 var RLE_INITIAL = 0;
 var RLE_NORMAL = 1;
 var RLE_SEEN_ESCAPE = 2;
@@ -12168,6 +12188,9 @@ function setDistRange(length) {
   let distMax = DIST_MIN + ((1 << DIST_WIDTH * numDistRanges) - 1);
   while (distMax < length) {
     numDistRanges++;
+    if (numDistRanges > 8) {
+      throw new Error("LZCOMP setDistRange: numDistRanges exceeds bound (8)");
+    }
     distMax = DIST_MIN + ((1 << DIST_WIDTH * numDistRanges) - 1);
   }
   const DUP2 = 256 + (1 << LEN_WIDTH) * numDistRanges;
@@ -12198,7 +12221,11 @@ function decodeLength(lenEcoder, symbol, numDistRangesOut) {
   let firstTime = true;
   let value = 0;
   let done;
+  let iters = 0;
   do {
+    if (++iters > 16) {
+      throw new Error("LZCOMP decodeLength: iteration cap exceeded");
+    }
     let bits;
     if (firstTime) {
       bits = symbol - 256;
@@ -12237,6 +12264,9 @@ function lzcompDecompress(data, size, version) {
   const distEcoder = new AHuff(bio, 1 << DIST_WIDTH);
   const lenEcoder = new AHuff(bio, 1 << LEN_WIDTH);
   const outLen = bio.readValue(24);
+  if (outLen > MAX_OUT_LEN) {
+    throw new Error(`LZCOMP outLen ${outLen} exceeds maximum (${MAX_OUT_LEN})`);
+  }
   const { DUP2, DUP4, DUP6, NUM_SYMS } = setDistRange(outLen);
   const symEcoder = new AHuff(bio, NUM_SYMS);
   const windowSize = PRELOAD_SIZE + outLen;
@@ -12253,6 +12283,9 @@ function lzcompDecompress(data, size, version) {
     if (!usingRunLength) {
       if (outIdx >= outBufSize) {
         outBufSize += outBufSize >>> 1;
+        if (outBufSize > MAX_OUT) {
+          throw new Error("LZCOMP output exceeds maximum size budget");
+        }
         const tmp = new Uint8Array(outBufSize);
         tmp.set(outBuf);
         outBuf = tmp;
@@ -12271,6 +12304,9 @@ function lzcompDecompress(data, size, version) {
         } else {
           if (outIdx >= outBufSize) {
             outBufSize += outBufSize >>> 1;
+            if (outBufSize > MAX_OUT) {
+              throw new Error("LZCOMP output exceeds maximum size budget");
+            }
             const tmp = new Uint8Array(outBufSize);
             tmp.set(outBuf);
             outBuf = tmp;
@@ -12283,6 +12319,9 @@ function lzcompDecompress(data, size, version) {
         if (rleCount === 0) {
           if (outIdx >= outBufSize) {
             outBufSize += outBufSize >>> 1;
+            if (outBufSize > MAX_OUT) {
+              throw new Error("LZCOMP output exceeds maximum size budget");
+            }
             const tmp = new Uint8Array(outBufSize);
             tmp.set(outBuf);
             outBuf = tmp;
@@ -12296,6 +12335,9 @@ function lzcompDecompress(data, size, version) {
       case RLE_NEED_BYTE: {
         if (outIdx + rleCount > outBufSize) {
           outBufSize = outIdx + rleCount + (outBufSize >>> 1);
+          if (outBufSize > MAX_OUT) {
+            throw new Error("LZCOMP output exceeds maximum size budget");
+          }
           const tmp = new Uint8Array(outBufSize);
           tmp.set(outBuf);
           outBuf = tmp;
@@ -12455,11 +12497,23 @@ function dumpContainer(ctr) {
 }
 var ENCRYPTION_KEY = 80;
 function unpackMtx(data, size) {
+  if (size < 10 || data.length < 10) {
+    throw new Error("MTX data too small: header requires at least 10 bytes");
+  }
   const versionMagic = data[0];
   const offset2 = data[4] << 16 | data[5] << 8 | data[6];
   const offset3 = data[7] << 16 | data[8] << 8 | data[9];
+  if (offset2 < 10 || offset3 < offset2 || offset3 > size) {
+    throw new Error(
+      `MTX header offsets out of bounds: offset2=${offset2}, offset3=${offset3}, size=${size}`
+    );
+  }
   const offsets = [10, offset2, offset3];
-  const blockSizes = [offset2 - 10, offset3 - offset2, size - offset3];
+  const blockSizes = [
+    Math.max(0, offset2 - 10),
+    Math.max(0, offset3 - offset2),
+    Math.max(0, size - offset3)
+  ];
   const streams = [];
   const decompressedSizes = [];
   for (let i = 0; i < 3; i++) {
@@ -14706,6 +14760,9 @@ function cloneXmlObject(value) {
     return void 0;
   }
   try {
+    if (typeof structuredClone === "function") {
+      return structuredClone(value);
+    }
     return JSON.parse(JSON.stringify(value));
   } catch (error) {
     console.warn("Failed to clone XML object, returning undefined.", value, error);
@@ -15167,7 +15224,23 @@ var extensionByResponseMime = {
   "image/svg+xml": "svg",
   "application/octet-stream": "bin"
 };
-async function fetchUrlToBytes(url) {
+var DEFAULT_SAFE_SCHEMES = /* @__PURE__ */ new Set(["pptx-resource:", "blob:", "data:"]);
+async function fetchUrlToBytes(url, options = {}) {
+  let scheme;
+  try {
+    scheme = new URL(url).protocol;
+  } catch {
+    return null;
+  }
+  const allowedSchemes = options.allowedSchemes ?? DEFAULT_SAFE_SCHEMES;
+  const isHttp = scheme === "http:" || scheme === "https:";
+  if (isHttp) {
+    if (options.allowExternalFetch !== true) {
+      return null;
+    }
+  } else if (!allowedSchemes.has(scheme)) {
+    return null;
+  }
   try {
     const response = await fetch(url);
     if (!response.ok) {
@@ -15297,17 +15370,35 @@ function buildForest(nodes) {
   }
   return roots;
 }
-function treeWidth(t) {
+var MAX_TREE_DEPTH = 256;
+function treeWidth(t, depth = 0) {
+  if (depth >= MAX_TREE_DEPTH) {
+    return 1;
+  }
   if (t.children.length === 0) {
     return 1;
   }
-  return t.children.reduce((s, c) => s + treeWidth(c), 0);
+  let sum = 0;
+  for (const c of t.children) {
+    sum += treeWidth(c, depth + 1);
+  }
+  return sum;
 }
-function treeDepth(t) {
+function treeDepth(t, depth = 0) {
+  if (depth >= MAX_TREE_DEPTH) {
+    return 0;
+  }
   if (t.children.length === 0) {
     return 1;
   }
-  return 1 + Math.max(...t.children.map(treeDepth));
+  let max = 0;
+  for (const c of t.children) {
+    const d = treeDepth(c, depth + 1);
+    if (d > max) {
+      max = d;
+    }
+  }
+  return 1 + max;
 }
 function getContentNodes(nodes) {
   return nodes.filter((n) => n.text.length > 0);
@@ -15412,7 +15503,11 @@ function computeHierarchyLayout(nodes, constraints, bounds) {
   const nodeW = constraints.w ? constraints.w * bounds.width : Math.min(cellW * 0.8, 140);
   const nodeH = constraints.h ? constraints.h * bounds.height : Math.min(cellH * 0.35, 50);
   const shapes = [];
+  const MAX_WALK_DEPTH = 256;
   function walk(t, xOffset, level) {
+    if (level >= MAX_WALK_DEPTH) {
+      return 1;
+    }
     const w = treeWidth(t);
     const cx = bounds.x + begPad + (xOffset + w / 2) * cellW;
     const cy = bounds.y + begPad + level * cellH + cellH / 2;
@@ -17594,7 +17689,11 @@ function reflowHierarchy(nodes, bounds) {
   const boxW = Math.min(cellW * 0.8, 140);
   const boxH = Math.min(cellH * 0.35, 28);
   const shapes = [];
+  const MAX_WALK_DEPTH = 256;
   function walkTree(t, xOffset, level) {
+    if (level >= MAX_WALK_DEPTH) {
+      return 1;
+    }
     const w = treeWidth(t);
     const cx = bounds.x + padding + (xOffset + w / 2) * cellW;
     const cy = bounds.y + padding + level * cellH + cellH / 2;
@@ -19174,7 +19273,13 @@ async function createModifyVerifier(password, options) {
 
 // src/core/utils/signature-xml-utils.ts
 function escapeXmlAttr(value) {
-  return value.replace(/&/g, "&amp;").replace(/"/g, "&quot;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
+  return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+}
+function escapeXmlText(value) {
+  return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
+}
+function isValidBase64(value) {
+  return typeof value === "string" && value.length > 0 && /^[A-Za-z0-9+/=\s]+$/.test(value);
 }
 function extractTagAttribute(xml, tagName, attributeName) {
   const pattern = new RegExp(
@@ -19475,6 +19580,8 @@ function createTempCanvas(width, height) {
   if (width <= 0 || height <= 0) {
     return null;
   }
+  width = Math.max(1, Math.min(Math.floor(width), 8192));
+  height = Math.max(1, Math.min(Math.floor(height), 8192));
   if (typeof OffscreenCanvas !== "undefined") {
     const canvas = new OffscreenCanvas(width, height);
     const ctx = canvas.getContext("2d");
@@ -19535,18 +19642,34 @@ function applyFont(ctx, state) {
   ctx.font = `${italic}${weight}${size}px ${state.fontFamily}`;
 }
 function readUtf16LE2(view, offset, charCount) {
-  const chars = [];
-  for (let i = 0; i < charCount; i++) {
-    if (offset + i * 2 + 1 >= view.byteLength) {
-      break;
-    }
-    const code = view.getUint16(offset + i * 2, true);
-    if (code === 0) {
-      break;
+  if (charCount <= 0) {
+    return "";
+  }
+  const maxBytes = view.byteLength - offset;
+  if (maxBytes <= 0) {
+    return "";
+  }
+  const usableChars = Math.min(charCount, Math.floor(maxBytes / 2));
+  if (usableChars <= 0) {
+    return "";
+  }
+  let decoded;
+  try {
+    const bytes = new Uint8Array(view.buffer, view.byteOffset + offset, usableChars * 2);
+    decoded = new TextDecoder("utf-16le").decode(bytes);
+  } catch {
+    const chars = [];
+    for (let i = 0; i < usableChars; i++) {
+      const code = view.getUint16(offset + i * 2, true);
+      if (code === 0) {
+        return chars.join("");
+      }
+      chars.push(String.fromCharCode(code));
     }
-    chars.push(String.fromCharCode(code));
+    return chars.join("");
   }
-  return chars.join("");
+  const nul = decoded.indexOf(String.fromCharCode(0));
+  return nul === -1 ? decoded : decoded.slice(0, nul);
 }
 function getStockObject(index) {
   switch (index) {
@@ -21498,7 +21621,12 @@ function applyClipCombineMode(rCtx, combineMode, opName, clipFn) {
       return true;
   }
 }
-function traceRegionNodePath(ctx, node) {
+var MAX_REGION_TRACE_DEPTH = 64;
+function traceRegionNodePath(ctx, node, depth = 0) {
+  if (depth > MAX_REGION_TRACE_DEPTH) {
+    ctx.rect(0, 0, 0, 0);
+    return;
+  }
   switch (node.type) {
     case "rect":
       ctx.rect(node.x, node.y, node.width, node.height);
@@ -21513,7 +21641,7 @@ function traceRegionNodePath(ctx, node) {
       ctx.rect(0, 0, 0, 0);
       break;
     case "combine":
-      traceRegionNodePath(ctx, node.left);
+      traceRegionNodePath(ctx, node.left, depth + 1);
       if (node.combineMode !== 0) {
         emfWarn(
           `traceRegionNodePath: combine mode ${node.combineMode} not fully supported, using left subtree only`
@@ -21524,7 +21652,7 @@ function traceRegionNodePath(ctx, node) {
         } catch {
         }
         ctx.beginPath();
-        traceRegionNodePath(ctx, node.right);
+        traceRegionNodePath(ctx, node.right, depth + 1);
       }
       break;
   }
@@ -22314,19 +22442,23 @@ function handleEmfPlusObjectRecord(rCtx, recFlags, dataOff, recDataSize) {
     }
   }
 }
-function parseRegionNode(view, off, endOff) {
+var MAX_REGION_NODE_DEPTH = 64;
+function parseRegionNode(view, off, endOff, depth = 0) {
   if (off + 4 > endOff) {
     return null;
   }
+  if (depth > MAX_REGION_NODE_DEPTH) {
+    return null;
+  }
   const nodeType = view.getUint32(off, true);
   let cursor = off + 4;
   if (nodeType <= 4) {
-    const leftResult = parseRegionNode(view, cursor, endOff);
+    const leftResult = parseRegionNode(view, cursor, endOff, depth + 1);
     if (!leftResult) {
       return null;
     }
     cursor += leftResult.bytesRead;
-    const rightResult = parseRegionNode(view, cursor, endOff);
+    const rightResult = parseRegionNode(view, cursor, endOff, depth + 1);
     if (!rightResult) {
       return null;
     }
@@ -22712,18 +22844,23 @@ function replayEmfPlusRecords(view, offset, length, ctx, _canvasW, _canvasH, sta
             if (recDataSize >= 4) {
               const totalSize = view.getUint32(dataOff, true);
               const objectType = recFlags >> 8 & 127;
-              rCtx.continuationTotalSize = totalSize;
-              rCtx.continuationObjectId = objectId;
-              rCtx.continuationObjectType = objectType;
-              rCtx.continuationBuffer = new Uint8Array(totalSize);
-              const chunkSize = recDataSize - 4;
-              const chunk = new Uint8Array(
-                view.buffer,
-                view.byteOffset + dataOff + 4,
-                Math.min(chunkSize, totalSize)
-              );
-              rCtx.continuationBuffer.set(chunk, 0);
-              rCtx.continuationOffset = chunk.length;
+              const MAX_CONTINUATION_BYTES = 64 * 1024 * 1024;
+              const remainingEmfPlusBytes = view.byteLength - dataOff;
+              if (!Number.isFinite(totalSize) || totalSize <= 0 || totalSize > MAX_CONTINUATION_BYTES || totalSize > remainingEmfPlusBytes || recDataSize - 4 < 0) ;
+              else {
+                rCtx.continuationTotalSize = totalSize;
+                rCtx.continuationObjectId = objectId;
+                rCtx.continuationObjectType = objectType;
+                rCtx.continuationBuffer = new Uint8Array(totalSize);
+                const chunkSize = recDataSize - 4;
+                const chunk = new Uint8Array(
+                  view.buffer,
+                  view.byteOffset + dataOff + 4,
+                  Math.min(chunkSize, totalSize)
+                );
+                rCtx.continuationBuffer.set(chunk, 0);
+                rCtx.continuationOffset = chunk.length;
+              }
             }
           } else {
             const remaining = rCtx.continuationTotalSize - rCtx.continuationOffset;
@@ -23360,8 +23497,11 @@ function replayWmfRecords(view, ctx, header, canvasW, canvasH) {
     );
   }
 }
-async function processDeferredImages(ctx, deferredImages) {
-  emfLog(`processDeferredImages: processing ${deferredImages.length} deferred images...`);
+var MAX_METAFILE_RECURSION = 3;
+async function processDeferredImages(ctx, deferredImages, recursionDepth = 0) {
+  emfLog(
+    `processDeferredImages: processing ${deferredImages.length} deferred images (recursionDepth=${recursionDepth})...`
+  );
   for (let idx = 0; idx < deferredImages.length; idx++) {
     const img = deferredImages[idx];
     emfLog(
@@ -23380,8 +23520,26 @@ async function processDeferredImages(ctx, deferredImages) {
         img.transform[5]
       );
       if (img.isMetafile) {
+        if (recursionDepth >= MAX_METAFILE_RECURSION) {
+          emfWarn(
+            `  Deferred image [${idx}]: skipping embedded metafile \u2014 recursion depth ${recursionDepth} >= ${MAX_METAFILE_RECURSION}`
+          );
+          continue;
+        }
         emfLog(`  Deferred image [${idx}]: recursively converting embedded metafile...`);
-        const metafileDataUrl = await convertEmfToDataUrl(plainBuffer) ?? await convertWmfToDataUrl(plainBuffer);
+        const metafileDataUrl = await convertEmfToDataUrl(
+          plainBuffer,
+          void 0,
+          void 0,
+          void 0,
+          recursionDepth + 1
+        ) ?? await convertWmfToDataUrl(
+          plainBuffer,
+          void 0,
+          void 0,
+          void 0,
+          recursionDepth + 1
+        );
         if (metafileDataUrl) {
           emfLog(
             `  Deferred image [${idx}]: metafile converted, dataUrl length=${metafileDataUrl.length}`
@@ -23426,7 +23584,10 @@ async function processDeferredImages(ctx, deferredImages) {
   }
   ctx.setTransform(1, 0, 0, 1, 0, 0);
 }
-async function convertEmfToDataUrl(buffer, maxWidth, maxHeight, optionsOrDpiScale) {
+async function convertEmfToDataUrl(buffer, maxWidth, maxHeight, optionsOrDpiScale, recursionDepth = 0) {
+  if (recursionDepth > MAX_METAFILE_RECURSION) {
+    return null;
+  }
   const opts = typeof optionsOrDpiScale === "number" ? { dpiScale: optionsOrDpiScale } : optionsOrDpiScale ?? {};
   const dpiScale = opts.dpiScale ?? DEFAULT_DPI_SCALE;
   const effectiveMaxWidth = maxWidth ?? opts.maxWidth;
@@ -23495,7 +23656,10 @@ async function convertEmfToDataUrl(buffer, maxWidth, maxHeight, optionsOrDpiScal
     return null;
   }
 }
-async function convertWmfToDataUrl(buffer, maxWidth, maxHeight, optionsOrDpiScale) {
+async function convertWmfToDataUrl(buffer, maxWidth, maxHeight, optionsOrDpiScale, recursionDepth = 0) {
+  if (recursionDepth > MAX_METAFILE_RECURSION) {
+    return null;
+  }
   const opts = typeof optionsOrDpiScale === "number" ? { dpiScale: optionsOrDpiScale } : optionsOrDpiScale ?? {};
   const dpiScale = opts.dpiScale ?? DEFAULT_DPI_SCALE;
   const effectiveMaxWidth = maxWidth ?? opts.maxWidth;
@@ -26123,6 +26287,55 @@ function relayoutSmartArt(smartArtData, containerWidth, containerHeight) {
   return smartArtData.drawingShapes ?? [];
 }
 
+// src/core/utils/safe-path.ts
+function safeResolveZipPath(basePath, target) {
+  if (typeof basePath !== "string" || typeof target !== "string") {
+    return null;
+  }
+  const trimmedTarget = target.trim();
+  if (trimmedTarget.length === 0) {
+    return null;
+  }
+  if (trimmedTarget.startsWith("/")) {
+    return normaliseSegments(trimmedTarget.slice(1).replace(/\\/g, "/"));
+  }
+  const baseParts = basePath.replace(/\\/g, "/").split("/").filter((p) => p.length > 0);
+  const targetParts = trimmedTarget.replace(/\\/g, "/").split("/");
+  const stack = [...baseParts];
+  for (const part of targetParts) {
+    if (part === "" || part === ".") {
+      continue;
+    }
+    if (part === "..") {
+      if (stack.length === 0) {
+        return null;
+      }
+      stack.pop();
+      continue;
+    }
+    stack.push(part);
+  }
+  return stack.join("/");
+}
+function normaliseSegments(input) {
+  const parts = input.split("/");
+  const stack = [];
+  for (const part of parts) {
+    if (part === "" || part === ".") {
+      continue;
+    }
+    if (part === "..") {
+      if (stack.length === 0) {
+        return null;
+      }
+      stack.pop();
+      continue;
+    }
+    stack.push(part);
+  }
+  return stack.join("/");
+}
+
 // src/core/core/runtime/PptxHandlerRuntimeSaveParagraphHelpers.ts
 var EMU_PER_PX5 = 9525;
 function buildParagraphPropertiesXml(textStyle, paragraphAlign, bulletInfo, spacing, level) {
@@ -26559,6 +26772,12 @@ var PptxHandlerRuntime = class {
    * images are decoded lazily on first access via {@link getImageData}.
    */
   eagerDecodeImages = false;
+  /**
+   * When true, relationship targets pointing at `http://` / `https://`
+   * URLs are passed through to `<img src>`. Default `false`. Mirrors the
+   * `allowExternalImages` load option.
+   */
+  allowExternalImages = false;
   /** Ordered slide file paths (populated during load for action target resolution). */
   orderedSlidePaths = [];
   /** Theme colour scheme map: scheme key (e.g. "dk1", "accent1") -> hex colour value. */
@@ -27906,7 +28125,13 @@ var PptxHandlerRuntime7 = class extends PptxHandlerRuntime6 {
       return void 0;
     }
     const ext = this.getPathExtension(imagePath);
-    if (imagePath.startsWith("http://") || imagePath.startsWith("https://") || imagePath.startsWith("data:")) {
+    if (imagePath.startsWith("http://") || imagePath.startsWith("https://")) {
+      if (this.allowExternalImages !== true) {
+        return void 0;
+      }
+      return imagePath;
+    }
+    if (imagePath.startsWith("data:")) {
       return imagePath;
     }
     if (this.imageDataCache.has(imagePath)) {
@@ -27955,7 +28180,11 @@ var PptxHandlerRuntime7 = class extends PptxHandlerRuntime6 {
    * Enrich parsed media elements with timing data from the slide's
    * `p:timing` tree (trim, loop, poster frame, fullScreen).
    */
-  async enrichMediaElementsWithTiming(elements, timingMap) {
+  async enrichMediaElementsWithTiming(elements, timingMap, depth = 0) {
+    const MAX_TIMING_DEPTH = 32;
+    if (depth > MAX_TIMING_DEPTH) {
+      return;
+    }
     for (const el of elements) {
       if (el.type !== "media") {
         continue;
@@ -28017,7 +28246,7 @@ var PptxHandlerRuntime7 = class extends PptxHandlerRuntime6 {
     }
     for (const el of elements) {
       if (el.type === "group" && el.children) {
-        await this.enrichMediaElementsWithTiming(el.children, timingMap);
+        await this.enrichMediaElementsWithTiming(el.children, timingMap, depth + 1);
       }
     }
   }
@@ -28390,7 +28619,7 @@ var PptxHandlerRuntime8 = class extends PptxHandlerRuntime7 {
 };
 
 // src/core/core/runtime/PptxHandlerRuntimeSlideMasters.ts
-var PptxHandlerRuntime9 = class extends PptxHandlerRuntime8 {
+var PptxHandlerRuntime9 = class _PptxHandlerRuntime extends PptxHandlerRuntime8 {
   /**
    * Parse background colour from a `p:bg` node.
    */
@@ -28429,6 +28658,18 @@ var PptxHandlerRuntime9 = class extends PptxHandlerRuntime8 {
     }
     return result;
   }
+  /**
+   * Allowed top-level OPC archive directories (Load M1).
+   * After path resolution, the first segment must be one of these or the
+   * path is rejected as a traversal attempt. PPTX archives only ever
+   * legitimately reference parts under these roots.
+   */
+  static ALLOWED_PATH_ROOTS = /* @__PURE__ */ new Set([
+    "ppt",
+    "customXml",
+    "docProps",
+    "_rels"
+  ]);
   resolvePath(base, relative) {
     const baseParts = base.split("/").filter(Boolean);
     const relParts = relative.split("/");
@@ -28437,16 +28678,36 @@ var PptxHandlerRuntime9 = class extends PptxHandlerRuntime8 {
     }
     for (const part of relParts) {
       if (part === "..") {
+        if (baseParts.length === 0) {
+          return "";
+        }
         baseParts.pop();
       } else if (part !== ".") {
         baseParts.push(part);
       }
     }
-    return baseParts.join("/");
+    const resolved = baseParts.join("/");
+    if (resolved.length === 0) {
+      return "";
+    }
+    const firstSegment = baseParts[0];
+    if (!_PptxHandlerRuntime.ALLOWED_PATH_ROOTS.has(firstSegment)) {
+      return "";
+    }
+    return resolved;
   }
   resolveImagePath(slidePath, target) {
     const slideDir = slidePath.substring(0, slidePath.lastIndexOf("/") + 1);
-    return target.startsWith("..") ? this.resolvePath(slideDir, target) : target.startsWith("/") ? target.substring(1) : slideDir + target;
+    const resolved = target.startsWith("..") ? this.resolvePath(slideDir, target) : target.startsWith("/") ? target.substring(1) : slideDir + target;
+    if (resolved.length === 0) {
+      return "";
+    }
+    const firstSlash = resolved.indexOf("/");
+    const firstSegment = firstSlash === -1 ? resolved : resolved.substring(0, firstSlash);
+    if (!_PptxHandlerRuntime.ALLOWED_PATH_ROOTS.has(firstSegment)) {
+      return "";
+    }
+    return resolved;
   }
   /**
    * Parse all slide masters into structured PptxSlideMaster objects.
@@ -28925,6 +29186,9 @@ var PptxHandlerRuntime11 = class extends PptxHandlerRuntime10 {
       return void 0;
     }
     try {
+      if (typeof structuredClone === "function") {
+        return structuredClone(value);
+      }
       return JSON.parse(JSON.stringify(value));
     } catch {
       return void 0;
@@ -32663,13 +32927,17 @@ var PptxHandlerRuntime24 = class _PptxHandlerRuntime extends PptxHandlerRuntime2
     if (this.customXmlParts.length === 0) {
       return;
     }
+    const SAFE_ID = /^[A-Za-z0-9_-]+$/;
+    let fallbackIndex = 1;
     for (const part of this.customXmlParts) {
-      this.zip.file(`customXml/item${part.id}.xml`, part.data);
+      const rawId = String(part.id);
+      const safeId = SAFE_ID.test(rawId) ? rawId : String(fallbackIndex++);
+      this.zip.file(`customXml/item${safeId}.xml`, part.data);
       if (part.properties) {
-        this.zip.file(`customXml/itemProps${part.id}.xml`, part.properties);
+        this.zip.file(`customXml/itemProps${safeId}.xml`, part.properties);
       }
       if (part.rels) {
-        this.zip.file(`customXml/_rels/item${part.id}.xml.rels`, part.rels);
+        this.zip.file(`customXml/_rels/item${safeId}.xml.rels`, part.rels);
       }
     }
   }
@@ -32970,7 +33238,10 @@ var PptxHandlerRuntime25 = class extends PptxHandlerRuntime24 {
         if (relNode) {
           const target = String(relNode["@_Target"] || "").trim();
           if (target.length > 0) {
-            propsPath = target.startsWith("/") ? target.slice(1) : `ppt/${target}`;
+            const resolved = safeResolveZipPath("ppt", target);
+            if (resolved !== null) {
+              propsPath = resolved;
+            }
           }
         }
       } catch {
@@ -33414,7 +33685,10 @@ var PptxHandlerRuntime27 = class extends PptxHandlerRuntime26 {
         continue;
       }
       const slideDir = slidePath.substring(0, slidePath.lastIndexOf("/") + 1);
-      return target.startsWith("..") ? this.resolvePath(slideDir, target) : `ppt/${target.replace("../", "")}`;
+      const resolved = safeResolveZipPath(slideDir, target);
+      if (resolved !== null) {
+        return resolved;
+      }
     }
     return void 0;
   }
@@ -33428,7 +33702,10 @@ var PptxHandlerRuntime27 = class extends PptxHandlerRuntime26 {
         continue;
       }
       const layoutDir = layoutPath.substring(0, layoutPath.lastIndexOf("/") + 1);
-      return target.startsWith("..") ? this.resolvePath(layoutDir, target) : `ppt/${target.replace("../", "")}`;
+      const resolved = safeResolveZipPath(layoutDir, target);
+      if (resolved !== null) {
+        return resolved;
+      }
     }
     return void 0;
   }
@@ -35540,7 +35817,20 @@ var PptxHandlerRuntime37 = class extends PptxHandlerRuntime36 {
       expected
     );
   }
-  mergeXmlObjects(base, override) {
+  mergeXmlObjects(base, override, depth = 0) {
+    const MAX_MERGE_DEPTH = 64;
+    if (depth > MAX_MERGE_DEPTH) {
+      if (!base && !override) {
+        return void 0;
+      }
+      if (!base) {
+        return override ? { ...override } : void 0;
+      }
+      if (!override) {
+        return { ...base };
+      }
+      return { ...base, ...override };
+    }
     if (!base && !override) {
       return void 0;
     }
@@ -35554,7 +35844,7 @@ var PptxHandlerRuntime37 = class extends PptxHandlerRuntime36 {
     for (const [key, value] of Object.entries(override)) {
       const existing = merged[key];
       if (value && typeof value === "object" && !Array.isArray(value) && existing && typeof existing === "object" && !Array.isArray(existing)) {
-        merged[key] = this.mergeXmlObjects(existing, value);
+        merged[key] = this.mergeXmlObjects(existing, value, depth + 1);
       } else {
         merged[key] = value;
       }
@@ -37443,6 +37733,21 @@ var PptxHandlerRuntime45 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
 };
 
 // src/core/core/runtime/PptxHandlerRuntimePictureParsing.ts
+var INT32_MIN = -2147483648;
+var INT32_MAX = 2147483647;
+function parseEmuInt(value) {
+  const parsed = parseInt(String(value ?? ""), 10);
+  if (!Number.isFinite(parsed)) {
+    return 0;
+  }
+  if (parsed < INT32_MIN) {
+    return INT32_MIN;
+  }
+  if (parsed > INT32_MAX) {
+    return INT32_MAX;
+  }
+  return parsed;
+}
 var PptxHandlerRuntime46 = class _PptxHandlerRuntime extends PptxHandlerRuntime45 {
   async parsePicture(pic, id, slidePath) {
     try {
@@ -37462,13 +37767,13 @@ var PptxHandlerRuntime46 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
       if (!off || !ext) {
         return null;
       }
-      const x = Math.round(parseInt(off["@_x"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-      const y = Math.round(parseInt(off["@_y"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-      const width = Math.round(parseInt(ext["@_cx"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-      const height = Math.round(parseInt(ext["@_cy"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-      const rotation = xfrm["@_rot"] ? parseInt(xfrm["@_rot"]) / 6e4 : void 0;
-      const skewX = xfrm["@_skewX"] ? parseInt(String(xfrm["@_skewX"]), 10) / 6e4 : void 0;
-      const skewY = xfrm["@_skewY"] ? parseInt(String(xfrm["@_skewY"]), 10) / 6e4 : void 0;
+      const x = Math.round(parseEmuInt(off["@_x"]) / _PptxHandlerRuntime.EMU_PER_PX);
+      const y = Math.round(parseEmuInt(off["@_y"]) / _PptxHandlerRuntime.EMU_PER_PX);
+      const width = Math.round(parseEmuInt(ext["@_cx"]) / _PptxHandlerRuntime.EMU_PER_PX);
+      const height = Math.round(parseEmuInt(ext["@_cy"]) / _PptxHandlerRuntime.EMU_PER_PX);
+      const rotation = xfrm["@_rot"] ? parseEmuInt(xfrm["@_rot"]) / 6e4 : void 0;
+      const skewX = xfrm["@_skewX"] ? parseEmuInt(xfrm["@_skewX"]) / 6e4 : void 0;
+      const skewY = xfrm["@_skewY"] ? parseEmuInt(xfrm["@_skewY"]) / 6e4 : void 0;
       const { flipHorizontal, flipVertical } = this.readFlipState(xfrm);
       const nvPr = pic?.["p:nvPicPr"]?.["p:nvPr"];
       const videoFileNode = nvPr?.["a:videoFile"];
@@ -37495,7 +37800,13 @@ var PptxHandlerRuntime46 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
           const slideRels = this.slideRelsMap.get(slidePath);
           const posterTarget = slideRels?.get(posterREmbed || posterRLink);
           if (posterTarget) {
-            if (posterTarget.startsWith("http://") || posterTarget.startsWith("https://") || posterTarget.startsWith("data:")) {
+            const isExternal = posterTarget.startsWith("http://") || posterTarget.startsWith("https://");
+            if (isExternal) {
+              if (this.allowExternalImages === true) {
+                posterFramePath = posterTarget;
+                posterFrameData = posterTarget;
+              }
+            } else if (posterTarget.startsWith("data:")) {
               posterFramePath = posterTarget;
               posterFrameData = posterTarget;
             } else {
@@ -37615,7 +37926,13 @@ var PptxHandlerRuntime46 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
         const slideRels = this.slideRelsMap.get(slidePath);
         const target = slideRels?.get(rEmbed || rLink);
         if (target) {
-          if (target.startsWith("http://") || target.startsWith("https://") || target.startsWith("data:")) {
+          const isExternal = target.startsWith("http://") || target.startsWith("https://");
+          if (isExternal) {
+            if (this.allowExternalImages === true) {
+              imagePath = target;
+              imageData = target;
+            }
+          } else if (target.startsWith("data:")) {
             imagePath = target;
             imageData = target;
           } else {
@@ -38049,32 +38366,55 @@ var PptxHandlerRuntime47 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
 };
 
 // src/core/core/runtime/PptxHandlerRuntimeGroupParsing.ts
+var MAX_GROUP_DEPTH = 64;
+var INT32_MIN2 = -2147483648;
+var INT32_MAX2 = 2147483647;
+function parseEmuInt2(value) {
+  const parsed = parseInt(String(value ?? ""), 10);
+  if (!Number.isFinite(parsed)) {
+    return 0;
+  }
+  if (parsed < INT32_MIN2) {
+    return INT32_MIN2;
+  }
+  if (parsed > INT32_MAX2) {
+    return INT32_MAX2;
+  }
+  return parsed;
+}
 var PptxHandlerRuntime48 = class _PptxHandlerRuntime extends PptxHandlerRuntime47 {
-  async parseGroupShape(group, baseId, slidePath, rawXmlStr) {
+  async parseGroupShape(group, baseId, slidePath, rawXmlStr, depth = 0) {
+    if (depth > MAX_GROUP_DEPTH) {
+      this.compatibilityService.reportWarning({
+        code: "group-depth-exceeded",
+        severity: "warning",
+        scope: "element",
+        message: `Group nesting exceeded ${MAX_GROUP_DEPTH} levels; truncating subtree (baseId=${baseId})`,
+        slideId: slidePath,
+        elementId: baseId
+      });
+      return [];
+    }
     const grpSpPr = group["p:grpSpPr"];
     const xfrm = grpSpPr?.["a:xfrm"];
     let parentX = 0, parentY = 0, parentW = 0, parentH = 0;
     let chX = 0, chY = 0, chW = 0, chH = 0;
     if (xfrm) {
       if (xfrm["a:off"]) {
-        parentX = Math.round(parseInt(xfrm["a:off"]["@_x"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-        parentY = Math.round(parseInt(xfrm["a:off"]["@_y"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
+        parentX = Math.round(parseEmuInt2(xfrm["a:off"]["@_x"]) / _PptxHandlerRuntime.EMU_PER_PX);
+        parentY = Math.round(parseEmuInt2(xfrm["a:off"]["@_y"]) / _PptxHandlerRuntime.EMU_PER_PX);
       }
       if (xfrm["a:ext"]) {
-        parentW = Math.round(
-          parseInt(xfrm["a:ext"]["@_cx"] || "0") / _PptxHandlerRuntime.EMU_PER_PX
-        );
-        parentH = Math.round(
-          parseInt(xfrm["a:ext"]["@_cy"] || "0") / _PptxHandlerRuntime.EMU_PER_PX
-        );
+        parentW = Math.round(parseEmuInt2(xfrm["a:ext"]["@_cx"]) / _PptxHandlerRuntime.EMU_PER_PX);
+        parentH = Math.round(parseEmuInt2(xfrm["a:ext"]["@_cy"]) / _PptxHandlerRuntime.EMU_PER_PX);
       }
       if (xfrm["a:chOff"]) {
-        chX = Math.round(parseInt(xfrm["a:chOff"]["@_x"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-        chY = Math.round(parseInt(xfrm["a:chOff"]["@_y"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
+        chX = Math.round(parseEmuInt2(xfrm["a:chOff"]["@_x"]) / _PptxHandlerRuntime.EMU_PER_PX);
+        chY = Math.round(parseEmuInt2(xfrm["a:chOff"]["@_y"]) / _PptxHandlerRuntime.EMU_PER_PX);
       }
       if (xfrm["a:chExt"]) {
-        chW = Math.round(parseInt(xfrm["a:chExt"]["@_cx"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-        chH = Math.round(parseInt(xfrm["a:chExt"]["@_cy"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
+        chW = Math.round(parseEmuInt2(xfrm["a:chExt"]["@_cx"]) / _PptxHandlerRuntime.EMU_PER_PX);
+        chH = Math.round(parseEmuInt2(xfrm["a:chExt"]["@_cy"]) / _PptxHandlerRuntime.EMU_PER_PX);
       }
     }
     const scaleX = chW > 0 ? parentW / chW : 1;
@@ -38122,7 +38462,8 @@ var PptxHandlerRuntime48 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
           subGroup,
           `${baseId}-group-${entry.indexInType}`,
           slidePath,
-          rawXmlStr
+          rawXmlStr,
+          depth + 1
         );
         subElements.forEach((el) => transformElement(el));
         elements.push(...subElements);
@@ -38152,16 +38493,12 @@ var PptxHandlerRuntime48 = class _PptxHandlerRuntime extends PptxHandlerRuntime4
     let parentX = 0, parentY = 0, parentW = 0, parentH = 0;
     if (xfrm) {
       if (xfrm["a:off"]) {
-        parentX = Math.round(parseInt(xfrm["a:off"]["@_x"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
-        parentY = Math.round(parseInt(xfrm["a:off"]["@_y"] || "0") / _PptxHandlerRuntime.EMU_PER_PX);
+        parentX = Math.round(parseEmuInt2(xfrm["a:off"]["@_x"]) / _PptxHandlerRuntime.EMU_PER_PX);
+        parentY = Math.round(parseEmuInt2(xfrm["a:off"]["@_y"]) / _PptxHandlerRuntime.EMU_PER_PX);
       }
       if (xfrm["a:ext"]) {
-        parentW = Math.round(
-          parseInt(xfrm["a:ext"]["@_cx"] || "0") / _PptxHandlerRuntime.EMU_PER_PX
-        );
-        parentH = Math.round(
-          parseInt(xfrm["a:ext"]["@_cy"] || "0") / _PptxHandlerRuntime.EMU_PER_PX
-        );
+        parentW = Math.round(parseEmuInt2(xfrm["a:ext"]["@_cx"]) / _PptxHandlerRuntime.EMU_PER_PX);
+        parentH = Math.round(parseEmuInt2(xfrm["a:ext"]["@_cy"]) / _PptxHandlerRuntime.EMU_PER_PX);
       }
     }
     const grpFillStyle = grpSpPr ? this.extractShapeStyle(grpSpPr) : void 0;
@@ -38475,6 +38812,12 @@ var PptxHandlerRuntime51 = class extends PptxHandlerRuntime50 {
           const slideRels = this.slideRelsMap.get(slidePath);
           const target = slideRels?.get(rEmbed);
           if (target) {
+            if (target.startsWith("http://") || target.startsWith("https://")) {
+              if (this.allowExternalImages !== true) {
+                return void 0;
+              }
+              return target;
+            }
             const imagePath = this.resolveImagePath(slidePath, target);
             return this.getImageData(imagePath);
           }
@@ -41131,30 +41474,41 @@ var PptxHandlerRuntime63 = class extends PptxHandlerRuntime62 {
     };
   }
   collectLocalTextValues(node, localName, output) {
-    if (node === null || node === void 0) {
-      return;
-    }
-    if (Array.isArray(node)) {
-      node.forEach((entry) => {
-        this.collectLocalTextValues(entry, localName, output);
-      });
-      return;
-    }
-    if (typeof node !== "object") {
-      return;
-    }
-    const objectNode = node;
-    for (const [key, value] of Object.entries(objectNode)) {
-      if (this.compatibilityService.getXmlLocalName(key) === localName) {
-        if (typeof value === "string" || typeof value === "number") {
-          const textValue = String(value).trim();
-          if (textValue.length > 0) {
-            output.push(textValue);
+    const MAX_NODES = 1e6;
+    const stack = [node];
+    let visited = 0;
+    while (stack.length > 0) {
+      if (visited++ > MAX_NODES) {
+        break;
+      }
+      const current = stack.pop();
+      if (current === null || current === void 0) {
+        continue;
+      }
+      if (Array.isArray(current)) {
+        for (const entry of current) {
+          stack.push(entry);
+        }
+        continue;
+      }
+      if (typeof current !== "object") {
+        continue;
+      }
+      const objectNode = current;
+      for (const [key, value] of Object.entries(objectNode)) {
+        if (this.compatibilityService.getXmlLocalName(key) === localName) {
+          if (typeof value === "string" || typeof value === "number") {
+            const textValue = String(value).trim();
+            if (textValue.length > 0) {
+              output.push(textValue);
+            }
+            continue;
           }
-          continue;
+        }
+        if (value !== null && value !== void 0) {
+          stack.push(value);
         }
       }
-      this.collectLocalTextValues(value, localName, output);
     }
   }
   /**
@@ -42671,6 +43025,7 @@ var PptxHandlerRuntime73 = class _PptxHandlerRuntime extends PptxHandlerRuntime7
   }
   async initializeLoadSession(data, options) {
     this.eagerDecodeImages = options.eagerDecodeImages ?? false;
+    this.allowExternalImages = options.allowExternalImages === true;
     if (data.byteLength < 4) {
       throw new Error("Invalid PPTX binary: file is empty or truncated.");
     }
@@ -42688,6 +43043,29 @@ var PptxHandlerRuntime73 = class _PptxHandlerRuntime extends PptxHandlerRuntime7
       const message = error instanceof Error ? error.message : "Unable to read zip container.";
       throw new Error(`Invalid PPTX package: ${message}`, { cause: error });
     }
+    const maxBytes = typeof options.maxUncompressedBytes === "number" && options.maxUncompressedBytes > 0 ? options.maxUncompressedBytes : DEFAULT_MAX_UNCOMPRESSED_BYTES;
+    let totalUncompressed = 0;
+    let entryCount = 0;
+    for (const filename of Object.keys(this.zip.files)) {
+      entryCount += 1;
+      if (entryCount > MAX_ZIP_ENTRY_COUNT) {
+        throw new ZipBombError(
+          `PPTX archive contains more than ${MAX_ZIP_ENTRY_COUNT} entries \u2014 refusing to load.`,
+          { limit: MAX_ZIP_ENTRY_COUNT, entryCount }
+        );
+      }
+      const file = this.zip.files[filename];
+      const size = Number(file?._data?.uncompressedSize ?? 0);
+      if (Number.isFinite(size) && size > 0) {
+        totalUncompressed += size;
+        if (totalUncompressed > maxBytes) {
+          throw new ZipBombError(
+            `PPTX archive uncompressed size exceeds ${maxBytes} bytes (zip-bomb guard).`,
+            { uncompressedBytes: totalUncompressed, limit: maxBytes }
+          );
+        }
+      }
+    }
     this.slideRelsMap.clear();
     this.externalRelsMap.clear();
     this.slideMap.clear();
@@ -42947,12 +43325,35 @@ var PptxHandlerRuntime74 = class extends PptxHandlerRuntime73 {
    * attribute on `p:cNvPr` / `p:cNvCxnSpPr` / `p:cNvPicPr` nodes.
    * This is used to seed the element builder's ID counter so that
    * new elements never collide with existing ones.
+   *
+   * Implementation note (Load H1): uses an explicit-stack iterative walk
+   * instead of recursion to bound stack usage on attacker-supplied XML
+   * with deeply nested nodes. Also caps total visited nodes at
+   * MAX_NODES to bound CPU on pathological trees.
    */
   findMaxElementId(slides) {
+    const MAX_NODES = 1e6;
     let max = 0;
-    const visit = (node) => {
+    const stack = [];
+    for (const slide of slides) {
+      stack.push(slide.rawXml);
+    }
+    let visited = 0;
+    while (stack.length > 0) {
+      if (visited++ > MAX_NODES) {
+        break;
+      }
+      const node = stack.pop();
       if (node === null || node === void 0 || typeof node !== "object") {
-        return;
+        continue;
+      }
+      if (Array.isArray(node)) {
+        for (const item of node) {
+          if (item !== null && item !== void 0 && typeof item === "object") {
+            stack.push(item);
+          }
+        }
+        continue;
       }
       const obj = node;
       if ("@_id" in obj) {
@@ -42962,17 +43363,13 @@ var PptxHandlerRuntime74 = class extends PptxHandlerRuntime73 {
         }
       }
       for (const value of Object.values(obj)) {
-        if (Array.isArray(value)) {
-          for (const item of value) {
-            visit(item);
-          }
-        } else if (typeof value === "object" && value !== null) {
-          visit(value);
+        if (value === null || value === void 0) {
+          continue;
+        }
+        if (Array.isArray(value) || typeof value === "object") {
+          stack.push(value);
         }
       }
-    };
-    for (const slide of slides) {
-      visit(slide.rawXml);
     }
     return max;
   }
@@ -45630,27 +46027,52 @@ function perpendicularDistance(p, start, end) {
   const distY = p.y - projY;
   return Math.sqrt(distX * distX + distY * distY);
 }
+var MAX_DOUGLAS_PEUCKER_POINTS = 1e5;
 function douglasPeucker(points, tolerance) {
-  if (points.length <= 2) {
+  const n = points.length;
+  if (n <= 2) {
     return [...points];
   }
-  let maxDist = 0;
-  let maxIdx = 0;
-  const first = points[0];
-  const last = points[points.length - 1];
-  for (let i = 1; i < points.length - 1; i++) {
-    const dist = perpendicularDistance(points[i], first, last);
-    if (dist > maxDist) {
-      maxDist = dist;
-      maxIdx = i;
+  if (n > MAX_DOUGLAS_PEUCKER_POINTS) {
+    return [points[0], points[n - 1]];
+  }
+  const keep = new Uint8Array(n);
+  keep[0] = 1;
+  keep[n - 1] = 1;
+  const stack = [[0, n - 1]];
+  while (stack.length > 0) {
+    const range = stack.pop();
+    if (!range) {
+      break;
+    }
+    const [lo, hi] = range;
+    if (hi - lo < 2) {
+      continue;
+    }
+    const first = points[lo];
+    const last = points[hi];
+    let maxDist = 0;
+    let maxIdx = -1;
+    for (let i = lo + 1; i < hi; i++) {
+      const dist = perpendicularDistance(points[i], first, last);
+      if (dist > maxDist) {
+        maxDist = dist;
+        maxIdx = i;
+      }
+    }
+    if (maxIdx !== -1 && maxDist > tolerance) {
+      keep[maxIdx] = 1;
+      stack.push([lo, maxIdx]);
+      stack.push([maxIdx, hi]);
     }
   }
-  if (maxDist > tolerance) {
-    const left = douglasPeucker(points.slice(0, maxIdx + 1), tolerance);
-    const right = douglasPeucker(points.slice(maxIdx), tolerance);
-    return [...left.slice(0, -1), ...right];
+  const result = [];
+  for (let i = 0; i < n; i++) {
+    if (keep[i]) {
+      result.push(points[i]);
+    }
   }
-  return [first, last];
+  return result;
 }
 function catmullRomToBezier(points, factor = 6) {
   if (points.length < 2) {
@@ -46508,7 +46930,7 @@ function mergePresentation(targetData, sourceData, options) {
   if (options?.keepSourceTheme && sourceData.themeColorMap) {
     targetData.themeColorMap = { ...sourceData.themeColorMap };
     if (sourceData.theme) {
-      targetData.theme = JSON.parse(JSON.stringify(sourceData.theme));
+      targetData.theme = typeof structuredClone === "function" ? structuredClone(sourceData.theme) : JSON.parse(JSON.stringify(sourceData.theme));
     }
   }
   return clonedSlides.length;
@@ -49607,6 +50029,29 @@ var MediaContext = class {
 };
 
 // src/converter/base.ts
+function escapeHtml(value) {
+  if (value === void 0 || value === null) {
+    return "";
+  }
+  return String(value).replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
+var SAFE_LINK_PREFIXES = ["http://", "https://", "mailto:", "tel:", "#"];
+function safeHrefOrHash(value) {
+  if (typeof value !== "string") {
+    return "#";
+  }
+  const trimmed = value.trim();
+  if (trimmed.length === 0) {
+    return "#";
+  }
+  const lower = trimmed.toLowerCase();
+  for (const prefix of SAFE_LINK_PREFIXES) {
+    if (lower.startsWith(prefix)) {
+      return trimmed;
+    }
+  }
+  return "#";
+}
 function normalizePath(pathValue) {
   return pathValue.trim().replace(/\\/g, "/");
 }
@@ -49660,7 +50105,8 @@ var DocumentConverter = class {
     const lines = ["---"];
     for (const [key, value] of Object.entries(metadata)) {
       if (typeof value === "string") {
-        lines.push(`${key}: "${value}"`);
+        const safe = value.replace(/\\/g, "\\\\").replace(/"/g, '\\"').replace(/[-]/g, " ");
+        lines.push(`${key}: "${safe}"`);
       } else {
         lines.push(`${key}: ${value}`);
       }
@@ -50054,14 +50500,16 @@ var ImageElementProcessor = class {
       console.error(`[image-processor] ${msg}`);
       return `> **[Image extraction failed]** ${imageElement.id} (slide ${ctx.slideNumber})`;
     }
+    const safeAlt = escapeHtml(altText);
+    const safeSrc = escapeHtml(imagePath);
     if (ctx.semanticMode) {
-      return `![${altText}](${imagePath})`;
+      return `![${safeAlt}](${imagePath})`;
     }
     if (ctx.layoutScale) {
-      return `<img src="${imagePath}" alt="${altText}" style="max-width:100%;height:auto">`;
+      return `<img src="${safeSrc}" alt="${safeAlt}" style="max-width:100%;height:auto">`;
     }
     const dims = this.computeDisplaySize(element.width, element.height);
-    return `<img src="${imagePath}" alt="${altText}" width="${dims.w}" height="${dims.h}">`;
+    return `<img src="${safeSrc}" alt="${safeAlt}" width="${dims.w}" height="${dims.h}">`;
   }
   /** Scale element dimensions to a sensible display size, capping width. */
   computeDisplaySize(origW, origH, maxW = 600) {
@@ -50335,6 +50783,59 @@ var SmartArtElementProcessor = class {
 };
 
 // src/converter/elements/TableElementProcessor.ts
+var SAFE_CSS_NAMED_COLORS = /* @__PURE__ */ new Set([
+  "black",
+  "silver",
+  "gray",
+  "white",
+  "maroon",
+  "red",
+  "purple",
+  "fuchsia",
+  "green",
+  "lime",
+  "olive",
+  "yellow",
+  "navy",
+  "blue",
+  "teal",
+  "aqua",
+  "orange",
+  "transparent",
+  "currentcolor",
+  "inherit",
+  "initial",
+  "unset"
+]);
+function cssColorSafe(value) {
+  if (typeof value !== "string") {
+    return void 0;
+  }
+  const trimmed = value.trim();
+  if (trimmed.length === 0) {
+    return void 0;
+  }
+  if (/^#[0-9a-f]{3,8}$/i.test(trimmed)) {
+    return trimmed;
+  }
+  if (SAFE_CSS_NAMED_COLORS.has(trimmed.toLowerCase())) {
+    return trimmed;
+  }
+  return void 0;
+}
+function cssFontFamilySafe(value) {
+  if (typeof value !== "string") {
+    return void 0;
+  }
+  const trimmed = value.trim();
+  if (trimmed.length === 0) {
+    return void 0;
+  }
+  if (/^[a-zA-Z0-9 _\-,'"]{1,80}$/.test(trimmed)) {
+    return trimmed;
+  }
+  return void 0;
+}
 var TableElementProcessor = class {
   supportedTypes = ["table"];
   async process(element, ctx) {
@@ -50401,27 +50902,29 @@ ${htmlRows.join("\n")}
     }
     const css = this.buildCellCss(cell.style, isHeader);
     if (css) {
-      parts.push(` style="${css}"`);
+      parts.push(` style="${escapeHtml(css)}"`);
     }
     return parts.join("");
   }
   /** Converts PptxTableCellStyle to an inline CSS string. */
   buildCellCss(style, isHeader) {
     const rules = [];
-    if (style?.backgroundColor) {
-      rules.push(`background:${style.backgroundColor}`);
+    const safeBackground = cssColorSafe(style?.backgroundColor);
+    if (safeBackground) {
+      rules.push(`background:${safeBackground}`);
     }
-    if (style?.align) {
+    if (style?.align && /^[a-zA-Z]+$/.test(style.align)) {
       rules.push(`text-align:${style.align}`);
     }
-    if (style?.vAlign) {
+    if (style?.vAlign && /^[a-zA-Z]+$/.test(style.vAlign)) {
       rules.push(`vertical-align:${style.vAlign}`);
     }
     if (style?.fontSize) {
       rules.push(`font-size:${Math.round(style.fontSize)}px`);
     }
-    if (style?.color) {
-      rules.push(`color:${style.color}`);
+    const safeColor = cssColorSafe(style?.color);
+    if (safeColor) {
+      rules.push(`color:${safeColor}`);
     }
     if (style?.bold || isHeader) {
       rules.push("font-weight:bold");
@@ -50445,20 +50948,25 @@ ${htmlRows.join("\n")}
       return "";
     }
     const edges = [];
-    if (style.borderTopWidth && style.borderTopColor) {
-      edges.push(`border-top:${style.borderTopWidth}px solid ${style.borderTopColor}`);
+    const topColor = cssColorSafe(style.borderTopColor);
+    if (style.borderTopWidth && topColor) {
+      edges.push(`border-top:${Math.round(style.borderTopWidth)}px solid ${topColor}`);
     }
-    if (style.borderBottomWidth && style.borderBottomColor) {
-      edges.push(`border-bottom:${style.borderBottomWidth}px solid ${style.borderBottomColor}`);
+    const bottomColor = cssColorSafe(style.borderBottomColor);
+    if (style.borderBottomWidth && bottomColor) {
+      edges.push(`border-bottom:${Math.round(style.borderBottomWidth)}px solid ${bottomColor}`);
     }
-    if (style.borderLeftWidth && style.borderLeftColor) {
-      edges.push(`border-left:${style.borderLeftWidth}px solid ${style.borderLeftColor}`);
+    const leftColor = cssColorSafe(style.borderLeftColor);
+    if (style.borderLeftWidth && leftColor) {
+      edges.push(`border-left:${Math.round(style.borderLeftWidth)}px solid ${leftColor}`);
     }
-    if (style.borderRightWidth && style.borderRightColor) {
-      edges.push(`border-right:${style.borderRightWidth}px solid ${style.borderRightColor}`);
+    const rightColor = cssColorSafe(style.borderRightColor);
+    if (style.borderRightWidth && rightColor) {
+      edges.push(`border-right:${Math.round(style.borderRightWidth)}px solid ${rightColor}`);
     }
-    if (edges.length === 0 && style.borderColor) {
-      return `border:1px solid ${style.borderColor}`;
+    const fallback = cssColorSafe(style.borderColor);
+    if (edges.length === 0 && fallback) {
+      return `border:1px solid ${fallback}`;
     }
     return edges.join(";");
   }
@@ -50497,7 +51005,7 @@ ${htmlRows.join("\n")}
       }
       const css = this.buildRunCss(seg, cell.style);
       if (css) {
-        parts.push(`<span style="${css}">${text}</span>`);
+        parts.push(`<span style="${escapeHtml(css)}">${text}</span>`);
       } else {
         parts.push(text);
       }
@@ -50510,13 +51018,19 @@ ${htmlRows.join("\n")}
     const s = seg.style;
     const rules = [];
     if (s.fontFamily) {
-      rules.push(`font-family:${getSubstituteFontFamily(s.fontFamily)}`);
+      const safeFamily = cssFontFamilySafe(getSubstituteFontFamily(s.fontFamily));
+      if (safeFamily) {
+        rules.push(`font-family:${safeFamily}`);
+      }
     }
     if (s.fontSize && s.fontSize !== cellStyle?.fontSize) {
       rules.push(`font-size:${Math.round(s.fontSize)}px`);
     }
     if (s.color && s.color !== cellStyle?.color) {
-      rules.push(`color:${s.color}`);
+      const safeColor = cssColorSafe(s.color);
+      if (safeColor) {
+        rules.push(`color:${safeColor}`);
+      }
     }
     if (s.bold && !cellStyle?.bold) {
       rules.push("font-weight:bold");
@@ -50995,7 +51509,7 @@ var TextElementProcessor = class {
       if (fallbackText) {
         const align = textElement.textStyle?.align;
         if (align && align !== "left") {
-          parts.push(`<p align="${align}">${fallbackText}</p>`);
+          parts.push(`<p align="${escapeHtml(align)}">${escapeHtml(fallbackText)}</p>`);
         } else {
           parts.push(fallbackText);
         }
@@ -51030,7 +51544,7 @@ var TextElementProcessor = class {
       seen.add(dataUrl);
       try {
         const path = await ctx.mediaContext.saveImage(dataUrl, `slide${ctx.slideNumber}-bullet`);
-        extracted.push(`<img src="${path}" alt="Bullet image">`);
+        extracted.push(`<img src="${escapeHtml(path)}" alt="Bullet image">`);
       } catch {
       }
     }
@@ -51055,7 +51569,7 @@ var TextElementProcessor = class {
       if (ctx.semanticMode) {
         return `![Shape fill](${path})`;
       }
-      return `<img src="${path}" alt="Shape fill">`;
+      return `<img src="${escapeHtml(path)}" alt="Shape fill">`;
     } catch {
       return null;
     }
@@ -51089,10 +51603,10 @@ var TextElementProcessor = class {
         return `![Shape](${imgPath})`;
       }
       if (ctx.layoutScale) {
-        return `<img src="${imgPath}" alt="Shape" style="max-width:100%;height:auto">`;
+        return `<img src="${escapeHtml(imgPath)}" alt="Shape" style="max-width:100%;height:auto">`;
       }
       const dims = this.computeDisplaySize(shape.width, shape.height);
-      return `<img src="${imgPath}" alt="Shape" width="${dims.w}" height="${dims.h}">`;
+      return `<img src="${escapeHtml(imgPath)}" alt="Shape" width="${dims.w}" height="${dims.h}">`;
     } catch {
       return null;
     }
@@ -51422,7 +51936,7 @@ var SlideProcessor = class {
         slide.backgroundImage,
         `slide${slide.slideNumber}-bg`
       );
-      return `<img src="${path}" alt="Slide background" style="width:100%;height:100%;object-fit:cover">`;
+      return `<img src="${escapeHtml(path)}" alt="Slide background" style="width:100%;height:100%;object-fit:cover">`;
     } catch {
       return void 0;
     }
@@ -52217,10 +52731,11 @@ var TextSegmentRenderer = class {
       text = `<span style="font-variant:small-caps">${text}</span>`;
     }
     if (segment.style.hyperlink) {
-      const dest = this.renderLinkDestination(segment.style.hyperlink);
       if (useHtml) {
-        text = `<a href="${dest}">${text}</a>`;
+        const safeDest = escapeHtml(safeHrefOrHash(segment.style.hyperlink));
+        text = `<a href="${safeDest}">${text}</a>`;
       } else {
+        const dest = this.renderLinkDestination(segment.style.hyperlink);
         const title = segment.style.hyperlinkTooltip ? ` "${this.escapeLinkTitle(segment.style.hyperlinkTooltip)}"` : "";
         text = `[${text}](${dest}${title})`;
       }
@@ -52600,11 +53115,20 @@ function resolveDefaults(opts) {
     defaultFontSize: opts?.defaultFontSize ?? 18
   };
 }
-var _markerIdCounter = 0;
-function arrowMarkerDef(color) {
-  const id = `arrow_${++_markerIdCounter}`;
+function createRenderContext() {
+  return { defs: [], markerCache: /* @__PURE__ */ new Map(), markerIdCounter: 0 };
+}
+function getOrCreateArrowMarker(ctx, color) {
+  const key = color;
+  const cached = ctx.markerCache.get(key);
+  if (cached) {
+    return cached;
+  }
+  const id = `arrow_${++ctx.markerIdCounter}`;
   const svg = `<marker id="${id}" markerWidth="10" markerHeight="7" refX="10" refY="3.5" orient="auto" markerUnits="strokeWidth"><polygon points="0 0, 10 3.5, 0 7" fill="${escXml(color)}" /></marker>`;
-  return { id, svg };
+  ctx.defs.push(svg);
+  ctx.markerCache.set(key, id);
+  return id;
 }
 function renderTransform(el) {
   const parts = [];
@@ -52644,13 +53168,16 @@ function renderText(el, defaults) {
     textX = el.width - 4;
   }
   if (segments && segments.length > 0) {
-    let svg2 = `<text${attrs({
-      x: textX,
-      "text-anchor": textAnchor,
-      "font-family": fontFamily,
-      "font-size": fontSize,
-      fill: color
-    })}>`;
+    const parts2 = [];
+    parts2.push(
+      `<text${attrs({
+        x: textX,
+        "text-anchor": textAnchor,
+        "font-family": fontFamily,
+        "font-size": fontSize,
+        fill: color
+      })}>`
+    );
     let dy = fontSize * 1.2;
     let isFirstSegment = true;
     for (const seg of segments) {
@@ -52687,31 +53214,36 @@ function renderText(el, defaults) {
       if (segStyle.underline) {
         segAttrs["text-decoration"] = "underline";
       }
-      svg2 += `<tspan${attrs(segAttrs)}>${escXml(seg.text)}</tspan>`;
+      parts2.push(`<tspan${attrs(segAttrs)}>${escXml(seg.text)}</tspan>`);
     }
-    svg2 += `</text>`;
-    return svg2;
+    parts2.push(`</text>`);
+    return parts2.join("");
   }
   const bold = style?.bold;
   const italic = style?.italic;
   const lines = text.split("\n");
-  let svg = `<text${attrs({
-    x: textX,
-    "text-anchor": textAnchor,
-    "font-family": fontFamily,
-    "font-size": fontSize,
-    fill: color,
-    "font-weight": bold ? "bold" : void 0,
-    "font-style": italic ? "italic" : void 0
-  })}>`;
-  for (let i = 0; i < lines.length; i++) {
-    svg += `<tspan${attrs({
+  const parts = [];
+  parts.push(
+    `<text${attrs({
       x: textX,
-      dy: i === 0 ? fontSize * 1.2 : fontSize * 1.2
-    })}>${escXml(lines[i])}</tspan>`;
+      "text-anchor": textAnchor,
+      "font-family": fontFamily,
+      "font-size": fontSize,
+      fill: color,
+      "font-weight": bold ? "bold" : void 0,
+      "font-style": italic ? "italic" : void 0
+    })}>`
+  );
+  for (let i = 0; i < lines.length; i++) {
+    parts.push(
+      `<tspan${attrs({
+        x: textX,
+        dy: i === 0 ? fontSize * 1.2 : fontSize * 1.2
+      })}>${escXml(lines[i])}</tspan>`
+    );
   }
-  svg += `</text>`;
-  return svg;
+  parts.push(`</text>`);
+  return parts.join("");
 }
 function renderShapeBody(el) {
   if (el.type !== "shape" && el.type !== "text") {
@@ -52786,7 +53318,7 @@ function renderImageElement(el) {
     preserveAspectRatio: "none"
   })} href="${escXml(imageData)}" />`;
 }
-function renderConnector(el, defs) {
+function renderConnector(el, ctx) {
   if (el.type !== "connector") {
     return "";
   }
@@ -52796,14 +53328,12 @@ function renderConnector(el, defs) {
   let markerStart;
   let markerEnd;
   if (shapeStyle?.connectorStartArrow && shapeStyle.connectorStartArrow !== "none") {
-    const m = arrowMarkerDef(strokeColor);
-    defs.push(m.svg);
-    markerStart = `url(#${m.id})`;
+    const id = getOrCreateArrowMarker(ctx, strokeColor);
+    markerStart = `url(#${id})`;
   }
   if (shapeStyle?.connectorEndArrow && shapeStyle.connectorEndArrow !== "none") {
-    const m = arrowMarkerDef(strokeColor);
-    defs.push(m.svg);
-    markerEnd = `url(#${m.id})`;
+    const id = getOrCreateArrowMarker(ctx, strokeColor);
+    markerEnd = `url(#${id})`;
   }
   return `<line${attrs({
     x1: 0,
@@ -52827,7 +53357,7 @@ function renderTable(el, defaults) {
   const cols = tableData.columnWidths;
   const numRows = tableData.rows.length;
   const rowHeight = el.height / numRows;
-  let svg = "";
+  const parts = [];
   let yOffset = 0;
   for (const row of tableData.rows) {
     const h = row.height ?? rowHeight;
@@ -52844,62 +53374,68 @@ function renderTable(el, defaults) {
       const textColor = cell.style?.color ?? "#000000";
       const fontSize = cell.style?.fontSize ?? defaults.defaultFontSize;
       const bold = cell.style?.bold;
-      svg += `<rect${attrs({
-        x: xOffset,
-        y: yOffset,
-        width: cellWidth,
-        height: h,
-        fill: bgColor,
-        stroke: borderColor,
-        "stroke-width": 0.5
-      })} />`;
+      parts.push(
+        `<rect${attrs({
+          x: xOffset,
+          y: yOffset,
+          width: cellWidth,
+          height: h,
+          fill: bgColor,
+          stroke: borderColor,
+          "stroke-width": 0.5
+        })} />`
+      );
       if (cell.text) {
-        svg += `<text${attrs({
-          x: xOffset + 4,
-          y: yOffset + h / 2,
-          "dominant-baseline": "central",
-          "font-family": defaults.defaultFontFamily,
-          "font-size": fontSize,
-          fill: textColor,
-          "font-weight": bold ? "bold" : void 0
-        })}>${escXml(cell.text)}</text>`;
+        parts.push(
+          `<text${attrs({
+            x: xOffset + 4,
+            y: yOffset + h / 2,
+            "dominant-baseline": "central",
+            "font-family": defaults.defaultFontFamily,
+            "font-size": fontSize,
+            fill: textColor,
+            "font-weight": bold ? "bold" : void 0
+          })}>${escXml(cell.text)}</text>`
+        );
       }
       xOffset += cellWidth;
     }
     yOffset += h;
   }
-  return svg;
+  return parts.join("");
 }
-function renderGroup(el, defaults, defs) {
+function renderGroup(el, defaults, ctx) {
   if (el.type !== "group") {
     return "";
   }
-  let inner = "";
+  const parts = [];
   for (const child of el.children) {
-    inner += renderElement(child, defaults, defs);
+    parts.push(renderElement(child, defaults, ctx));
   }
-  return inner;
+  return parts.join("");
 }
 function renderInk(el) {
   if (el.type !== "ink") {
     return "";
   }
-  let svg = "";
+  const parts = [];
   for (let i = 0; i < el.inkPaths.length; i++) {
     const path = el.inkPaths[i];
     const color = el.inkColors?.[i] ?? "#000000";
     const width = el.inkWidths?.[i] ?? 1;
     const opacity = el.inkOpacities?.[i];
-    svg += `<path${attrs({
-      d: path,
-      fill: "none",
-      stroke: color,
-      "stroke-width": width,
-      "stroke-opacity": opacity,
-      "stroke-linecap": "round"
-    })} />`;
+    parts.push(
+      `<path${attrs({
+        d: path,
+        fill: "none",
+        stroke: color,
+        "stroke-width": width,
+        "stroke-opacity": opacity,
+        "stroke-linecap": "round"
+      })} />`
+    );
   }
-  return svg;
+  return parts.join("");
 }
 function renderPlaceholder(el) {
   return `<rect${attrs({
@@ -52919,7 +53455,7 @@ function renderPlaceholder(el) {
     fill: "#999999"
   })}>${escXml(el.type)}</text>`;
 }
-function renderElement(el, defaults, defs) {
+function renderElement(el, defaults, ctx) {
   if (el.hidden) {
     return "";
   }
@@ -52934,7 +53470,7 @@ function renderElement(el, defaults, defs) {
       inner = renderShapeBody(el) + renderText(el, defaults);
       break;
     case "connector":
-      inner = renderConnector(el, defs);
+      inner = renderConnector(el, ctx);
       break;
     case "image":
     case "picture":
@@ -52944,7 +53480,7 @@ function renderElement(el, defaults, defs) {
       inner = renderTable(el, defaults);
       break;
     case "group":
-      inner = renderGroup(el, defaults, defs);
+      inner = renderGroup(el, defaults, ctx);
       break;
     case "ink":
       inner = renderInk(el);
@@ -52990,24 +53526,21 @@ var SvgExporter = class _SvgExporter {
    * @returns A complete SVG document as a string.
    */
   static exportSlide(slide, width, height, options) {
-    _markerIdCounter = 0;
     const defaults = resolveDefaults(options);
-    const defs = [];
-    let body = renderBackground(slide, width, height);
+    const ctx = createRenderContext();
+    const bodyParts = [];
+    bodyParts.push(renderBackground(slide, width, height));
     for (const el of slide.elements) {
-      body += renderElement(el, defaults, defs);
-    }
-    let defsBlock = "";
-    if (defs.length) {
-      defsBlock = `<defs>${defs.join("")}</defs>`;
+      bodyParts.push(renderElement(el, defaults, ctx));
     }
+    const defsBlock = ctx.defs.length ? `<defs>${ctx.defs.join("")}</defs>` : "";
     return `<svg${attrs({
       xmlns: SVG_NS,
       "xmlns:xlink": XLINK_NS,
       viewBox: `0 0 ${width} ${height}`,
       width,
       height
-    })}>${defsBlock}${body}</svg>`;
+    })}>${defsBlock}${bodyParts.join("")}</svg>`;
   }
   /**
    * Export all (or selected) slides to SVG XML strings.
@@ -53033,4 +53566,4 @@ var SvgExporter = class _SvgExporter {
   }
 };
 
-export { ALL_ANIMATION_PRESETS, BLIP_FILL_ORDER, COLOR_MAP_ALIAS_KEYS, CONNECTOR_ARROW_OPTIONS, CONNECTOR_GEOMETRY_OPTIONS, ChartBuilder, ConnectorBuilder, ConnectorXmlFactory, DEFAULT_CANVAS_HEIGHT, DEFAULT_CANVAS_WIDTH, DEFAULT_COLOR_MAP, DEFAULT_FILL_COLOR, DEFAULT_FONT_FAMILY, DEFAULT_SCHEME_COLOR_MAP, DEFAULT_STROKE_COLOR, DEFAULT_TEXT_COLOR, DEFAULT_TEXT_FONT_SIZE, DIGEST_ALGORITHM_TO_HASH, DIGEST_ALGORITHM_TO_WEB_CRYPTO, DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, DIGITAL_SIGNATURE_REL_TYPE, DataIntegrityError, DocumentConverter, EFFECT_LST_ORDER, EMPHASIS_PRESETS, EMU_PER_INCH, EMU_PER_PIXEL2 as EMU_PER_PIXEL, EMU_PER_POINT, EMU_PER_PX, ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, ENTERPRISE_REQUIRE_REVOCATION_ENV, ENTERPRISE_REQUIRE_TIMESTAMP_ENV, ENTERPRISE_TRUST_ROOTS_FILE_ENV, ENTERPRISE_TRUST_ROOTS_PEM_ENV, ENTRANCE_PRESETS, EXIT_PRESETS, EncryptedFileError, FONT_SUBSTITUTION_MAP, FreeformPathBuilder, GroupBuilder, ImageBuilder, IncorrectPasswordError, MIN_ELEMENT_SIZE, MOTION_PATH_PRESETS, MediaBuilder, MediaContext, MediaGraphicFrameXmlFactory, OPC_RELATIONSHIP_TRANSFORM, Ole2ParseError, P14_GUIDE_URI, P15_GUIDE_URI, PANOSE_FAMILY_MAP, PANOSE_MONOSPACE_PROPORTION, PANOSE_SANS_SERIF_STYLES, PANOSE_WEIGHT_MAP, POWERPOINT_PRESENCE_KEY, PPTX_VIEWER_MANIFEST_NS, PRESET_COLOR_MAP, PRESET_SHAPE_CATEGORY_LABELS, PRESET_SHAPE_CLIP_PATHS, PRESET_SHAPE_DEFINITIONS, PRESET_TO_OOXML, PictureXmlFactory, PptxAnimationWriteService, PptxColorStyleCodec, PptxCommentAuthorsXmlFactory, PptxCommentXmlFactoryProvider, PptxCompatibilityService, PptxConnectorParser, PptxContentTypesBuilder, PptxDocumentPropertiesUpdater, PptxEditorAnimationService, PptxElementTransformUpdater, PptxElementXmlBuilder, PptxGraphicFrameParser, PptxHandler, PptxHandlerRuntime76 as PptxHandlerRuntime, PptxHandlerRuntimeFactory, PptxLoadDataBuilder, PptxMarkdownConverter, PptxMediaDataParser, PptxNativeAnimationService, PptxPresentationSaveBuilder, PptxPresentationSlidesReconciler, PptxRuntimeDependencyFactory, PptxSaveConstantsFactory, PptxSaveState as PptxSaveSession, PptxSaveStateBuilder as PptxSaveSessionBuilder, PptxSaveState, PptxSaveStateBuilder, PptxShapeIdValidator, PptxShapeStyleExtractor, PptxSlideBackgroundBuilder, PptxSlideBuilder, PptxSlideCommentPartWriter, PptxSlideCommentsXmlFactory, PptxSlideElementsBuilder, PptxSlideLoaderService, PptxSlideMediaRelationshipBuilder, PptxSlideNotesBuilder, PptxSlideNotesPartUpdater, PptxSlideRelationshipRegistry, PptxSlideTransitionService, PptxTableDataParser, PptxTemplateBackgroundService, PptxXmlBuilder, PptxXmlFactoryProvider, PptxXmlLookupService, Presentation, PresentationBuilder, SHAPE_TREE_ELEMENT_TAGS, SP_PR_ORDER, STROKE_DASH_OPTIONS, SUPPORTED_XML_CANON_TRANSFORMS, SWITCHABLE_LAYOUT_TYPES, SYSTEM_COLOR_MAP, ShapeBuilder, SlideBuilder, SlideProcessor, SlideSizes, SvgExporter, TC_PR_BORDERS_ORDER, THEME_COLOR_SCHEME_KEYS, THEME_PRESETS, TRANSITION_VALID_DIRECTIONS, TableBuilder, TextBuilder, TextShapeXmlFactory, ThemePresets, VML_SHAPE_TAGS, XMLDSIG_NS, XML_TRANSFORM_ENVELOPED_SIGNATURE, addChartCategory, addChartSeries, addSection, addSmartArtNode, addSmartArtNodeAsChild, applyDrawingColorTransforms, applyKinsokuToXml, applyTemplate, applyThemeToData, areNamespacesSupported, buildCalloutLeaderLineSvgPath, buildClrMapOverrideXml, buildFontFamilyString, buildGuideListExtension, buildLinkedTextBoxChains, buildOle2, buildSingleEffectNode, buildSrgbColorChoice, buildThemeColorMap, catmullRomToBezier, chartDataAddCategory, chartDataAddSeries, chartDataChangeType, chartDataRemoveCategory, chartDataRemoveSeries, chartDataUpdatePoint, checkBlankSlide, checkComplexTables, checkDuplicateTitles, checkLowContrast, checkMissingAltText, checkMissingSlideTitle, checkPresentation, clampUnitInterval, classifyPanose, cloneElement, cloneShapeStyle, cloneSlide, cloneTemplateElementsBySlideId, cloneTextStyle, cloneXmlObject, cm, cmToEmu, colorWithOpacity, colorsEqual, combineShapes, computeContrastRatio, computeCycleLayout, computeDetailStatus, computeDigestBase64 as computeDigestBase64WebCrypto, computeHierarchyLayout, computeLinearLayout, computeMatrixLayout, computePyramidLayout, computeSmartArtLayout, computeSnakeLayout, computeVerificationStatus, convertEmfToDataUrl, convertWmfToDataUrl, convertXmlToStrict, createArrayBufferCopy, createBuiltinVariables, createChartElement, createConnectorElement, createDefaultPptxHandlerRuntime, createEditorId, createFreeformElement, createGroupElement, createImageElement, createLayout, createLayouts, createMediaElement, createModifyVerifier, createPptxSaveConstants, createShapeElement, createTableElement, createTemplateConnectorRawXml, createTemplateShapeRawXml, createTextElement, createUniformTextSegments, dataUrlToMediaBytes, decomposeSmartArt, decryptPptx, demoteSmartArtNode, deobfuscateFont, deriveOutputPath, detectDigitalSignatures, detectFileFormat, detectFontFormat, detectOleObjectType, detectStrictConformance, diffPresentations, diffSlides, distributeSegmentsAcrossChain, douglasPeucker, duplicateElement, duplicateSlide, elementActionToPptxAction, elementHasAction, emuToPixels, encryptPptx, ensureArrayValue, escapeXmlAttr, estimateTextBoxCapacity, evaluateGeometryPaths, evaluateGuides, extractAllTagText, extractColorChoiceXml, extractFirstTagText, extractGuidFromPartName, extractModel3DTransform, extractTagAttribute, fetchUrlToBytes, findCustomShow, findLayoutByName, findLayoutByType, findPlaceholders, findText, formatCommentTimestamp, fragmentShapes, generateFontGuid, generateLayoutXml, generateMediaFilename, getAnimationPresetInfo, getCalloutLeaderLineGeometry, getCalloutTier, getCalloutViewBoxBounds, getCommentMarkerPosition, getConnectorAdjustment, getConnectorPathGeometry, getCssBorderDashStyle, getCustomShowNames, getCustomShowPositionLabel, getDirectory, getElementLabel, getElementTextContent, getElementTransform, getImageMaskStyle, getLinkedTextBoxSegments, getOleObjectTypeLabel, getPanoseWeight, getPresetShapeClipPath, getPresetsByCategory, getRoundRectRadiusPx, getSectionForSlide, getSectionSlideRange, getShapeClipPath, getShapeType, getSignaturePathsToStrip, getSubstituteFontFamily, getSubstituteFonts, getSupportedNamespaces, getSvgStrokeDasharray, getTextCompensationTransform, getThemePreset, getZoomElements, getZoomTargetSlideIndexes, guidToKey, guideEmuToPx, guidePxToEmu, hasDirectSubstitution, hasNonTrivialOverride, hasShapeProperties, hasTextProperties, hexToRgbChannels, hslToRgb, inches, inchesToEmu, inferOleExtensionFromTarget, interpolateShapeGeometry, intersectPolygons, intersectShapes, intersectSvgPaths, isCalloutShape, isConnectorElement, isEditableTextElement, isImageLikeElement, isInkElement, isNamespaceSupported, isShapeElement, isStrictNamespaceUri, isSummaryZoomSlide, isSwitchableLayoutType, isTemplateElement, isTextElement, isTransitionalNamespaceUri, isZoomElement, isZoomElement2 as isZoomElementUtil, layoutEngineShapesToDrawingShapes, mailMerge, mergePresentation, mergeShapes, mergeStyleParts, mergeThemeColorOverride, mm, moveSlidesToSection, navigateCustomShow, normalizeHexColor, normalizeNamespaceUri, normalizePartPath, normalizePath, normalizeStrictXml, normalizeStrokeDashType, obfuscateFont, ooxmlArcToSvg, parseActiveXControlsFromSlide, parseAdjustmentValues, parseBodyPrBooleanAttrs, parseChart3DSurfaces, parseChartAxes, parseCondition, parseConditionList, parseCxChartSeries, parseDataTable, parseDataUrlToBytes, parseDrawingColor, parseDrawingColorChoice, parseDrawingColorOpacity, parseDrawingFraction, parseDrawingHueDegrees, parseDrawingPercent, parseEmbeddedXlsx, parseGuideDefinitions, parseHexColor, parseKinsoku, parseLayoutDefinition, parseLineStyle, parseMarker, parseOle2, parsePanoseBytes, parsePanoseString, parsePresentationDrawingGuides, parseSeriesDataLabels, parseSeriesDataPoints, parseSeriesErrBars, parseSeriesExplosion, parseSeriesTrendlines, parseShapeProps, parseSignatureXml, parseSlideDrawingGuides, parseSvgPath, parseVmlElement, parseVmlElements, pixelsToEmu, polygonsToSvgPath, pptxActionToElementAction, promoteSmartArtNode, pt, reResolveSlideColors, readFileAsDataUrl, reflowSmartArtLayout, relativeLuminance, relayoutSmartArt, removeChartCategory, removeChartSeries, removeSection, removeSmartArtNode, reorderObjectKeys, reorderSections, reorderSmartArtNode, reorderSmartArtNodeToIndex, repairPptx, replaceShapeGeometry, replaceText, replaceTextInSlide, replaceWithCustomGeometry, resetCloneIdCounter, resetDecomposeCounter, resetIdCounter, resetSectionIdCounter, resetSmartArtEditCounter, resolveCoordinate, resolveCustomShowSlideIndices, resolveModel3DMimeType, resolveReferenceUriToPart, resolveTableCellStyle, rgbToHsl, selectAlternateContentBranch, serializeColorChoice, serializeCondition, serializeConditionList, serializeSvgPath, setChartCategories, setChartGrouping, setChartTitle, setChartType, shouldRenderFallbackLabel, shouldReturnToZoomSlide, subtractPolygons, subtractShapes, subtractSvgPaths, svgPathToPolygons, switchSmartArtLayout, toHex, toStrictNamespaceUri, unionPolygons, unionShapes, unionSvgPaths, unwrapAlternateContent, updateChartDataPoint, updateChartSeriesValues, updateSmartArtNodeText, validatePptx, verifyModifyPassword, verifyPassword, verifySignatureDigests, writeBodyPrBooleanAttrs };
+export { ALL_ANIMATION_PRESETS, BLIP_FILL_ORDER, COLOR_MAP_ALIAS_KEYS, CONNECTOR_ARROW_OPTIONS, CONNECTOR_GEOMETRY_OPTIONS, ChartBuilder, ConnectorBuilder, ConnectorXmlFactory, DEFAULT_CANVAS_HEIGHT, DEFAULT_CANVAS_WIDTH, DEFAULT_COLOR_MAP, DEFAULT_FILL_COLOR, DEFAULT_FONT_FAMILY, DEFAULT_MAX_UNCOMPRESSED_BYTES, DEFAULT_SCHEME_COLOR_MAP, DEFAULT_STROKE_COLOR, DEFAULT_TEXT_COLOR, DEFAULT_TEXT_FONT_SIZE, DIGEST_ALGORITHM_TO_HASH, DIGEST_ALGORITHM_TO_WEB_CRYPTO, DIGITAL_SIGNATURE_ORIGIN_REL_TYPE, DIGITAL_SIGNATURE_REL_TYPE, DataIntegrityError, DocumentConverter, EFFECT_LST_ORDER, EMPHASIS_PRESETS, EMU_PER_INCH, EMU_PER_PIXEL2 as EMU_PER_PIXEL, EMU_PER_POINT, EMU_PER_PX, ENTERPRISE_FAIL_ON_REVOCATION_UNKNOWN_ENV, ENTERPRISE_REQUIRE_REVOCATION_ENV, ENTERPRISE_REQUIRE_TIMESTAMP_ENV, ENTERPRISE_TRUST_ROOTS_FILE_ENV, ENTERPRISE_TRUST_ROOTS_PEM_ENV, ENTRANCE_PRESETS, EXIT_PRESETS, EncryptedFileError, FONT_SUBSTITUTION_MAP, FreeformPathBuilder, GroupBuilder, ImageBuilder, IncorrectPasswordError, MAX_ZIP_ENTRY_COUNT, MIN_ELEMENT_SIZE, MOTION_PATH_PRESETS, MediaBuilder, MediaContext, MediaGraphicFrameXmlFactory, OPC_RELATIONSHIP_TRANSFORM, Ole2ParseError, P14_GUIDE_URI, P15_GUIDE_URI, PANOSE_FAMILY_MAP, PANOSE_MONOSPACE_PROPORTION, PANOSE_SANS_SERIF_STYLES, PANOSE_WEIGHT_MAP, POWERPOINT_PRESENCE_KEY, PPTX_VIEWER_MANIFEST_NS, PRESET_COLOR_MAP, PRESET_SHAPE_CATEGORY_LABELS, PRESET_SHAPE_CLIP_PATHS, PRESET_SHAPE_DEFINITIONS, PRESET_TO_OOXML, PictureXmlFactory, PptxAnimationWriteService, PptxColorStyleCodec, PptxCommentAuthorsXmlFactory, PptxCommentXmlFactoryProvider, PptxCompatibilityService, PptxConnectorParser, PptxContentTypesBuilder, PptxDocumentPropertiesUpdater, PptxEditorAnimationService, PptxElementTransformUpdater, PptxElementXmlBuilder, PptxGraphicFrameParser, PptxHandler, PptxHandlerRuntime76 as PptxHandlerRuntime, PptxHandlerRuntimeFactory, PptxLoadDataBuilder, PptxMarkdownConverter, PptxMediaDataParser, PptxNativeAnimationService, PptxPresentationSaveBuilder, PptxPresentationSlidesReconciler, PptxRuntimeDependencyFactory, PptxSaveConstantsFactory, PptxSaveState as PptxSaveSession, PptxSaveStateBuilder as PptxSaveSessionBuilder, PptxSaveState, PptxSaveStateBuilder, PptxShapeIdValidator, PptxShapeStyleExtractor, PptxSlideBackgroundBuilder, PptxSlideBuilder, PptxSlideCommentPartWriter, PptxSlideCommentsXmlFactory, PptxSlideElementsBuilder, PptxSlideLoaderService, PptxSlideMediaRelationshipBuilder, PptxSlideNotesBuilder, PptxSlideNotesPartUpdater, PptxSlideRelationshipRegistry, PptxSlideTransitionService, PptxTableDataParser, PptxTemplateBackgroundService, PptxXmlBuilder, PptxXmlFactoryProvider, PptxXmlLookupService, Presentation, PresentationBuilder, SHAPE_TREE_ELEMENT_TAGS, SP_PR_ORDER, STROKE_DASH_OPTIONS, SUPPORTED_XML_CANON_TRANSFORMS, SWITCHABLE_LAYOUT_TYPES, SYSTEM_COLOR_MAP, ShapeBuilder, SlideBuilder, SlideProcessor, SlideSizes, SvgExporter, TC_PR_BORDERS_ORDER, THEME_COLOR_SCHEME_KEYS, THEME_PRESETS, TRANSITION_VALID_DIRECTIONS, TableBuilder, TextBuilder, TextShapeXmlFactory, ThemePresets, VML_SHAPE_TAGS, XMLDSIG_NS, XML_TRANSFORM_ENVELOPED_SIGNATURE, ZipBombError, addChartCategory, addChartSeries, addSection, addSmartArtNode, addSmartArtNodeAsChild, applyDrawingColorTransforms, applyKinsokuToXml, applyTemplate, applyThemeToData, areNamespacesSupported, buildCalloutLeaderLineSvgPath, buildClrMapOverrideXml, buildFontFamilyString, buildGuideListExtension, buildLinkedTextBoxChains, buildOle2, buildSingleEffectNode, buildSrgbColorChoice, buildThemeColorMap, catmullRomToBezier, chartDataAddCategory, chartDataAddSeries, chartDataChangeType, chartDataRemoveCategory, chartDataRemoveSeries, chartDataUpdatePoint, checkBlankSlide, checkComplexTables, checkDuplicateTitles, checkLowContrast, checkMissingAltText, checkMissingSlideTitle, checkPresentation, clampUnitInterval, classifyPanose, cloneElement, cloneShapeStyle, cloneSlide, cloneTemplateElementsBySlideId, cloneTextStyle, cloneXmlObject, cm, cmToEmu, colorWithOpacity, colorsEqual, combineShapes, computeContrastRatio, computeCycleLayout, computeDetailStatus, computeDigestBase64 as computeDigestBase64WebCrypto, computeHierarchyLayout, computeLinearLayout, computeMatrixLayout, computePyramidLayout, computeSmartArtLayout, computeSnakeLayout, computeVerificationStatus, convertEmfToDataUrl, convertWmfToDataUrl, convertXmlToStrict, createArrayBufferCopy, createBuiltinVariables, createChartElement, createConnectorElement, createDefaultPptxHandlerRuntime, createEditorId, createFreeformElement, createGroupElement, createImageElement, createLayout, createLayouts, createMediaElement, createModifyVerifier, createPptxSaveConstants, createShapeElement, createTableElement, createTemplateConnectorRawXml, createTemplateShapeRawXml, createTextElement, createUniformTextSegments, dataUrlToMediaBytes, decomposeSmartArt, decryptPptx, demoteSmartArtNode, deobfuscateFont, deriveOutputPath, detectDigitalSignatures, detectFileFormat, detectFontFormat, detectOleObjectType, detectStrictConformance, diffPresentations, diffSlides, distributeSegmentsAcrossChain, douglasPeucker, duplicateElement, duplicateSlide, elementActionToPptxAction, elementHasAction, emuToPixels, encryptPptx, ensureArrayValue, escapeXmlAttr, escapeXmlText, estimateTextBoxCapacity, evaluateGeometryPaths, evaluateGuides, extractAllTagText, extractColorChoiceXml, extractFirstTagText, extractGuidFromPartName, extractModel3DTransform, extractTagAttribute, fetchUrlToBytes, findCustomShow, findLayoutByName, findLayoutByType, findPlaceholders, findText, formatCommentTimestamp, fragmentShapes, generateFontGuid, generateLayoutXml, generateMediaFilename, getAnimationPresetInfo, getCalloutLeaderLineGeometry, getCalloutTier, getCalloutViewBoxBounds, getCommentMarkerPosition, getConnectorAdjustment, getConnectorPathGeometry, getCssBorderDashStyle, getCustomShowNames, getCustomShowPositionLabel, getDirectory, getElementLabel, getElementTextContent, getElementTransform, getImageMaskStyle, getLinkedTextBoxSegments, getOleObjectTypeLabel, getPanoseWeight, getPresetShapeClipPath, getPresetsByCategory, getRoundRectRadiusPx, getSectionForSlide, getSectionSlideRange, getShapeClipPath, getShapeType, getSignaturePathsToStrip, getSubstituteFontFamily, getSubstituteFonts, getSupportedNamespaces, getSvgStrokeDasharray, getTextCompensationTransform, getThemePreset, getZoomElements, getZoomTargetSlideIndexes, guidToKey, guideEmuToPx, guidePxToEmu, hasDirectSubstitution, hasNonTrivialOverride, hasShapeProperties, hasTextProperties, hexToRgbChannels, hslToRgb, inches, inchesToEmu, inferOleExtensionFromTarget, interpolateShapeGeometry, intersectPolygons, intersectShapes, intersectSvgPaths, isCalloutShape, isConnectorElement, isEditableTextElement, isImageLikeElement, isInkElement, isNamespaceSupported, isShapeElement, isStrictNamespaceUri, isSummaryZoomSlide, isSwitchableLayoutType, isTemplateElement, isTextElement, isTransitionalNamespaceUri, isValidBase64, isZoomElement, isZoomElement2 as isZoomElementUtil, layoutEngineShapesToDrawingShapes, mailMerge, mergePresentation, mergeShapes, mergeStyleParts, mergeThemeColorOverride, mm, moveSlidesToSection, navigateCustomShow, normalizeHexColor, normalizeNamespaceUri, normalizePartPath, normalizePath, normalizeStrictXml, normalizeStrokeDashType, obfuscateFont, ooxmlArcToSvg, parseActiveXControlsFromSlide, parseAdjustmentValues, parseBodyPrBooleanAttrs, parseChart3DSurfaces, parseChartAxes, parseCondition, parseConditionList, parseCxChartSeries, parseDataTable, parseDataUrlToBytes, parseDrawingColor, parseDrawingColorChoice, parseDrawingColorOpacity, parseDrawingFraction, parseDrawingHueDegrees, parseDrawingPercent, parseEmbeddedXlsx, parseGuideDefinitions, parseHexColor, parseKinsoku, parseLayoutDefinition, parseLineStyle, parseMarker, parseOle2, parsePanoseBytes, parsePanoseString, parsePresentationDrawingGuides, parseSeriesDataLabels, parseSeriesDataPoints, parseSeriesErrBars, parseSeriesExplosion, parseSeriesTrendlines, parseShapeProps, parseSignatureXml, parseSlideDrawingGuides, parseSvgPath, parseVmlElement, parseVmlElements, pixelsToEmu, polygonsToSvgPath, pptxActionToElementAction, promoteSmartArtNode, pt, reResolveSlideColors, readFileAsDataUrl, reflowSmartArtLayout, relativeLuminance, relayoutSmartArt, removeChartCategory, removeChartSeries, removeSection, removeSmartArtNode, reorderObjectKeys, reorderSections, reorderSmartArtNode, reorderSmartArtNodeToIndex, repairPptx, replaceShapeGeometry, replaceText, replaceTextInSlide, replaceWithCustomGeometry, resetCloneIdCounter, resetDecomposeCounter, resetIdCounter, resetSectionIdCounter, resetSmartArtEditCounter, resolveCoordinate, resolveCustomShowSlideIndices, resolveModel3DMimeType, resolveReferenceUriToPart, resolveTableCellStyle, rgbToHsl, selectAlternateContentBranch, serializeColorChoice, serializeCondition, serializeConditionList, serializeSvgPath, setChartCategories, setChartGrouping, setChartTitle, setChartType, shouldRenderFallbackLabel, shouldReturnToZoomSlide, subtractPolygons, subtractShapes, subtractSvgPaths, svgPathToPolygons, switchSmartArtLayout, toHex, toStrictNamespaceUri, unionPolygons, unionShapes, unionSvgPaths, unwrapAlternateContent, updateChartDataPoint, updateChartSeriesValues, updateSmartArtNodeText, validatePptx, verifyModifyPassword, verifyPassword, verifySignatureDigests, writeBodyPrBooleanAttrs };