web-manager 3.2.63 → 3.2.65

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. package/lib/utilities.js +34 -29
  2. package/package.json +1 -1
package/lib/utilities.js CHANGED
@@ -76,17 +76,32 @@ Utilities.set = function (obj, path, value) {
76
76
  // https://dzone.com/articles/cross-browser-javascript-copy-and-paste
77
77
  // https://hackernoon.com/copying-text-to-clipboard-with-javascript-df4d4988697f
78
78
  Utilities.clipboardCopy = function (input) {
79
- var el = document.createElement('textarea');
80
- el.setAttribute('style','width:1px;border:0;opacity:0;');
81
- el.value = input && input.nodeType ? input.value || input.innerText || input.innerHTML : input;
82
- document.body.appendChild(el);
83
- el.select();
79
+ // Get the text from the input
80
+ var text = input && input.nodeType
81
+ ? input.value || input.innerText || input.innerHTML
82
+ : input;
83
+
84
+ // Try to use the modern clipboard API
84
85
  try {
85
- document.execCommand('copy');
86
+ navigator.clipboard.writeText(text);
86
87
  } catch (e) {
87
- alert('Please press Ctrl/Cmd+C to copy');
88
+ // Try creating a textarea and copying the text to it
89
+ var el = document.createElement('textarea');
90
+ el.setAttribute('style','width:1px;border:0;opacity:0;');
91
+ el.value = text;
92
+ document.body.appendChild(el);
93
+ el.select();
94
+
95
+ // Try to copy the text
96
+ try {
97
+ document.execCommand('copy');
98
+ } catch (e) {
99
+ alert('Please press Ctrl+C/Cmd+C to copy');
100
+ }
101
+
102
+ // Remove the textarea
103
+ document.body.removeChild(el);
88
104
  }
89
- document.body.removeChild(el);
90
105
  }
91
106
 
92
107
  // Escape HTML
@@ -108,29 +123,19 @@ Utilities.clipboardCopy = function (input) {
108
123
  Utilities.escapeHTML = function (str) {
109
124
  shadow = shadow || document.createElement('p');
110
125
  shadow.innerHTML = '';
126
+
127
+ // This automatically escapes HTML entities like <, >, &, etc.
111
128
  shadow.appendChild(document.createTextNode(str));
112
129
 
113
- return shadow.innerHTML
114
- .replaceAll('&', '&amp;')
115
- .replaceAll('<', '&lt;')
116
- .replaceAll('>', '&gt;')
117
- .replaceAll('"', '&quot;')
118
- .replaceAll('\'', '&#039;');
119
-
120
- // return shadow.innerHTML.replace(/[&<>"']/g, function (m) {
121
- // switch (m) {
122
- // case '&':
123
- // return '&amp;';
124
- // case '<':
125
- // return '&lt;';
126
- // case '>':
127
- // return '&gt;';
128
- // case '"':
129
- // return '&quot;';
130
- // case "'":
131
- // return '&#039;';
132
- // }
133
- // });
130
+ // This is needed to escape quotes to prevent attribute injection
131
+ return shadow.innerHTML.replace(/["']/g, function(m) {
132
+ switch (m) {
133
+ case '"':
134
+ return '&quot;';
135
+ default:
136
+ return '&#039;';
137
+ }
138
+ });
134
139
  }
135
140
 
136
141
  Utilities.getContext = function () {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "web-manager",
3
- "version": "3.2.63",
3
+ "version": "3.2.65",
4
4
  "description": "Easily access important variables such as the query string, current domain, and current page in a single object.",
5
5
  "main": "index.js",
6
6
  "scripts": {