umap-project 2.4.0b1__py3-none-any.whl → 2.4.1__py3-none-any.whl

umap/static/umap/map.css

@@ -678,7 +678,9 @@ ul.photon-autocomplete {
     font-style: italic;
 }
 .umap-slideshow-toolbox {
-    float: right;
+    position: absolute;
+    right: 0;
+    top: 0;
     display: none;
 }
 .umap-slideshow-enabled .umap-slideshow-toolbox {
@@ -690,9 +692,9 @@ ul.photon-autocomplete {
     font-size: 1.5em;
     background-color: #464646;
     color: #fff;
-    height: 46px;
-    width: 70px;
-    line-height: 46px;
+    width: calc(var(--footer-height) * 2);
+    height: var(--footer-height);
+    line-height: var(--footer-height);
     vertical-align: middle;
     text-align: center;
 }
@@ -704,24 +706,24 @@ ul.photon-autocomplete {
 }
 .umap-slideshow-active .umap-slideshow-toolbox .play,
 .umap-slideshow-toolbox .play {
-    width: 100px;
+    width: calc(var(--footer-height) * 3);
     text-align: left;
     padding-left: 20px;
 }
 .umap-slideshow-toolbox .play:after {
-    content: ' ▶';
+    content: '⏯︎';
 }
 .umap-slideshow-active .umap-slideshow-toolbox .play:after {
-    content: ' ❚❚';
+    content: '⏸︎';
 }
 .umap-slideshow-toolbox .stop:before {
-    content: '■';
+    content: '⏹';
 }
 .umap-slideshow-toolbox .next:before {
-    content: '➡';
+    content: '⏵︎';
 }
 .umap-slideshow-toolbox .prev:before {
-    content: '⬅';
+    content: '⏴︎';
 }
 .umap-slideshow-toolbox .play div {
     height: 20px;
@@ -1127,6 +1129,7 @@ a.umap-control-caption,
 }
 
 .umap-popup-footer {
+    position: relative;
     background-color: rgb(68, 68, 68);
     color: white;
     display: table;
@@ -1522,7 +1525,7 @@ span.popup-icon {
     z-index: 1001;
 }
 .leaflet-popup-content {
-    min-width: 100px;
+    min-width: 200px;
     line-height: inherit;
 }
 .leaflet-popup-content-wrapper, .leaflet-popup-tip {
@@ -1559,8 +1562,6 @@ span.popup-icon {
 }
 .umap-popup-container {
     flex-grow: 1;
-    word-break: break-word;
-    white-space: pre-line;
     margin-bottom: 10px;
 }
 .umap-popup-container ul {

umap/static/umap/unittests/utils.js

@@ -11,14 +11,14 @@ global.JSDOM = JSDOM
 describe('Utils', function () {
   describe('#toHTML()', function () {
     it('should handle title', function () {
-      assert.equal(Utils.toHTML('# A title'), '<h3>A title</h3>')
+      assert.equal(Utils.toHTML('# A title'), '<h4>A title</h4>')
     })
     it('should handle title followed by text', function () {
-      assert.equal(Utils.toHTML('# A title\nSome text.'), '<h3>A title</h3>Some text.')
+      assert.equal(Utils.toHTML('# A title\nSome text.'), '<h4>A title</h4>Some text.')
     })
 
     it('should handle title in the middle of the content', function () {
-      assert.equal(Utils.toHTML('A phrase\n## A title'), 'A phrase\n<h4>A title</h4>')
+      assert.equal(Utils.toHTML('A phrase\n## A title'), 'A phrase\n<h5>A title</h5>')
     })
 
     it('should handle hr', function () {
@@ -43,7 +43,7 @@ describe('Utils', function () {
     it('should handle simple link in title', function () {
       assert.equal(
         Utils.toHTML('# http://osm.org'),
-        '<h3><a href="http://osm.org" target="_blank">http://osm.org</a></h3>'
+        '<h4><a href="http://osm.org" target="_blank">http://osm.org</a></h4>'
       )
     })
 
@@ -180,7 +180,7 @@ describe('Utils', function () {
     it('title followed by bullet points', function () {
       assert.equal(
         Utils.toHTML('## Some title\n* First *point*\n* Second **point**\n* Last [[https://here.org|point]]'),
-        '<h4>Some title</h4><ul><li>First <em>point</em></li><li>Second <strong>point</strong></li><li>Last <a href="https://here.org" target="_blank">point</a></li></ul>'
+        '<h5>Some title</h5><ul><li>First <em>point</em></li><li>Second <strong>point</strong></li><li>Last <a href="https://here.org" target="_blank">point</a></li></ul>'
       )
     })
   })

umap/static/umap/vars.css

@@ -29,12 +29,13 @@
     --panel-width: 400px;
     --header-height: 46px;
     --current-header-height: 0px;
-    --footer-height: 28px;
+    --footer-height: 32px;
     --current-footer-height: 0px;
     --control-size: 36px;
     --border-radius: 4px;
     --box-padding: 20px;
     --box-margin: 14px;
+    --text-margin: 7px;
 }
 .dark {
     --background-color: var(--color-darkGray);

umap/static/umap/vendors/dompurify/purify.es.js

@@ -1,4 +1,4 @@
-/*! @license DOMPurify 3.1.5 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.1.5/LICENSE */
+/*! @license DOMPurify 3.1.3 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.1.3/LICENSE */
 
 const {
   entries,
@@ -48,6 +48,7 @@ const stringTrim = unapply(String.prototype.trim);
 const objectHasOwnProperty = unapply(Object.prototype.hasOwnProperty);
 const regExpTest = unapply(RegExp.prototype.test);
 const typeErrorCreate = unconstruct(TypeError);
+const numberIsNaN = unapply(Number.isNaN);
 
 /**
  * Creates a new function that calls the given function with a specified thisArg and arguments.
@@ -196,7 +197,7 @@ const mathMl$1 = freeze(['math', 'menclose', 'merror', 'mfenced', 'mfrac', 'mgly
 const mathMlDisallowed = freeze(['maction', 'maligngroup', 'malignmark', 'mlongdiv', 'mscarries', 'mscarry', 'msgroup', 'mstack', 'msline', 'msrow', 'semantics', 'annotation', 'annotation-xml', 'mprescripts', 'none']);
 const text = freeze(['#text']);
 
-const html = freeze(['accept', 'action', 'align', 'alt', 'autocapitalize', 'autocomplete', 'autopictureinpicture', 'autoplay', 'background', 'bgcolor', 'border', 'capture', 'cellpadding', 'cellspacing', 'checked', 'cite', 'class', 'clear', 'color', 'cols', 'colspan', 'controls', 'controlslist', 'coords', 'crossorigin', 'datetime', 'decoding', 'default', 'dir', 'disabled', 'disablepictureinpicture', 'disableremoteplayback', 'download', 'draggable', 'enctype', 'enterkeyhint', 'face', 'for', 'headers', 'height', 'hidden', 'high', 'href', 'hreflang', 'id', 'inputmode', 'integrity', 'ismap', 'kind', 'label', 'lang', 'list', 'loading', 'loop', 'low', 'max', 'maxlength', 'media', 'method', 'min', 'minlength', 'multiple', 'muted', 'name', 'nonce', 'noshade', 'novalidate', 'nowrap', 'open', 'optimum', 'pattern', 'placeholder', 'playsinline', 'popover', 'popovertarget', 'popovertargetaction', 'poster', 'preload', 'pubdate', 'radiogroup', 'readonly', 'rel', 'required', 'rev', 'reversed', 'role', 'rows', 'rowspan', 'spellcheck', 'scope', 'selected', 'shape', 'size', 'sizes', 'span', 'srclang', 'start', 'src', 'srcset', 'step', 'style', 'summary', 'tabindex', 'title', 'translate', 'type', 'usemap', 'valign', 'value', 'width', 'wrap', 'xmlns', 'slot']);
+const html = freeze(['accept', 'action', 'align', 'alt', 'autocapitalize', 'autocomplete', 'autopictureinpicture', 'autoplay', 'background', 'bgcolor', 'border', 'capture', 'cellpadding', 'cellspacing', 'checked', 'cite', 'class', 'clear', 'color', 'cols', 'colspan', 'controls', 'controlslist', 'coords', 'crossorigin', 'datetime', 'decoding', 'default', 'dir', 'disabled', 'disablepictureinpicture', 'disableremoteplayback', 'download', 'draggable', 'enctype', 'enterkeyhint', 'face', 'for', 'headers', 'height', 'hidden', 'high', 'href', 'hreflang', 'id', 'inputmode', 'integrity', 'ismap', 'kind', 'label', 'lang', 'list', 'loading', 'loop', 'low', 'max', 'maxlength', 'media', 'method', 'min', 'minlength', 'multiple', 'muted', 'name', 'nonce', 'noshade', 'novalidate', 'nowrap', 'open', 'optimum', 'pattern', 'placeholder', 'playsinline', 'poster', 'preload', 'pubdate', 'radiogroup', 'readonly', 'rel', 'required', 'rev', 'reversed', 'role', 'rows', 'rowspan', 'spellcheck', 'scope', 'selected', 'shape', 'size', 'sizes', 'span', 'srclang', 'start', 'src', 'srcset', 'step', 'style', 'summary', 'tabindex', 'title', 'translate', 'type', 'usemap', 'valign', 'value', 'width', 'wrap', 'xmlns', 'slot']);
 const svg = freeze(['accent-height', 'accumulate', 'additive', 'alignment-baseline', 'ascent', 'attributename', 'attributetype', 'azimuth', 'basefrequency', 'baseline-shift', 'begin', 'bias', 'by', 'class', 'clip', 'clippathunits', 'clip-path', 'clip-rule', 'color', 'color-interpolation', 'color-interpolation-filters', 'color-profile', 'color-rendering', 'cx', 'cy', 'd', 'dx', 'dy', 'diffuseconstant', 'direction', 'display', 'divisor', 'dur', 'edgemode', 'elevation', 'end', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'filterunits', 'flood-color', 'flood-opacity', 'font-family', 'font-size', 'font-size-adjust', 'font-stretch', 'font-style', 'font-variant', 'font-weight', 'fx', 'fy', 'g1', 'g2', 'glyph-name', 'glyphref', 'gradientunits', 'gradienttransform', 'height', 'href', 'id', 'image-rendering', 'in', 'in2', 'k', 'k1', 'k2', 'k3', 'k4', 'kerning', 'keypoints', 'keysplines', 'keytimes', 'lang', 'lengthadjust', 'letter-spacing', 'kernelmatrix', 'kernelunitlength', 'lighting-color', 'local', 'marker-end', 'marker-mid', 'marker-start', 'markerheight', 'markerunits', 'markerwidth', 'maskcontentunits', 'maskunits', 'max', 'mask', 'media', 'method', 'mode', 'min', 'name', 'numoctaves', 'offset', 'operator', 'opacity', 'order', 'orient', 'orientation', 'origin', 'overflow', 'paint-order', 'path', 'pathlength', 'patterncontentunits', 'patterntransform', 'patternunits', 'points', 'preservealpha', 'preserveaspectratio', 'primitiveunits', 'r', 'rx', 'ry', 'radius', 'refx', 'refy', 'repeatcount', 'repeatdur', 'restart', 'result', 'rotate', 'scale', 'seed', 'shape-rendering', 'specularconstant', 'specularexponent', 'spreadmethod', 'startoffset', 'stddeviation', 'stitchtiles', 'stop-color', 'stop-opacity', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke', 'stroke-width', 'style', 'surfacescale', 'systemlanguage', 'tabindex', 'targetx', 'targety', 'transform', 'transform-origin', 'text-anchor', 'text-decoration', 'text-rendering', 'textlength', 'type', 'u1', 'u2', 'unicode', 'values', 'viewbox', 'visibility', 'version', 'vert-adv-y', 'vert-origin-x', 'vert-origin-y', 'width', 'word-spacing', 'wrap', 'writing-mode', 'xchannelselector', 'ychannelselector', 'x', 'x1', 'x2', 'xmlns', 'y', 'y1', 'y2', 'z', 'zoomandpan']);
 const mathMl = freeze(['accent', 'accentunder', 'align', 'bevelled', 'close', 'columnsalign', 'columnlines', 'columnspan', 'denomalign', 'depth', 'dir', 'display', 'displaystyle', 'encoding', 'fence', 'frame', 'height', 'href', 'id', 'largeop', 'length', 'linethickness', 'lspace', 'lquote', 'mathbackground', 'mathcolor', 'mathsize', 'mathvariant', 'maxsize', 'minsize', 'movablelimits', 'notation', 'numalign', 'open', 'rowalign', 'rowlines', 'rowspacing', 'rowspan', 'rspace', 'rquote', 'scriptlevel', 'scriptminsize', 'scriptsizemultiplier', 'selection', 'separator', 'separators', 'stretchy', 'subscriptshift', 'supscriptshift', 'symmetric', 'voffset', 'width', 'xmlns']);
 const xml = freeze(['xlink:href', 'xml:id', 'xlink:title', 'xml:space', 'xmlns:xlink']);
@@ -300,7 +301,7 @@ function createDOMPurify() {
    * Version label, exposed for easier checks
    * if DOMPurify is up to date or not
    */
-  DOMPurify.version = '3.1.5';
+  DOMPurify.version = '3.1.3';
 
   /**
    * Array of elements that DOMPurify removed during sanitation.
@@ -533,6 +534,9 @@ function createDOMPurify() {
   /* Keep a reference to config to pass to hooks */
   let CONFIG = null;
 
+  /* Specify the maximum element nesting depth to prevent mXSS */
+  const MAX_NESTING_DEPTH = 255;
+
   /* Ideally, do not touch anything below this line */
   /* ______________________________________________ */
 
@@ -943,7 +947,11 @@ function createDOMPurify() {
    * @return {Boolean} true if clobbered, false if safe
    */
   const _isClobbered = function _isClobbered(elm) {
-    return elm instanceof HTMLFormElement && (typeof elm.nodeName !== 'string' || typeof elm.textContent !== 'string' || typeof elm.removeChild !== 'function' || !(elm.attributes instanceof NamedNodeMap) || typeof elm.removeAttribute !== 'function' || typeof elm.setAttribute !== 'function' || typeof elm.namespaceURI !== 'string' || typeof elm.insertBefore !== 'function' || typeof elm.hasChildNodes !== 'function');
+    return elm instanceof HTMLFormElement && (
+    // eslint-disable-next-line unicorn/no-typeof-undefined
+    typeof elm.__depth !== 'undefined' && typeof elm.__depth !== 'number' ||
+    // eslint-disable-next-line unicorn/no-typeof-undefined
+    typeof elm.__removalCount !== 'undefined' && typeof elm.__removalCount !== 'number' || typeof elm.nodeName !== 'string' || typeof elm.textContent !== 'string' || typeof elm.removeChild !== 'function' || !(elm.attributes instanceof NamedNodeMap) || typeof elm.removeAttribute !== 'function' || typeof elm.setAttribute !== 'function' || typeof elm.namespaceURI !== 'string' || typeof elm.insertBefore !== 'function' || typeof elm.hasChildNodes !== 'function');
   };
 
   /**
@@ -1094,7 +1102,7 @@ function createDOMPurify() {
   // eslint-disable-next-line complexity
   const _isValidAttribute = function _isValidAttribute(lcTag, lcName, value) {
     /* Make sure attribute cannot clobber */
-    if (SANITIZE_DOM && (lcName === 'id' || lcName === 'name') && (value in document || value in formElement)) {
+    if (SANITIZE_DOM && (lcName === 'id' || lcName === 'name') && (value in document || value in formElement || value === '__depth' || value === '__removalCount')) {
       return false;
     }
 
@@ -1285,9 +1293,32 @@ function createDOMPurify() {
       if (_sanitizeElements(shadowNode)) {
         continue;
       }
+      const parentNode = getParentNode(shadowNode);
+
+      /* Set the nesting depth of an element */
+      if (shadowNode.nodeType === NODE_TYPE.element) {
+        if (parentNode && parentNode.__depth) {
+          /*
+            We want the depth of the node in the original tree, which can
+            change when it's removed from its parent.
+          */
+          shadowNode.__depth = (shadowNode.__removalCount || 0) + parentNode.__depth + 1;
+        } else {
+          shadowNode.__depth = 1;
+        }
+      }
+
+      /*
+       * Remove an element if nested too deeply to avoid mXSS
+       * or if the __depth might have been tampered with
+       */
+      if (shadowNode.__depth >= MAX_NESTING_DEPTH || shadowNode.__depth < 0 || numberIsNaN(shadowNode.__depth)) {
+        _forceRemove(shadowNode);
+      }
 
       /* Deep shadow DOM detected */
       if (shadowNode.content instanceof DocumentFragment) {
+        shadowNode.content.__depth = shadowNode.__depth;
         _sanitizeShadowDOM(shadowNode.content);
       }
 
@@ -1403,9 +1434,32 @@ function createDOMPurify() {
       if (_sanitizeElements(currentNode)) {
         continue;
       }
+      const parentNode = getParentNode(currentNode);
+
+      /* Set the nesting depth of an element */
+      if (currentNode.nodeType === NODE_TYPE.element) {
+        if (parentNode && parentNode.__depth) {
+          /*
+            We want the depth of the node in the original tree, which can
+            change when it's removed from its parent.
+          */
+          currentNode.__depth = (currentNode.__removalCount || 0) + parentNode.__depth + 1;
+        } else {
+          currentNode.__depth = 1;
+        }
+      }
+
+      /*
+       * Remove an element if nested too deeply to avoid mXSS
+       * or if the __depth might have been tampered with
+       */
+      if (currentNode.__depth >= MAX_NESTING_DEPTH || currentNode.__depth < 0 || numberIsNaN(currentNode.__depth)) {
+        _forceRemove(currentNode);
+      }
 
       /* Shadow DOM detected, sanitize it */
       if (currentNode.content instanceof DocumentFragment) {
+        currentNode.content.__depth = currentNode.__depth;
         _sanitizeShadowDOM(currentNode.content);
       }