2018-10-23 09:34:00 +02:00
|
|
|
/**
|
|
|
|
* CodeX Sanitizer
|
|
|
|
*
|
|
|
|
* @module Sanitizer
|
|
|
|
* Clears HTML from taint tags
|
|
|
|
*
|
|
|
|
* @version 2.0.0
|
|
|
|
*
|
|
|
|
* @example
|
|
|
|
* Module can be used within two ways:
|
|
|
|
* 1) When you have an instance
|
|
|
|
* - this.Editor.Sanitizer.clean(yourTaintString);
|
|
|
|
* 2) As static method
|
2019-02-28 12:01:32 +01:00
|
|
|
* - EditorJS.Sanitizer.clean(yourTaintString, yourCustomConfiguration);
|
2018-10-23 09:34:00 +02:00
|
|
|
*
|
|
|
|
* {@link SanitizerConfig}
|
|
|
|
*/
|
|
|
|
|
2018-11-23 17:11:50 +01:00
|
|
|
import Module from '../__module';
|
2019-11-30 21:42:39 +01:00
|
|
|
import * as _ from '../utils';
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @typedef {Object} SanitizerConfig
|
|
|
|
* @property {Object} tags - define tags restrictions
|
|
|
|
*
|
|
|
|
* @example
|
|
|
|
*
|
|
|
|
* tags : {
|
|
|
|
* p: true,
|
|
|
|
* a: {
|
|
|
|
* href: true,
|
|
|
|
* rel: "nofollow",
|
|
|
|
* target: "_blank"
|
|
|
|
* }
|
|
|
|
* }
|
|
|
|
*/
|
|
|
|
|
|
|
|
import HTMLJanitor from 'html-janitor';
|
2018-11-23 17:11:50 +01:00
|
|
|
import {BlockToolData, InlineToolConstructable, SanitizerConfig} from '../../../types';
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
export default class Sanitizer extends Module {
|
|
|
|
/**
|
|
|
|
* Memoize tools config
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private configCache: {[toolName: string]: SanitizerConfig} = {};
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Cached inline tools config
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private inlineToolsConfigCache: SanitizerConfig | null = null;
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Sanitize Blocks
|
|
|
|
*
|
|
|
|
* Enumerate blocks and clean data
|
|
|
|
*
|
2018-11-23 17:11:50 +01:00
|
|
|
* @param {{tool, data: BlockToolData}[]} blocksData[]
|
2018-10-23 09:34:00 +02:00
|
|
|
*/
|
|
|
|
public sanitizeBlocks(
|
2018-11-23 17:11:50 +01:00
|
|
|
blocksData: Array<{tool: string, data: BlockToolData}>,
|
|
|
|
): Array<{tool: string, data: BlockToolData}> {
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
return blocksData.map((block) => {
|
|
|
|
const toolConfig = this.composeToolConfig(block.tool);
|
|
|
|
|
2018-10-23 14:33:03 +02:00
|
|
|
if (_.isEmpty(toolConfig)) {
|
|
|
|
return block;
|
|
|
|
}
|
|
|
|
|
2018-10-23 09:34:00 +02:00
|
|
|
block.data = this.deepSanitize(block.data, toolConfig);
|
|
|
|
|
|
|
|
return block;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Method recursively reduces Block's data and cleans with passed rules
|
|
|
|
*
|
2018-11-23 17:11:50 +01:00
|
|
|
* @param {BlockToolData|object|*} dataToSanitize - taint string or object/array that contains taint string
|
|
|
|
* @param {SanitizerConfig} rules - object with sanitizer rules
|
2018-10-23 09:34:00 +02:00
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
public deepSanitize(dataToSanitize: any, rules: SanitizerConfig): any {
|
2018-10-23 09:34:00 +02:00
|
|
|
/**
|
|
|
|
* BlockData It may contain 3 types:
|
|
|
|
* - Array
|
|
|
|
* - Object
|
|
|
|
* - Primitive
|
|
|
|
*/
|
|
|
|
if (Array.isArray(dataToSanitize)) {
|
|
|
|
/**
|
|
|
|
* Array: call sanitize for each item
|
|
|
|
*/
|
|
|
|
return this.cleanArray(dataToSanitize, rules);
|
|
|
|
} else if (typeof dataToSanitize === 'object') {
|
|
|
|
/**
|
|
|
|
* Objects: just clean object deeper.
|
|
|
|
*/
|
|
|
|
return this.cleanObject(dataToSanitize, rules);
|
|
|
|
} else {
|
|
|
|
/**
|
|
|
|
* Primitives (number|string|boolean): clean this item
|
2018-11-09 18:15:49 +01:00
|
|
|
*
|
|
|
|
* Clean only strings
|
2018-10-23 09:34:00 +02:00
|
|
|
*/
|
2018-11-09 18:15:49 +01:00
|
|
|
if (typeof dataToSanitize === 'string') {
|
|
|
|
return this.cleanOneItem(dataToSanitize, rules);
|
|
|
|
}
|
|
|
|
return dataToSanitize;
|
2018-10-23 09:34:00 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Cleans string from unwanted tags
|
|
|
|
* Method allows to use default config
|
|
|
|
*
|
2018-11-09 18:15:49 +01:00
|
|
|
* @param {string} taintString - taint string
|
2018-10-23 09:34:00 +02:00
|
|
|
* @param {SanitizerConfig} customConfig - allowed tags
|
|
|
|
*
|
2018-11-09 18:15:49 +01:00
|
|
|
* @return {string} clean HTML
|
2018-10-23 09:34:00 +02:00
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
public clean(taintString: string, customConfig: SanitizerConfig = {} as SanitizerConfig): string {
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
const sanitizerConfig = {
|
|
|
|
tags: customConfig,
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* API client can use custom config to manage sanitize process
|
|
|
|
*/
|
|
|
|
const sanitizerInstance = this.createHTMLJanitorInstance(sanitizerConfig);
|
|
|
|
return sanitizerInstance.clean(taintString);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Merge with inline tool config
|
|
|
|
*
|
|
|
|
* @param {string} toolName
|
2018-11-23 17:11:50 +01:00
|
|
|
* @param {SanitizerConfig} toolRules
|
|
|
|
* @return {SanitizerConfig}
|
2018-10-23 09:34:00 +02:00
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
public composeToolConfig(toolName: string): SanitizerConfig {
|
2018-10-23 09:34:00 +02:00
|
|
|
/**
|
|
|
|
* If cache is empty, then compose tool config and put it to the cache object
|
|
|
|
*/
|
|
|
|
if (this.configCache[toolName]) {
|
|
|
|
return this.configCache[toolName];
|
|
|
|
}
|
|
|
|
|
2019-09-09 12:03:18 +02:00
|
|
|
const sanitizeGetter = this.Editor.Tools.INTERNAL_SETTINGS.SANITIZE_CONFIG;
|
2018-10-23 09:34:00 +02:00
|
|
|
const toolClass = this.Editor.Tools.available[toolName];
|
2018-10-23 14:33:03 +02:00
|
|
|
const baseConfig = this.getInlineToolsConfig(toolName);
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* If Tools doesn't provide sanitizer config or it is empty
|
|
|
|
*/
|
|
|
|
if (!toolClass.sanitize || (toolClass[sanitizeGetter] && _.isEmpty(toolClass[sanitizeGetter]))) {
|
2018-10-23 14:33:03 +02:00
|
|
|
return baseConfig;
|
2018-10-23 09:34:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
const toolRules = toolClass.sanitize;
|
|
|
|
|
2018-11-23 17:11:50 +01:00
|
|
|
const toolConfig = {} as SanitizerConfig;
|
2018-10-23 09:34:00 +02:00
|
|
|
for (const fieldName in toolRules) {
|
|
|
|
if (toolRules.hasOwnProperty(fieldName)) {
|
|
|
|
const rule = toolRules[fieldName];
|
|
|
|
if (typeof rule === 'object') {
|
|
|
|
toolConfig[fieldName] = Object.assign({}, baseConfig, rule);
|
|
|
|
} else {
|
|
|
|
toolConfig[fieldName] = rule;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
this.configCache[toolName] = toolConfig;
|
|
|
|
|
|
|
|
return toolConfig;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns Sanitizer config
|
|
|
|
* When Tool's "inlineToolbar" value is True, get all sanitizer rules from all tools,
|
|
|
|
* otherwise get only enabled
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
public getInlineToolsConfig(name: string): SanitizerConfig {
|
2018-10-23 09:34:00 +02:00
|
|
|
const {Tools} = this.Editor;
|
2018-11-30 19:57:30 +01:00
|
|
|
const toolsConfig = Tools.getToolSettings(name);
|
|
|
|
const enableInlineTools = toolsConfig.inlineToolbar || [];
|
2018-10-23 09:34:00 +02:00
|
|
|
|
2018-11-23 17:11:50 +01:00
|
|
|
let config = {} as SanitizerConfig;
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
if (typeof enableInlineTools === 'boolean' && enableInlineTools) {
|
|
|
|
/**
|
|
|
|
* getting all tools sanitizer rule
|
|
|
|
*/
|
|
|
|
config = this.getAllInlineToolsConfig();
|
|
|
|
} else {
|
|
|
|
/**
|
|
|
|
* getting only enabled
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
(enableInlineTools as string[]).map( (inlineToolName) => {
|
|
|
|
config = Object.assign(
|
|
|
|
config,
|
2019-09-09 12:03:18 +02:00
|
|
|
Tools.inline[inlineToolName][Tools.INTERNAL_SETTINGS.SANITIZE_CONFIG],
|
2018-11-23 17:11:50 +01:00
|
|
|
) as SanitizerConfig;
|
2018-10-23 09:34:00 +02:00
|
|
|
});
|
|
|
|
}
|
|
|
|
|
Release/2.17 (#1063)
* 2.16.0
* [Refactor] Separate internal and external settings (#845)
* Enable flipping tools via standalone class (#830)
* Enable flipping tools via standalone class
* use flipper to refactor (#842)
* use flipper to refactor
* save changes
* update
* fix flipper on inline toolbar
* ready for testing
* requested changes
* update doc
* updates
* destroy flippers
* some requested changes
* update
* update
* ready
* update
* last changes
* update docs
* Hghl active button of CT, simplify activate/deactivate
* separate dom iterator
* unhardcode directions
* fixed a link in readme.md (#856)
* Fix Block selection via CMD+A (#829)
* Fix Block selection via CMD+A
* Delete editor.js.map
* update
* update
* Update CHANGELOG.md
* Improve style of selected blocks (#858)
* Cross-block-selection style improved
* Update CHANGELOG.md
* Fix case when property 'observer' in modificationObserver is not defined (#866)
* Bump lodash.template from 4.4.0 to 4.5.0 (#885)
Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.4.0...4.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump eslint-utils from 1.3.1 to 1.4.2 (#886)
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2.
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump mixin-deep from 1.3.1 to 1.3.2 (#887)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
* update bundle and readme
* Update README.md
* upd codeowners, fix funding
* Minor Docs Fix according to main Readme (#916)
* Inline Toolbar now contains Conversion Toolbar (#932)
* Block lifecycle hooks (#906)
* [Fix] Arrow selection (#964)
* Fix arrow selection
* Add docs
* [issue-926]: fix dom iterator leafing when items are empty (#958)
* [issue-926]: fix dom iterator leafing when items are empty
* update Changelog
* Issue 869 (#963)
* Fix issue 943 (#965)
* [Draft] Feature/tooltip enhancements (#907)
* initial
* update
* make module standalone
* use tooltips as external module
* update
* build via prod mode
* add tooltips as external module
* add declaration file and options param
* add api tooltip
* update
* removed submodule
* removed due to the incorrect setip
* setup tooltips again
* wip
* update tooltip module
* toolbox, inline toolbar
* Tooltips in block tunes not uses shorthand
* shorthand in a plus and block settings
* fix doc
* Update tools-inline.md
* Delete tooltip.css
* Update CHANGELOG.md
* Update codex.tooltips
* Update api.md
* [issue-779]: Grammarly conflicts (#956)
* grammarly conflicts
* update
* upd bundle
* Submodule Header now on master
* Submodule Marker now on master
* Submodule Paragraph now on master
* Submodule InlineCode now on master
* Submodule Simple Image now on master
* [issue-868]: Deleting multiple blocks triggers back button in Firefox (#967)
* Deleting multiple blocks triggers back button in Firefox
@evgenusov
* Update editor.js
* Update CHANGELOG.md
* pass options on removeEventListener (#904)
* pass options on removeEventListener by removeAll
* rebuild
* Merge branch 'release/2.16' into pr/904
* Update CHANGELOG.md
* Update inline.ts
* [Fix] Selection rangecount (#968)
* Fix #952 (#969)
* Update codex.tooltips
* Selection bugfix (#970)
* Selection bugfix
* fix cross block selection
* close inline toolbar when blocks selected via shift
* remove inline toolbar closing on cross block selection mouse up due to the bug (#972)
* [Feature] Log levels (#971)
* Decrease margins (#973)
* Decrease margins
* Update editor.licenses.txt
* Update src/components/domIterator.ts
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* [Fix] Fix delete blocks api method (#974)
* Update docs/usage.md
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* rm unused
* Update yarn.lock file
* upd bundle, changelog
* Resolve Firefox issues (#981)
* Resolve Firefox issues
* use firefox hack only for empty c-e divs
* Set initial hidden Inline Toolbar position (#982)
Resolves #979
* [Fix] tooltip types (#986)
* Add tooltip as a package
* Fix to set minHeight 0px (#987)
* Release 2.16 (#966)
* 2.16.0
* [Refactor] Separate internal and external settings (#845)
* Enable flipping tools via standalone class (#830)
* Enable flipping tools via standalone class
* use flipper to refactor (#842)
* use flipper to refactor
* save changes
* update
* fix flipper on inline toolbar
* ready for testing
* requested changes
* update doc
* updates
* destroy flippers
* some requested changes
* update
* update
* ready
* update
* last changes
* update docs
* Hghl active button of CT, simplify activate/deactivate
* separate dom iterator
* unhardcode directions
* fixed a link in readme.md (#856)
* Fix Block selection via CMD+A (#829)
* Fix Block selection via CMD+A
* Delete editor.js.map
* update
* update
* Update CHANGELOG.md
* Improve style of selected blocks (#858)
* Cross-block-selection style improved
* Update CHANGELOG.md
* Fix case when property 'observer' in modificationObserver is not defined (#866)
* Bump lodash.template from 4.4.0 to 4.5.0 (#885)
Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.4.0...4.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump eslint-utils from 1.3.1 to 1.4.2 (#886)
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2.
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump mixin-deep from 1.3.1 to 1.3.2 (#887)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
* update bundle and readme
* Update README.md
* upd codeowners, fix funding
* Minor Docs Fix according to main Readme (#916)
* Inline Toolbar now contains Conversion Toolbar (#932)
* Block lifecycle hooks (#906)
* [Fix] Arrow selection (#964)
* Fix arrow selection
* Add docs
* [issue-926]: fix dom iterator leafing when items are empty (#958)
* [issue-926]: fix dom iterator leafing when items are empty
* update Changelog
* Issue 869 (#963)
* Fix issue 943 (#965)
* [Draft] Feature/tooltip enhancements (#907)
* initial
* update
* make module standalone
* use tooltips as external module
* update
* build via prod mode
* add tooltips as external module
* add declaration file and options param
* add api tooltip
* update
* removed submodule
* removed due to the incorrect setip
* setup tooltips again
* wip
* update tooltip module
* toolbox, inline toolbar
* Tooltips in block tunes not uses shorthand
* shorthand in a plus and block settings
* fix doc
* Update tools-inline.md
* Delete tooltip.css
* Update CHANGELOG.md
* Update codex.tooltips
* Update api.md
* [issue-779]: Grammarly conflicts (#956)
* grammarly conflicts
* update
* upd bundle
* Submodule Header now on master
* Submodule Marker now on master
* Submodule Paragraph now on master
* Submodule InlineCode now on master
* Submodule Simple Image now on master
* [issue-868]: Deleting multiple blocks triggers back button in Firefox (#967)
* Deleting multiple blocks triggers back button in Firefox
@evgenusov
* Update editor.js
* Update CHANGELOG.md
* pass options on removeEventListener (#904)
* pass options on removeEventListener by removeAll
* rebuild
* Merge branch 'release/2.16' into pr/904
* Update CHANGELOG.md
* Update inline.ts
* [Fix] Selection rangecount (#968)
* Fix #952 (#969)
* Update codex.tooltips
* Selection bugfix (#970)
* Selection bugfix
* fix cross block selection
* close inline toolbar when blocks selected via shift
* remove inline toolbar closing on cross block selection mouse up due to the bug (#972)
* [Feature] Log levels (#971)
* Decrease margins (#973)
* Decrease margins
* Update editor.licenses.txt
* Update src/components/domIterator.ts
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* [Fix] Fix delete blocks api method (#974)
* Update docs/usage.md
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* rm unused
* Update yarn.lock file
* upd bundle, changelog
* Fix changeling list items (#975)
* Update changelog (#976)
* Fix to set minHeight 0px
* upd version
* Update CHANGELOG.md
* upd bundle
* [Fix] Selection issues (#988)
* [Dev] Update dependencies (#989)
* Delete codex.tooltips
* Update submodules
* Fix/hide conversion toolbar (#991)
* Hide conversion toolbar if there is no conversion tool
* update changelog
* update comment
* updates
* improve code
* Update Changelog
* Update CHANGELOG.md
* fix some problems at example
* Update CHANGELOG.md
* Fix: bind editor when calling onChange (#1048)
* Release/2.16.1 (#990)
* 2.16.0
* [Refactor] Separate internal and external settings (#845)
* Enable flipping tools via standalone class (#830)
* Enable flipping tools via standalone class
* use flipper to refactor (#842)
* use flipper to refactor
* save changes
* update
* fix flipper on inline toolbar
* ready for testing
* requested changes
* update doc
* updates
* destroy flippers
* some requested changes
* update
* update
* ready
* update
* last changes
* update docs
* Hghl active button of CT, simplify activate/deactivate
* separate dom iterator
* unhardcode directions
* fixed a link in readme.md (#856)
* Fix Block selection via CMD+A (#829)
* Fix Block selection via CMD+A
* Delete editor.js.map
* update
* update
* Update CHANGELOG.md
* Improve style of selected blocks (#858)
* Cross-block-selection style improved
* Update CHANGELOG.md
* Fix case when property 'observer' in modificationObserver is not defined (#866)
* Bump lodash.template from 4.4.0 to 4.5.0 (#885)
Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.4.0...4.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump eslint-utils from 1.3.1 to 1.4.2 (#886)
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2.
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump mixin-deep from 1.3.1 to 1.3.2 (#887)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
* update bundle and readme
* Update README.md
* upd codeowners, fix funding
* Minor Docs Fix according to main Readme (#916)
* Inline Toolbar now contains Conversion Toolbar (#932)
* Block lifecycle hooks (#906)
* [Fix] Arrow selection (#964)
* Fix arrow selection
* Add docs
* [issue-926]: fix dom iterator leafing when items are empty (#958)
* [issue-926]: fix dom iterator leafing when items are empty
* update Changelog
* Issue 869 (#963)
* Fix issue 943 (#965)
* [Draft] Feature/tooltip enhancements (#907)
* initial
* update
* make module standalone
* use tooltips as external module
* update
* build via prod mode
* add tooltips as external module
* add declaration file and options param
* add api tooltip
* update
* removed submodule
* removed due to the incorrect setip
* setup tooltips again
* wip
* update tooltip module
* toolbox, inline toolbar
* Tooltips in block tunes not uses shorthand
* shorthand in a plus and block settings
* fix doc
* Update tools-inline.md
* Delete tooltip.css
* Update CHANGELOG.md
* Update codex.tooltips
* Update api.md
* [issue-779]: Grammarly conflicts (#956)
* grammarly conflicts
* update
* upd bundle
* Submodule Header now on master
* Submodule Marker now on master
* Submodule Paragraph now on master
* Submodule InlineCode now on master
* Submodule Simple Image now on master
* [issue-868]: Deleting multiple blocks triggers back button in Firefox (#967)
* Deleting multiple blocks triggers back button in Firefox
@evgenusov
* Update editor.js
* Update CHANGELOG.md
* pass options on removeEventListener (#904)
* pass options on removeEventListener by removeAll
* rebuild
* Merge branch 'release/2.16' into pr/904
* Update CHANGELOG.md
* Update inline.ts
* [Fix] Selection rangecount (#968)
* Fix #952 (#969)
* Update codex.tooltips
* Selection bugfix (#970)
* Selection bugfix
* fix cross block selection
* close inline toolbar when blocks selected via shift
* remove inline toolbar closing on cross block selection mouse up due to the bug (#972)
* [Feature] Log levels (#971)
* Decrease margins (#973)
* Decrease margins
* Update editor.licenses.txt
* Update src/components/domIterator.ts
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* [Fix] Fix delete blocks api method (#974)
* Update docs/usage.md
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* rm unused
* Update yarn.lock file
* upd bundle, changelog
* Resolve Firefox issues (#981)
* Resolve Firefox issues
* use firefox hack only for empty c-e divs
* Set initial hidden Inline Toolbar position (#982)
Resolves #979
* [Fix] tooltip types (#986)
* Add tooltip as a package
* Fix to set minHeight 0px (#987)
* Release 2.16 (#966)
* 2.16.0
* [Refactor] Separate internal and external settings (#845)
* Enable flipping tools via standalone class (#830)
* Enable flipping tools via standalone class
* use flipper to refactor (#842)
* use flipper to refactor
* save changes
* update
* fix flipper on inline toolbar
* ready for testing
* requested changes
* update doc
* updates
* destroy flippers
* some requested changes
* update
* update
* ready
* update
* last changes
* update docs
* Hghl active button of CT, simplify activate/deactivate
* separate dom iterator
* unhardcode directions
* fixed a link in readme.md (#856)
* Fix Block selection via CMD+A (#829)
* Fix Block selection via CMD+A
* Delete editor.js.map
* update
* update
* Update CHANGELOG.md
* Improve style of selected blocks (#858)
* Cross-block-selection style improved
* Update CHANGELOG.md
* Fix case when property 'observer' in modificationObserver is not defined (#866)
* Bump lodash.template from 4.4.0 to 4.5.0 (#885)
Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.4.0...4.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump eslint-utils from 1.3.1 to 1.4.2 (#886)
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2.
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump mixin-deep from 1.3.1 to 1.3.2 (#887)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
* update bundle and readme
* Update README.md
* upd codeowners, fix funding
* Minor Docs Fix according to main Readme (#916)
* Inline Toolbar now contains Conversion Toolbar (#932)
* Block lifecycle hooks (#906)
* [Fix] Arrow selection (#964)
* Fix arrow selection
* Add docs
* [issue-926]: fix dom iterator leafing when items are empty (#958)
* [issue-926]: fix dom iterator leafing when items are empty
* update Changelog
* Issue 869 (#963)
* Fix issue 943 (#965)
* [Draft] Feature/tooltip enhancements (#907)
* initial
* update
* make module standalone
* use tooltips as external module
* update
* build via prod mode
* add tooltips as external module
* add declaration file and options param
* add api tooltip
* update
* removed submodule
* removed due to the incorrect setip
* setup tooltips again
* wip
* update tooltip module
* toolbox, inline toolbar
* Tooltips in block tunes not uses shorthand
* shorthand in a plus and block settings
* fix doc
* Update tools-inline.md
* Delete tooltip.css
* Update CHANGELOG.md
* Update codex.tooltips
* Update api.md
* [issue-779]: Grammarly conflicts (#956)
* grammarly conflicts
* update
* upd bundle
* Submodule Header now on master
* Submodule Marker now on master
* Submodule Paragraph now on master
* Submodule InlineCode now on master
* Submodule Simple Image now on master
* [issue-868]: Deleting multiple blocks triggers back button in Firefox (#967)
* Deleting multiple blocks triggers back button in Firefox
@evgenusov
* Update editor.js
* Update CHANGELOG.md
* pass options on removeEventListener (#904)
* pass options on removeEventListener by removeAll
* rebuild
* Merge branch 'release/2.16' into pr/904
* Update CHANGELOG.md
* Update inline.ts
* [Fix] Selection rangecount (#968)
* Fix #952 (#969)
* Update codex.tooltips
* Selection bugfix (#970)
* Selection bugfix
* fix cross block selection
* close inline toolbar when blocks selected via shift
* remove inline toolbar closing on cross block selection mouse up due to the bug (#972)
* [Feature] Log levels (#971)
* Decrease margins (#973)
* Decrease margins
* Update editor.licenses.txt
* Update src/components/domIterator.ts
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* [Fix] Fix delete blocks api method (#974)
* Update docs/usage.md
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* rm unused
* Update yarn.lock file
* upd bundle, changelog
* Fix changeling list items (#975)
* Update changelog (#976)
* Fix to set minHeight 0px
* upd version
* Update CHANGELOG.md
* upd bundle
* [Fix] Selection issues (#988)
* [Dev] Update dependencies (#989)
* Delete codex.tooltips
* Update submodules
* Fix/hide conversion toolbar (#991)
* Hide conversion toolbar if there is no conversion tool
* update changelog
* update comment
* updates
* improve code
* Update Changelog
* Update CHANGELOG.md
* Update CHANGELOG.md
* Fix: bind editor when calling onChange
fixes #999
* send api as a parameter
* upd bundle
* Update CHANGELOG.md
Co-authored-by: Peter Savchenko <specc.dev@gmail.com>
* updated some wording. (#1044)
* Release/2.16.1 (#990)
* 2.16.0
* [Refactor] Separate internal and external settings (#845)
* Enable flipping tools via standalone class (#830)
* Enable flipping tools via standalone class
* use flipper to refactor (#842)
* use flipper to refactor
* save changes
* update
* fix flipper on inline toolbar
* ready for testing
* requested changes
* update doc
* updates
* destroy flippers
* some requested changes
* update
* update
* ready
* update
* last changes
* update docs
* Hghl active button of CT, simplify activate/deactivate
* separate dom iterator
* unhardcode directions
* fixed a link in readme.md (#856)
* Fix Block selection via CMD+A (#829)
* Fix Block selection via CMD+A
* Delete editor.js.map
* update
* update
* Update CHANGELOG.md
* Improve style of selected blocks (#858)
* Cross-block-selection style improved
* Update CHANGELOG.md
* Fix case when property 'observer' in modificationObserver is not defined (#866)
* Bump lodash.template from 4.4.0 to 4.5.0 (#885)
Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.4.0...4.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump eslint-utils from 1.3.1 to 1.4.2 (#886)
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2.
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump mixin-deep from 1.3.1 to 1.3.2 (#887)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
* update bundle and readme
* Update README.md
* upd codeowners, fix funding
* Minor Docs Fix according to main Readme (#916)
* Inline Toolbar now contains Conversion Toolbar (#932)
* Block lifecycle hooks (#906)
* [Fix] Arrow selection (#964)
* Fix arrow selection
* Add docs
* [issue-926]: fix dom iterator leafing when items are empty (#958)
* [issue-926]: fix dom iterator leafing when items are empty
* update Changelog
* Issue 869 (#963)
* Fix issue 943 (#965)
* [Draft] Feature/tooltip enhancements (#907)
* initial
* update
* make module standalone
* use tooltips as external module
* update
* build via prod mode
* add tooltips as external module
* add declaration file and options param
* add api tooltip
* update
* removed submodule
* removed due to the incorrect setip
* setup tooltips again
* wip
* update tooltip module
* toolbox, inline toolbar
* Tooltips in block tunes not uses shorthand
* shorthand in a plus and block settings
* fix doc
* Update tools-inline.md
* Delete tooltip.css
* Update CHANGELOG.md
* Update codex.tooltips
* Update api.md
* [issue-779]: Grammarly conflicts (#956)
* grammarly conflicts
* update
* upd bundle
* Submodule Header now on master
* Submodule Marker now on master
* Submodule Paragraph now on master
* Submodule InlineCode now on master
* Submodule Simple Image now on master
* [issue-868]: Deleting multiple blocks triggers back button in Firefox (#967)
* Deleting multiple blocks triggers back button in Firefox
@evgenusov
* Update editor.js
* Update CHANGELOG.md
* pass options on removeEventListener (#904)
* pass options on removeEventListener by removeAll
* rebuild
* Merge branch 'release/2.16' into pr/904
* Update CHANGELOG.md
* Update inline.ts
* [Fix] Selection rangecount (#968)
* Fix #952 (#969)
* Update codex.tooltips
* Selection bugfix (#970)
* Selection bugfix
* fix cross block selection
* close inline toolbar when blocks selected via shift
* remove inline toolbar closing on cross block selection mouse up due to the bug (#972)
* [Feature] Log levels (#971)
* Decrease margins (#973)
* Decrease margins
* Update editor.licenses.txt
* Update src/components/domIterator.ts
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* [Fix] Fix delete blocks api method (#974)
* Update docs/usage.md
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* rm unused
* Update yarn.lock file
* upd bundle, changelog
* Resolve Firefox issues (#981)
* Resolve Firefox issues
* use firefox hack only for empty c-e divs
* Set initial hidden Inline Toolbar position (#982)
Resolves #979
* [Fix] tooltip types (#986)
* Add tooltip as a package
* Fix to set minHeight 0px (#987)
* Release 2.16 (#966)
* 2.16.0
* [Refactor] Separate internal and external settings (#845)
* Enable flipping tools via standalone class (#830)
* Enable flipping tools via standalone class
* use flipper to refactor (#842)
* use flipper to refactor
* save changes
* update
* fix flipper on inline toolbar
* ready for testing
* requested changes
* update doc
* updates
* destroy flippers
* some requested changes
* update
* update
* ready
* update
* last changes
* update docs
* Hghl active button of CT, simplify activate/deactivate
* separate dom iterator
* unhardcode directions
* fixed a link in readme.md (#856)
* Fix Block selection via CMD+A (#829)
* Fix Block selection via CMD+A
* Delete editor.js.map
* update
* update
* Update CHANGELOG.md
* Improve style of selected blocks (#858)
* Cross-block-selection style improved
* Update CHANGELOG.md
* Fix case when property 'observer' in modificationObserver is not defined (#866)
* Bump lodash.template from 4.4.0 to 4.5.0 (#885)
Bumps [lodash.template](https://github.com/lodash/lodash) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.4.0...4.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump eslint-utils from 1.3.1 to 1.4.2 (#886)
Bumps [eslint-utils](https://github.com/mysticatea/eslint-utils) from 1.3.1 to 1.4.2.
- [Release notes](https://github.com/mysticatea/eslint-utils/releases)
- [Commits](https://github.com/mysticatea/eslint-utils/compare/v1.3.1...v1.4.2)
Signed-off-by: dependabot[bot] <support@github.com>
* Bump mixin-deep from 1.3.1 to 1.3.2 (#887)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
Signed-off-by: dependabot[bot] <support@github.com>
* update bundle and readme
* Update README.md
* upd codeowners, fix funding
* Minor Docs Fix according to main Readme (#916)
* Inline Toolbar now contains Conversion Toolbar (#932)
* Block lifecycle hooks (#906)
* [Fix] Arrow selection (#964)
* Fix arrow selection
* Add docs
* [issue-926]: fix dom iterator leafing when items are empty (#958)
* [issue-926]: fix dom iterator leafing when items are empty
* update Changelog
* Issue 869 (#963)
* Fix issue 943 (#965)
* [Draft] Feature/tooltip enhancements (#907)
* initial
* update
* make module standalone
* use tooltips as external module
* update
* build via prod mode
* add tooltips as external module
* add declaration file and options param
* add api tooltip
* update
* removed submodule
* removed due to the incorrect setip
* setup tooltips again
* wip
* update tooltip module
* toolbox, inline toolbar
* Tooltips in block tunes not uses shorthand
* shorthand in a plus and block settings
* fix doc
* Update tools-inline.md
* Delete tooltip.css
* Update CHANGELOG.md
* Update codex.tooltips
* Update api.md
* [issue-779]: Grammarly conflicts (#956)
* grammarly conflicts
* update
* upd bundle
* Submodule Header now on master
* Submodule Marker now on master
* Submodule Paragraph now on master
* Submodule InlineCode now on master
* Submodule Simple Image now on master
* [issue-868]: Deleting multiple blocks triggers back button in Firefox (#967)
* Deleting multiple blocks triggers back button in Firefox
@evgenusov
* Update editor.js
* Update CHANGELOG.md
* pass options on removeEventListener (#904)
* pass options on removeEventListener by removeAll
* rebuild
* Merge branch 'release/2.16' into pr/904
* Update CHANGELOG.md
* Update inline.ts
* [Fix] Selection rangecount (#968)
* Fix #952 (#969)
* Update codex.tooltips
* Selection bugfix (#970)
* Selection bugfix
* fix cross block selection
* close inline toolbar when blocks selected via shift
* remove inline toolbar closing on cross block selection mouse up due to the bug (#972)
* [Feature] Log levels (#971)
* Decrease margins (#973)
* Decrease margins
* Update editor.licenses.txt
* Update src/components/domIterator.ts
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* [Fix] Fix delete blocks api method (#974)
* Update docs/usage.md
Co-Authored-By: Murod Khaydarov <murod.haydarov@gmail.com>
* rm unused
* Update yarn.lock file
* upd bundle, changelog
* Fix changeling list items (#975)
* Update changelog (#976)
* Fix to set minHeight 0px
* upd version
* Update CHANGELOG.md
* upd bundle
* [Fix] Selection issues (#988)
* [Dev] Update dependencies (#989)
* Delete codex.tooltips
* Update submodules
* Fix/hide conversion toolbar (#991)
* Hide conversion toolbar if there is no conversion tool
* update changelog
* update comment
* updates
* improve code
* Update Changelog
* Update CHANGELOG.md
* Update CHANGELOG.md
* updated some wording.
* Update installation.md
* Update CHANGELOG.md
Co-authored-by: Peter Savchenko <specc.dev@gmail.com>
* Fix grammar in readme.md (#1008)
* Update editor.js
* Paste listener on editors instead of document (#1025)
* Paste listener on editors instead of document
* add changelog
Co-authored-by: Peter Savchenko <specc.dev@gmail.com>
* Bump acorn from 6.4.0 to 6.4.1 (#1059)
Bumps [acorn](https://github.com/acornjs/acorn) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/6.4.0...6.4.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Fix flipper activate/deactivate when conversionToolbarOpened (#1001)
* Fix flipper activate/deactivate when conversionToolbarOpened
* fix bug with flipping inline toolbar
* update changelog
* added comment for new condition
* upd bundle
Co-authored-by: Murod Khaydarov <murod.haydarov@gmail.com>
Co-authored-by: Peter Savchenko <specc.dev@gmail.com>
* [Issue-1057]: open new window by clicking anchor with ctrl (#1062)
* open new window when anchor clicked with ctrl
* delete source maps
* update function name
* update
* update changelog
* Fix settings box-sizing (#1013)
* Improvements: new Block Settings button style (#1064)
* [Feature] In-house copy paste (#1060)
* New block lifecycle hook and BlockToolAPI: "moved" (#1007)
* Update CHANGELOG.md
* feat: add swapped lifecycle hook
* feat: deprecate swap and add move instead
* feat: set fromIndex by default, add MoveEvent, add indices checks in blockManager
* refactor: MoveEvent interface more event-like; docs: added docs for MoveEvent
* fix asterix alignment due to tslint error
* fix tslint
* extending CustomEvent
* update bundle
* Update CHANGELOG.md
Co-authored-by: Peter Savchenko <specc.dev@gmail.com>
Co-authored-by: Murod Khaydarov <murod.haydarov@gmail.com>
* Change paste function of text/plain (#1014)
Co-authored-by: Georgy Berezhnoy <gohabereg@gmail.com>
* Improve paste function of multiple lines (#1016)
Co-authored-by: Georgy Berezhnoy <gohabereg@gmail.com>
* 2.17.0
* Update bundle
Co-authored-by: georgyb <yegor.berezhnoi@3d4medical.com>
Co-authored-by: George Berezhnoy <gohabereg@users.noreply.github.com>
Co-authored-by: Christof Jans <christof@loopfx.com>
Co-authored-by: Peter Savchenko <specc.dev@gmail.com>
Co-authored-by: VladimirZhdanov <vlzh@pm.me>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chaitanya <yourchaitu@gmail.com>
Co-authored-by: Marina <marina.zadoyanchuk@gmail.com>
Co-authored-by: Hata <hato6502@gmail.com>
Co-authored-by: Mohamed El Bahja <mohamed.jss11@gmail.Com>
Co-authored-by: Danny Rubio <drbe4t@gmail.com>
Co-authored-by: darrelfrancis <20881844+darrelfrancis@users.noreply.github.com>
Co-authored-by: Emmanuel Francis Ramos Jr <ponnex@gmail.com>
Co-authored-by: Andrey Blinov <andrey.blinoff@gmail.com>
Co-authored-by: Stefan Natter <stefan@natter.at>
Co-authored-by: Georgy Berezhnoy <gohabereg@gmail.com>
2020-03-14 21:47:04 +01:00
|
|
|
/**
|
|
|
|
* Allow linebreaks
|
|
|
|
*/
|
|
|
|
config['br'] = true;
|
|
|
|
config['wbr'] = true;
|
|
|
|
|
2018-10-23 09:34:00 +02:00
|
|
|
return config;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return general config for all inline tools
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
public getAllInlineToolsConfig(): SanitizerConfig {
|
2018-10-23 09:34:00 +02:00
|
|
|
const {Tools} = this.Editor;
|
|
|
|
|
|
|
|
if (this.inlineToolsConfigCache) {
|
|
|
|
return this.inlineToolsConfigCache;
|
|
|
|
}
|
|
|
|
|
2018-11-23 17:11:50 +01:00
|
|
|
const config: SanitizerConfig = {} as SanitizerConfig;
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
Object.entries(Tools.inline)
|
2018-11-23 17:11:50 +01:00
|
|
|
.forEach( ([name, inlineTool]: [string, InlineToolConstructable]) => {
|
2019-09-09 12:03:18 +02:00
|
|
|
Object.assign(config, inlineTool[Tools.INTERNAL_SETTINGS.SANITIZE_CONFIG]);
|
2018-11-23 17:11:50 +01:00
|
|
|
});
|
2018-10-23 09:34:00 +02:00
|
|
|
|
|
|
|
this.inlineToolsConfigCache = config;
|
|
|
|
|
|
|
|
return this.inlineToolsConfigCache;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Clean array
|
|
|
|
* @param {array} array - [1, 2, {}, []]
|
|
|
|
* @param {object} ruleForItem
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private cleanArray(array: any[], ruleForItem: SanitizerConfig): any[] {
|
2018-10-23 09:34:00 +02:00
|
|
|
return array.map( (arrayItem) => this.deepSanitize(arrayItem, ruleForItem));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Clean object
|
|
|
|
* @param {object} object - {level: 0, text: 'adada', items: [1,2,3]}}
|
|
|
|
* @param {object} rules - { b: true } or true|false
|
|
|
|
* @return {object}
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private cleanObject(object: any, rules: SanitizerConfig|{[field: string]: SanitizerConfig}): any {
|
2018-10-23 09:34:00 +02:00
|
|
|
const cleanData = {};
|
|
|
|
|
|
|
|
for (const fieldName in object) {
|
|
|
|
if (!object.hasOwnProperty(fieldName)) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
const currentIterationItem = object[fieldName];
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get object from config by field name
|
|
|
|
* - if it is a HTML Janitor rule, call with this rule
|
|
|
|
* - otherwise, call with parent's config
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
const ruleForItem = this.isRule(rules[fieldName] as SanitizerConfig) ? rules[fieldName] : rules;
|
2018-10-23 09:34:00 +02:00
|
|
|
|
2018-11-23 17:11:50 +01:00
|
|
|
cleanData[fieldName] = this.deepSanitize(currentIterationItem, ruleForItem as SanitizerConfig);
|
2018-10-23 09:34:00 +02:00
|
|
|
}
|
|
|
|
return cleanData;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param {string} taintString
|
2018-11-23 17:11:50 +01:00
|
|
|
* @param {SanitizerConfig|boolean} rule
|
2018-10-23 09:34:00 +02:00
|
|
|
* @return {string}
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private cleanOneItem(taintString: string, rule: SanitizerConfig|boolean): string {
|
2018-10-23 09:34:00 +02:00
|
|
|
if (typeof rule === 'object') {
|
|
|
|
return this.clean(taintString, rule);
|
|
|
|
} else if (rule === false) {
|
2018-11-23 17:11:50 +01:00
|
|
|
return this.clean(taintString, {} as SanitizerConfig);
|
2018-10-23 09:34:00 +02:00
|
|
|
} else {
|
|
|
|
return taintString;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if passed item is a HTML Janitor rule:
|
|
|
|
* { a : true }, {}, false, true, function(){} — correct rules
|
|
|
|
* undefined, null, 0, 1, 2 — not a rules
|
|
|
|
* @param config
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private isRule(config: SanitizerConfig): boolean {
|
2018-10-23 09:34:00 +02:00
|
|
|
return typeof config === 'object' || typeof config === 'boolean' || typeof config === 'function';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* If developer uses editor's API, then he can customize sanitize restrictions.
|
|
|
|
* Or, sanitizing config can be defined globally in editors initialization. That config will be used everywhere
|
|
|
|
* At least, if there is no config overrides, that API uses Default configuration
|
|
|
|
*
|
|
|
|
* @uses https://www.npmjs.com/package/html-janitor
|
2018-11-29 10:16:06 +01:00
|
|
|
* @license https://github.com/guardian/html-janitor/blob/master/LICENSE
|
2018-10-23 09:34:00 +02:00
|
|
|
*
|
|
|
|
* @param {SanitizerConfig} config - sanitizer extension
|
|
|
|
*/
|
2018-11-23 17:11:50 +01:00
|
|
|
private createHTMLJanitorInstance(config: {tags: SanitizerConfig}): HTMLJanitor|null {
|
2018-10-23 09:34:00 +02:00
|
|
|
if (config) {
|
|
|
|
return new HTMLJanitor(config);
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|