mirror of
https://github.com/mermaid-js/mermaid.git
synced 2025-09-17 06:20:07 +02:00
refactor: Rename and cleanup directiveSanitizer
This commit is contained in:
Sidharth Vinod
@@ -265,5 +265,5 @@ const keyify = (obj: any, prefix = ''): string[] =>
|
|||||||
return [...res, prefix + el];
|
return [...res, prefix + el];
|
||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
export const configKeys: string[] = keyify(config, '');
|
export const configKeys: Set<string> = new Set(keyify(config, ''));
|
||||||
export default config;
|
export default config;
|
||||||
|
|||||||
@@ -102,7 +102,7 @@ export const detectInit = function (text: string, config?: MermaidConfig): Merma
|
|||||||
|
|
||||||
if (Array.isArray(inits)) {
|
if (Array.isArray(inits)) {
|
||||||
const args = inits.map((init) => init.args);
|
const args = inits.map((init) => init.args);
|
||||||
directiveSanitizer(args);
|
sanitizeDirective(args);
|
||||||
|
|
||||||
results = assignWithDepth(results, [...args]);
|
results = assignWithDepth(results, [...args]);
|
||||||
} else {
|
} else {
|
||||||
@@ -842,67 +842,62 @@ export const entityDecode = function (html: string): string {
|
|||||||
*
|
*
|
||||||
* @param args - Directive's JSON
|
* @param args - Directive's JSON
|
||||||
*/
|
*/
|
||||||
export const directiveSanitizer = (args: any) => {
|
export const sanitizeDirective = (args: unknown): void => {
|
||||||
log.debug('directiveSanitizer called with', args);
|
log.debug('sanitizeDirective called with', args);
|
||||||
if (typeof args === 'object') {
|
|
||||||
// check for array
|
|
||||||
if (args.length) {
|
|
||||||
args.forEach((arg) => directiveSanitizer(arg));
|
|
||||||
} else {
|
|
||||||
// This is an object
|
|
||||||
Object.keys(args).forEach((key) => {
|
|
||||||
log.debug('Checking key', key);
|
|
||||||
if (key.startsWith('__')) {
|
|
||||||
log.debug('sanitize deleting __ option', key);
|
|
||||||
delete args[key];
|
|
||||||
}
|
|
||||||
|
|
||||||
if (key.includes('proto')) {
|
// Return if not an object
|
||||||
log.debug('sanitize deleting proto option', key);
|
if (typeof args !== 'object') {
|
||||||
delete args[key];
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (key.includes('constr')) {
|
// Sanitize each element if an array
|
||||||
log.debug('sanitize deleting constr option', key);
|
if (Array.isArray(args)) {
|
||||||
delete args[key];
|
args.forEach((arg) => sanitizeDirective(arg));
|
||||||
}
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (key.includes('themeCSS')) {
|
// Sanitize each key if an object
|
||||||
log.debug('sanitizing themeCss option');
|
for (const key of Object.keys(args)) {
|
||||||
args[key] = sanitizeCss(args[key]);
|
log.debug('Checking key', key);
|
||||||
}
|
if (
|
||||||
if (key.includes('fontFamily')) {
|
key.startsWith('__') ||
|
||||||
log.debug('sanitizing fontFamily option');
|
key.includes('proto') ||
|
||||||
args[key] = sanitizeCss(args[key]);
|
key.includes('constr') ||
|
||||||
}
|
!configKeys.has(key)
|
||||||
if (key.includes('altFontFamily')) {
|
) {
|
||||||
log.debug('sanitizing altFontFamily option');
|
log.debug('sanitize deleting key: ', key);
|
||||||
args[key] = sanitizeCss(args[key]);
|
delete args[key];
|
||||||
}
|
continue;
|
||||||
if (!configKeys.includes(key)) {
|
}
|
||||||
log.debug('sanitize deleting option', key);
|
|
||||||
delete args[key];
|
// Recurse if an object
|
||||||
} else {
|
if (typeof args[key] === 'object') {
|
||||||
if (typeof args[key] === 'object') {
|
log.debug('sanitizing object', key);
|
||||||
log.debug('sanitize deleting object', key);
|
sanitizeDirective(args[key]);
|
||||||
directiveSanitizer(args[key]);
|
continue;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
});
|
const cssMatchers = ['themeCSS', 'fontFamily', 'altFontFamily'];
|
||||||
|
for (const cssKey of cssMatchers) {
|
||||||
|
if (key.includes(cssKey)) {
|
||||||
|
log.debug('sanitizing css option', key);
|
||||||
|
args[key] = sanitizeCss(args[key]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (args.themeVariables) {
|
if (args.themeVariables) {
|
||||||
const kArr = Object.keys(args.themeVariables);
|
for (const k of Object.keys(args.themeVariables)) {
|
||||||
for (const k of kArr) {
|
|
||||||
const val = args.themeVariables[k];
|
const val = args.themeVariables[k];
|
||||||
if (val && val.match && !val.match(/^[\d "#%(),.;A-Za-z]+$/)) {
|
if (val?.match && !val.match(/^[\d "#%(),.;A-Za-z]+$/)) {
|
||||||
args.themeVariables[k] = '';
|
args.themeVariables[k] = '';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
log.debug('After sanitization', args);
|
log.debug('After sanitization', args);
|
||||||
};
|
};
|
||||||
export const sanitizeCss = (str) => {
|
|
||||||
|
export const sanitizeCss = (str: string): string => {
|
||||||
let startCnt = 0;
|
let startCnt = 0;
|
||||||
let endCnt = 0;
|
let endCnt = 0;
|
||||||
|
|
||||||
@@ -1019,8 +1014,8 @@ export default {
|
|||||||
random,
|
random,
|
||||||
runFunc,
|
runFunc,
|
||||||
entityDecode,
|
entityDecode,
|
||||||
initIdGenerator: initIdGenerator,
|
initIdGenerator,
|
||||||
directiveSanitizer,
|
sanitizeDirective,
|
||||||
sanitizeCss,
|
sanitizeCss,
|
||||||
insertTitle,
|
insertTitle,
|
||||||
parseFontSize,
|
parseFontSize,
|
||||||
|
|||||||
Reference in New Issue
Block a user