From b6e9043d91c705398f77b9f10dc964b0fee968f2 Mon Sep 17 00:00:00 2001 From: Joseph Garrone Date: Sun, 22 Sep 2024 18:56:05 +0200 Subject: [PATCH] Reorganize kcSanitarize --- package.json | 4 +- .../kcSanitize/HtmlPolicyBuilder.tsx | 2 +- src/{tools => lib}/kcSanitize/KcSanitizer.ts | 26 +- .../kcSanitize/KcSanitizerPolicy.ts | 0 src/lib/kcSanitize/index.ts | 5 + src/lib/vendor/isomorphic-dompurify.ts | 3 + test/kcSanitize/KcSanitizer.spec.ts | 342 +++++++----------- yarn.lock | 226 +++++++++++- 8 files changed, 366 insertions(+), 242 deletions(-) rename src/{tools => lib}/kcSanitize/HtmlPolicyBuilder.tsx (99%) rename src/{tools => lib}/kcSanitize/KcSanitizer.ts (61%) rename src/{tools => lib}/kcSanitize/KcSanitizerPolicy.ts (100%) create mode 100644 src/lib/kcSanitize/index.ts create mode 100644 src/lib/vendor/isomorphic-dompurify.ts diff --git a/package.json b/package.json index ebf92702..4f473787 100644 --- a/package.json +++ b/package.json @@ -109,6 +109,8 @@ "yauzl": "^2.10.0", "zod": "^3.17.10", "evt": "^2.5.7", - "tsx": "^4.15.5" + "tsx": "^4.15.5", + "html-entities": "^2.5.2", + "isomorphic-dompurify": "^2.15.0" } } diff --git a/src/tools/kcSanitize/HtmlPolicyBuilder.tsx b/src/lib/kcSanitize/HtmlPolicyBuilder.tsx similarity index 99% rename from src/tools/kcSanitize/HtmlPolicyBuilder.tsx rename to src/lib/kcSanitize/HtmlPolicyBuilder.tsx index bf1a6297..fdfb6a40 100644 --- a/src/tools/kcSanitize/HtmlPolicyBuilder.tsx +++ b/src/lib/kcSanitize/HtmlPolicyBuilder.tsx @@ -1,4 +1,4 @@ -import DOMPurify from "isomorphic-dompurify"; +import { DOMPurify } from "keycloakify/lib/vendor/isomorphic-dompurify"; type TagType = { name: string; diff --git a/src/tools/kcSanitize/KcSanitizer.ts b/src/lib/kcSanitize/KcSanitizer.ts similarity index 61% rename from src/tools/kcSanitize/KcSanitizer.ts rename to src/lib/kcSanitize/KcSanitizer.ts index 69c73e4e..cfb40d06 100644 --- a/src/tools/kcSanitize/KcSanitizer.ts +++ b/src/lib/kcSanitize/KcSanitizer.ts @@ -1,4 +1,4 @@ -import { KcSanitizerPolicy } from "keycloakify/tools/kcSanitize/KcSanitizerPolicy"; +import { KcSanitizerPolicy } from "./KcSanitizerPolicy"; // implementation of keycloak java sanitize method ( KeycloakSanitizerMethod ) // https://github.com/keycloak/keycloak/blob/8ce8a4ba089eef25a0e01f58e09890399477b9ef/services/src/main/java/org/keycloak/theme/KeycloakSanitizerMethod.java#L33 @@ -6,33 +6,15 @@ export class KcSanitizer { private static HREF_PATTERN = /\s+href="([^"]*)"/g; private static textarea: HTMLTextAreaElement | null = null; - public static sanitize(html: string | null): string { - if (html == null) { - throw new Error("Cannot escape null value."); - } + public static sanitize(html: string, decodeHtml?: (html: string) => string): string { if (html === "") return ""; - html = this.decodeHtmlFull(html); + html = decodeHtml !== undefined ? decodeHtml(html) : this.decodeHtml(html); const sanitized = KcSanitizerPolicy.sanitize(html); return this.fixURLs(sanitized); } - private static decodeHtmlFull(html: string): string { - if (typeof window !== "undefined" && typeof document !== "undefined") { - return KcSanitizer.decodeHtmlOnClient(html); - } else { - throw new Error("not implemented"); - // return await KcSanitizer.decodeHtmlOnServer(html); - } - } - - // private static async decodeHtmlOnServer(html: string): Promise { - // // Dynamically import html-entities only on the server side - // const { decode } = await import("html-entities"); - // return decode(html); - // } - - private static decodeHtmlOnClient(html: string): string { + private static decodeHtml(html: string): string { if (!KcSanitizer.textarea) { KcSanitizer.textarea = document.createElement("textarea"); } diff --git a/src/tools/kcSanitize/KcSanitizerPolicy.ts b/src/lib/kcSanitize/KcSanitizerPolicy.ts similarity index 100% rename from src/tools/kcSanitize/KcSanitizerPolicy.ts rename to src/lib/kcSanitize/KcSanitizerPolicy.ts diff --git a/src/lib/kcSanitize/index.ts b/src/lib/kcSanitize/index.ts new file mode 100644 index 00000000..aa6e8764 --- /dev/null +++ b/src/lib/kcSanitize/index.ts @@ -0,0 +1,5 @@ +import { KcSanitizer } from "./KcSanitizer"; + +export function kcSanitize(html: string): string { + return KcSanitizer.sanitize(html); +} diff --git a/src/lib/vendor/isomorphic-dompurify.ts b/src/lib/vendor/isomorphic-dompurify.ts new file mode 100644 index 00000000..e89eddec --- /dev/null +++ b/src/lib/vendor/isomorphic-dompurify.ts @@ -0,0 +1,3 @@ +import DOMPurify from "isomorphic-dompurify"; + +export { DOMPurify }; diff --git a/test/kcSanitize/KcSanitizer.spec.ts b/test/kcSanitize/KcSanitizer.spec.ts index 2740a691..eff7a8d8 100644 --- a/test/kcSanitize/KcSanitizer.spec.ts +++ b/test/kcSanitize/KcSanitizer.spec.ts @@ -1,227 +1,137 @@ -import { describe, it, expect, vi, beforeAll } from "vitest"; -import { KcSanitizer } from "keycloakify/tools/kcSanitize/KcSanitizer"; +import { describe, it, expect } from "vitest"; +import { KcSanitizer } from "keycloakify/lib/kcSanitize/KcSanitizer"; +import { decode } from "html-entities"; // Implementation of Keycloak Java method KeycloakSanitizerTest with bunch of more test for p tag styling // https://github.com/keycloak/keycloak/blob/8ce8a4ba089eef25a0e01f58e09890399477b9ef/services/src/test/java/org/keycloak/theme/KeycloakSanitizerTest.java#L32 -const testCases = [ - { - description: "should handle escapes correctly", - cases: [ - { - html: "
Keycloak
", - expectedResult: '
Keycloak
' - }, - { - html: "

Foo

", - expectedResult: "

Foo

" - }, - { - html: '
Keycloak
', - expectedResult: '
Keycloak
' - }, - { - html: null, - expectedResult: null - }, - { - html: "", - expectedResult: "" - } - ] - }, - { - description: "should handle URLs correctly", - cases: [ - { - html: "

link

", - expectedResult: - '

link

' - }, - { - html: '

link

', - expectedResult: "

link

" - }, - { - html: "

link

", - expectedResult: "

link

" - }, - { - html: '

link

', - expectedResult: "

link

" - }, - { - html: '

link

', - expectedResult: "

link

" - }, - { - html: '

link

', - expectedResult: "

link

" - }, - { - html: '

link

', - expectedResult: "

link

" - }, - { - html: '

link

', - expectedResult: - '

link

' - }, - { - html: '

link2

', - expectedResult: - '

link2

' - } - ] - }, - { - description: "should handle ordinary texts correctly", - cases: [ - { - html: "Some text", - expectedResult: "Some text" - }, - { - html: `text with "double quotation"`, - expectedResult: `text with "double quotation"` - }, - { - html: `text with 'single quotation'`, - expectedResult: `text with 'single quotation'` - } - ] - }, - { - description: "should handle text styles correctly", - cases: [ - { - html: "

text

", - expectedResult: "

text

" - }, - { - html: "

text

", - expectedResult: "

text

" - }, - { - html: '

red text

', - expectedResult: '

red text

' - }, - { - html: '

red text

', - expectedResult: '

red text

' - }, - { - html: '

Case-insensitive

', - expectedResult: '

Case-insensitive

' - }, - { - html: '

wrong value for align

', - expectedResult: "

wrong value for align

" - }, - { - html: '

wrong value for align

', - expectedResult: "

wrong value for align

" - }, - { - html: '

This is a paragraph with larger text.

', - expectedResult: - '

This is a paragraph with larger text.

' - }, - { - html: "

או נושא שתבחר

", - expectedResult: "

או נושא שתבחר

" - } - ] - }, - { - description: "should handle styles correctly", - cases: [ - { - html: '
', - expectedResult: '
' - }, - { - html: '
', - expectedResult: "
" - }, - { - html: ' Content ', - expectedResult: ' Content ' - } - ] - } -]; -const assertResult = (expectedResult: string | null, html: string | null): void => { - if (html === null) { - expect(KcSanitizer.sanitize(html)).toThrow("Cannot escape null value."); - } else { - const result = KcSanitizer.sanitize(html); - expect(result).toBe(expectedResult); - } -}; +describe("KeycloakSanitizerMethod", () => { + it("should handle escapes correctly", () => { + let html: string = ""; + let expectedResult: string; -// Server-side tests -// describe("KcSanitizer - Server Side", () => { -// for (const group of testCases) { -// describe(group.description, () => { -// for (const test of group.cases) { -// it(`should handle ${test.html}`, async () => { -// await assertResult(test.expectedResult, test.html); -// }); -// } -// }); -// } -// }); + html = + "
Keycloak
"; + expectedResult = '
Keycloak
'; + assertResult(expectedResult, html); -describe("KcSanitizer - Client Side", () => { - const decodeHtmlEntities = (html: string): string => { - const entitiesMap: { [key: string]: string } = { - "&": "&", - "<": "<", - ">": ">", - """: '"', - "'": "'" - }; + html = "

Foo

"; + expectedResult = "

Foo

"; + assertResult(expectedResult, html); - return html.replace( - /&|<|>|"|'/g, - entity => entitiesMap[entity] || entity - ); - }; + html = + '
Keycloak
'; + expectedResult = '
Keycloak
'; + assertResult(expectedResult, html); - beforeAll(() => { - vi.stubGlobal("window", {}); - // Mocking the `document.createElement` to simulate textarea behavior - vi.stubGlobal("document", { - createElement: (tagName: string) => { - if (tagName === "textarea") { - let _innerHTML = ""; - return { - get innerHTML() { - return _innerHTML; - }, - set innerHTML(html) { - _innerHTML = html; - this.value = decodeHtmlEntities(html); // Simulate decoding - }, - value: "" // Mimic the textarea behavior where innerHTML -> value - }; - } - throw new Error("Unsupported element"); - } - }); + html = ""; + expectedResult = ""; + assertResult(expectedResult, html); }); - for (const group of testCases) { - describe(group.description, () => { - for (const test of group.cases) { - it(`should handle ${test.html}`, () => { - if (test.html == null) - expect(() => - assertResult(test.expectedResult, test.html) - ).toThrow("Cannot escape null value."); - else assertResult(test.expectedResult, test.html); - }); - } - }); + it("should handle URLs correctly", () => { + let html: string = ""; + + html = "

link

"; + assertResult('

link

', html); + + html = '

link

'; + assertResult("

link

", html); + + html = "

link

"; + assertResult("

link

", html); + + html = '

link

'; + assertResult("

link

", html); + + html = '

link

'; + assertResult("

link

", html); + + html = '

link

'; + assertResult("

link

", html); + + html = + '

link

'; + assertResult("

link

", html); + + html = + '

link

'; + assertResult("

link

", html); + + html = '

link

'; + assertResult( + '

link

', + html + ); + + html = + "

link1link2

"; + assertResult( + '

link1link2

', + html + ); + }); + + it("should handle ordinary texts correctly", () => { + let html: string = ""; + + html = "Some text"; + assertResult("Some text", html); + + html = `text with "double quotation"`; + assertResult(`text with "double quotation"`, html); + + html = `text with 'single quotation'`; + assertResult(`text with 'single quotation'`, html); + }); + + it("should handle text styles correctly", () => { + let html: string = ""; + + html = "

text

"; + assertResult("

text

", html); + + html = "

text

"; + assertResult("

text

", html); + + html = `

red text

`; + assertResult(`

red text

`, html); + + html = `

red text

`; + assertResult(`

red text

`, html); + + html = `

Case-insensitive

`; + assertResult(`

Case-insensitive

`, html); + + html = `

wrong value for align

`; + assertResult(`

wrong value for align

`, html); + + html = `

wrong value for align

`; + assertResult(`

wrong value for align

`, html); + + html = `

This is a paragraph with larger text.

`; + assertResult( + `

This is a paragraph with larger text.

`, + html + ); + + html = `

או נושא שתבחר

`; + assertResult(`

או נושא שתבחר

`, html); + }); + + it("should handle styles correctly", () => { + let html = ""; + html = `
`; + assertResult(`
`, html); + + html = `
`; + assertResult(`
`, html); + + html = ` Content `; + assertResult(` Content `, html); + }); + + function assertResult(expectedResult: string, html: string): void { + const result = KcSanitizer.sanitize(html, decode); + expect(result).toBe(expectedResult); } }); diff --git a/yarn.lock b/yarn.lock index f8b9cff5..25ecd9b5 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2803,6 +2803,13 @@ dependencies: "@babel/types" "^7.0.0" +"@types/dompurify@^3.0.5": + version "3.0.5" + resolved "https://registry.yarnpkg.com/@types/dompurify/-/dompurify-3.0.5.tgz#02069a2fcb89a163bacf1a788f73cb415dd75cb7" + integrity sha512-1Wg0g3BtQF7sSb27fJQAKck1HECM6zV1EB66j8JH9i3LCjYabJa0FSdiSgsD5K/RbrsR0SiraKacLB+T8ZVYAg== + dependencies: + "@types/trusted-types" "*" + "@types/eslint-scope@^3.7.3": version "3.7.4" resolved "https://registry.yarnpkg.com/@types/eslint-scope/-/eslint-scope-3.7.4.tgz#37fc1223f0786c39627068a12e94d6e6fc61de16" @@ -3014,6 +3021,11 @@ resolved "https://registry.yarnpkg.com/@types/tapable/-/tapable-1.0.8.tgz#b94a4391c85666c7b73299fd3ad79d4faa435310" integrity sha512-ipixuVrh2OdNmauvtT51o3d8z12p6LtFW9in7U79der/kwejjdNchQC5UMn5u/KxNoM7VHHOs/l8KS8uHxhODQ== +"@types/trusted-types@*": + version "2.0.7" + resolved "https://registry.yarnpkg.com/@types/trusted-types/-/trusted-types-2.0.7.tgz#baccb07a970b91707df3a3e8ba6896c57ead2d11" + integrity sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw== + "@types/uglify-js@*": version "3.17.1" resolved "https://registry.yarnpkg.com/@types/uglify-js/-/uglify-js-3.17.1.tgz#e0ffcef756476410e5bce2cb01384ed878a195b5" @@ -3492,6 +3504,13 @@ agent-base@6, agent-base@^6.0.2: dependencies: debug "4" +agent-base@^7.0.2, agent-base@^7.1.0: + version "7.1.1" + resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-7.1.1.tgz#bdbded7dfb096b751a2a087eeeb9664725b2e317" + integrity sha512-H0TSyFNDMomMNJQBn8wFV5YC/2eJ+VXECwOadZJT554xP6cODZHPX3H9QMQECxvrgiSOP1pHjy1sMWQVYJOUOA== + dependencies: + debug "^4.3.4" + agentkeepalive@^4.2.1: version "4.3.0" resolved "https://registry.yarnpkg.com/agentkeepalive/-/agentkeepalive-4.3.0.tgz#bb999ff07412653c1803b3ced35e50729830a255" @@ -5131,6 +5150,13 @@ cssesc@^3.0.0: resolved "https://registry.yarnpkg.com/cssesc/-/cssesc-3.0.0.tgz#37741919903b868565e1c09ea747445cd18983ee" integrity sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg== +cssstyle@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/cssstyle/-/cssstyle-4.1.0.tgz#161faee382af1bafadb6d3867a92a19bcb4aea70" + integrity sha512-h66W1URKpBS5YMI/V8PyXvTMFT8SupJ1IzoIV8IeBC/ji8WVmrO8dGlTi+2dh6whmdk6BiKJLD/ZBkhWbcg6nA== + dependencies: + rrweb-cssom "^0.7.1" + csstype@^3.0.2: version "3.1.2" resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.2.tgz#1d4bf9d572f11c14031f0436e1c10bc1f571f50b" @@ -5156,6 +5182,14 @@ d@1, d@^1.0.1: es5-ext "^0.10.50" type "^1.0.1" +data-urls@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-5.0.0.tgz#2f76906bce1824429ffecb6920f45a0b30f00dde" + integrity sha512-ZYP5VBHshaDAiVZxjbRVcFJpc+4xGgT0bK3vzy1HLN8jTO975HEbuYzZJcHoQEY5K1a0z8YayJkyVETa08eNTg== + dependencies: + whatwg-mimetype "^4.0.0" + whatwg-url "^14.0.0" + debug@2.6.9, debug@^2.2.0, debug@^2.3.3: version "2.6.9" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" @@ -5189,6 +5223,11 @@ decamelize@^1.1.2, decamelize@^1.2.0: resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" integrity sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA== +decimal.js@^10.4.3: + version "10.4.3" + resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.4.3.tgz#1044092884d245d1b7f65725fa4ad4c6f781cc23" + integrity sha512-VBBaLc1MgL5XpzgIP7ny5Z6Nx3UrRkIViUkPUdtl9aya5amy3De1gsUUSB1g3+3sExYNjCAsAznmukyxCb1GRA== + decode-uri-component@^0.2.0: version "0.2.2" resolved "https://registry.yarnpkg.com/decode-uri-component/-/decode-uri-component-0.2.2.tgz#e69dbe25d37941171dd540e024c444cd5188e1e9" @@ -5404,6 +5443,11 @@ domhandler@^5.0.1, domhandler@^5.0.2, domhandler@^5.0.3: dependencies: domelementtype "^2.3.0" +dompurify@^3.1.6: + version "3.1.6" + resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.1.6.tgz#43c714a94c6a7b8801850f82e756685300a027e2" + integrity sha512-cTOAhc36AalkjtBpfG6O8JimdTMWNXjiePT2xQH/ppBGi/4uIpmj8eKyIkMJErXWARyINV/sB38yf8JCLF5pbQ== + domutils@^2.5.2, domutils@^2.8.0: version "2.8.0" resolved "https://registry.yarnpkg.com/domutils/-/domutils-2.8.0.tgz#4437def5db6e2d1f5d6ee859bd95ca7d02048135" @@ -6333,6 +6377,15 @@ form-data@^3.0.0: combined-stream "^1.0.8" mime-types "^2.1.12" +form-data@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" + integrity sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww== + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.8" + mime-types "^2.1.12" + forwarded@0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/forwarded/-/forwarded-0.2.0.tgz#2269936428aad4c15c7ebe9779a84bf0b2a81811" @@ -6862,11 +6915,23 @@ hosted-git-info@^2.1.4: resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.9.tgz#dffc0bf9a21c02209090f2aa69429e1414daf3f9" integrity sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw== +html-encoding-sniffer@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/html-encoding-sniffer/-/html-encoding-sniffer-4.0.0.tgz#696df529a7cfd82446369dc5193e590a3735b448" + integrity sha512-Y22oTqIU4uuPgEemfz7NDJz6OeKf12Lsu+QC+s3BVpda64lTiMYCyGwg5ki4vFxkMwQdeZDl2adZoqUgdFuTgQ== + dependencies: + whatwg-encoding "^3.1.1" + html-entities@^2.1.0: version "2.3.3" resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-2.3.3.tgz#117d7626bece327fc8baace8868fa6f5ef856e46" integrity sha512-DV5Ln36z34NNTDgnz0EWGBLZENelNAtkiFA4kyNOG2tDI6Mz1uSWiq1wAKdyjnJwyDiDO7Fa2SO1CTxPXL8VxA== +html-entities@^2.5.2: + version "2.5.2" + resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-2.5.2.tgz#201a3cf95d3a15be7099521620d19dfb4f65359f" + integrity sha512-K//PSRMQk4FZ78Kyau+mZurHn3FH0Vwr+H36eE0rPbeYkRRi9YxceYPhuN60UwWorxyKHhqoAJl2OFKa4BVtaA== + html-escaper@^2.0.0: version "2.0.2" resolved "https://registry.yarnpkg.com/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453" @@ -6979,6 +7044,14 @@ http-proxy-agent@^5.0.0: agent-base "6" debug "4" +http-proxy-agent@^7.0.2: + version "7.0.2" + resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz#9a8b1f246866c028509486585f62b8f2c18c270e" + integrity sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig== + dependencies: + agent-base "^7.1.0" + debug "^4.3.4" + https-browserify@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73" @@ -6992,6 +7065,14 @@ https-proxy-agent@^5.0.0: agent-base "6" debug "4" +https-proxy-agent@^7.0.5: + version "7.0.5" + resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-7.0.5.tgz#9e8b5013873299e11fab6fd548405da2d6c602b2" + integrity sha512-1e4Wqeblerz+tMKPIq2EMGiiWW1dIjZOksyHWSUm1rmuvw/how9hBHZ38lAGj5ID4Ik6EdkOw7NmWPy6LAwalw== + dependencies: + agent-base "^7.0.2" + debug "4" + human-signals@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-2.1.0.tgz#dc91fcba42e4d06e4abaed33b3e7a3c02f514ea0" @@ -7032,7 +7113,7 @@ iconv-lite@0.4.24: dependencies: safer-buffer ">= 2.1.2 < 3" -iconv-lite@^0.6.2: +iconv-lite@0.6.3, iconv-lite@^0.6.2: version "0.6.3" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501" integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw== @@ -7448,6 +7529,11 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4: dependencies: isobject "^3.0.1" +is-potential-custom-element-name@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz#171ed6f19e3ac554394edf78caa05784a45bebb5" + integrity sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ== + is-promise@^2.2.2: version "2.2.2" resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-2.2.2.tgz#39ab959ccbf9a774cf079f7b40c7a26f763135f1" @@ -7591,6 +7677,15 @@ isobject@^4.0.0: resolved "https://registry.yarnpkg.com/isobject/-/isobject-4.0.0.tgz#3f1c9155e73b192022a80819bacd0343711697b0" integrity sha512-S/2fF5wH8SJA/kmwr6HYhK/RI/OkhD84k8ntalo0iJjZikgq1XFvR5M8NPT1x5F7fBwCG3qHfnzeP/Vh/ZxCUA== +isomorphic-dompurify@^2.15.0: + version "2.15.0" + resolved "https://registry.yarnpkg.com/isomorphic-dompurify/-/isomorphic-dompurify-2.15.0.tgz#d3d35fe8cab700c4cf3c065da3dc86d508161502" + integrity sha512-RDHlyeVmwEDAPZuX1VaaBzSn9RrsfvswxH7faEQK9cTHC1dXeNuK6ElUeSr7locFyeLguut8ASfhQWxHB4Ttug== + dependencies: + "@types/dompurify" "^3.0.5" + dompurify "^3.1.6" + jsdom "^25.0.0" + isomorphic-unfetch@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/isomorphic-unfetch/-/isomorphic-unfetch-3.1.0.tgz#87341d5f4f7b63843d468438128cb087b7c3e98f" @@ -7667,6 +7762,33 @@ js-tokens@^9.0.0: resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-9.0.0.tgz#0f893996d6f3ed46df7f0a3b12a03f5fd84223c1" integrity sha512-WriZw1luRMlmV3LGJaR6QOJjWwgLUTf89OwT2lUOyjX2dJGBwgmIkbcz+7WFZjrZM635JOIR517++e/67CP9dQ== +jsdom@^25.0.0: + version "25.0.1" + resolved "https://registry.yarnpkg.com/jsdom/-/jsdom-25.0.1.tgz#536ec685c288fc8a5773a65f82d8b44badcc73ef" + integrity sha512-8i7LzZj7BF8uplX+ZyOlIz86V6TAsSs+np6m1kpW9u0JWi4z/1t+FzcK1aek+ybTnAC4KhBL4uXCNT0wcUIeCw== + dependencies: + cssstyle "^4.1.0" + data-urls "^5.0.0" + decimal.js "^10.4.3" + form-data "^4.0.0" + html-encoding-sniffer "^4.0.0" + http-proxy-agent "^7.0.2" + https-proxy-agent "^7.0.5" + is-potential-custom-element-name "^1.0.1" + nwsapi "^2.2.12" + parse5 "^7.1.2" + rrweb-cssom "^0.7.1" + saxes "^6.0.0" + symbol-tree "^3.2.4" + tough-cookie "^5.0.0" + w3c-xmlserializer "^5.0.0" + webidl-conversions "^7.0.0" + whatwg-encoding "^3.1.1" + whatwg-mimetype "^4.0.0" + whatwg-url "^14.0.0" + ws "^8.18.0" + xml-name-validator "^5.0.0" + jsesc@^2.5.1: version "2.5.2" resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" @@ -8664,6 +8786,11 @@ num2fraction@^1.2.2: resolved "https://registry.yarnpkg.com/num2fraction/-/num2fraction-1.2.2.tgz#6f682b6a027a4e9ddfa4564cd2589d1d4e669ede" integrity sha512-Y1wZESM7VUThYY+4W+X4ySH2maqcA+p7UR+w8VWNWVAd6lwuXXWz/w/Cz43J/dI2I+PS6wD5N+bJUF+gjWvIqg== +nwsapi@^2.2.12: + version "2.2.12" + resolved "https://registry.yarnpkg.com/nwsapi/-/nwsapi-2.2.12.tgz#fb6af5c0ec35b27b4581eb3bbad34ec9e5c696f8" + integrity sha512-qXDmcVlZV4XRtKFzddidpfVP4oMSGhga+xdMc25mv8kaLUHtgzCDhUxkrN8exkGdTlLNaXj7CV3GtON7zuGZ+w== + object-assign@^4.0.1, object-assign@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" @@ -9025,7 +9152,7 @@ parse5@^6.0.0: resolved "https://registry.yarnpkg.com/parse5/-/parse5-6.0.1.tgz#e1a1c085c569b3dc08321184f19a39cc27f7c30b" integrity sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw== -parse5@^7.0.0: +parse5@^7.0.0, parse5@^7.1.2: version "7.1.2" resolved "https://registry.yarnpkg.com/parse5/-/parse5-7.1.2.tgz#0736bebbfd77793823240a23b7fc5e010b7f8e32" integrity sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw== @@ -9582,6 +9709,11 @@ punycode@^2.1.0: resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.0.tgz#f67fa67c94da8f4d0cfff981aee4118064199b8f" integrity sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA== +punycode@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.1.tgz#027422e2faec0b25e1549c3e1bd8309b9133b6e5" + integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg== + qs@6.11.0: version "6.11.0" resolved "https://registry.yarnpkg.com/qs/-/qs-6.11.0.tgz#fd0d963446f7a65e1367e01abd85429453f0c37a" @@ -10116,6 +10248,11 @@ rollup@^4.13.0: "@rollup/rollup-win32-x64-msvc" "4.18.0" fsevents "~2.3.2" +rrweb-cssom@^0.7.1: + version "0.7.1" + resolved "https://registry.yarnpkg.com/rrweb-cssom/-/rrweb-cssom-0.7.1.tgz#c73451a484b86dd7cfb1e0b2898df4b703183e4b" + integrity sha512-TrEMa7JGdVm0UThDJSx7ddw5nVm3UJS9o9CCIZ72B1vSyEZoziDqBYP3XIoi/12lKrJR8rE3jeFHMok2F/Mnsg== + run-exclusive@^2.2.19: version "2.2.19" resolved "https://registry.yarnpkg.com/run-exclusive/-/run-exclusive-2.2.19.tgz#37a2fb6e3671f8ae0d63521ebd1865fc796cf307" @@ -10180,6 +10317,13 @@ safe-regex@^1.1.0: resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a" integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg== +saxes@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/saxes/-/saxes-6.0.0.tgz#fe5b4a4768df4f14a201b1ba6a65c1f3d9988cc5" + integrity sha512-xAg7SOnEhrm5zI3puOOKyy1OMcMlIJZYNJY7xLBwSze0UjhPLnWfj2GF2EpT0jmzaJKIWKHLsaSSajf35bcYnA== + dependencies: + xmlchars "^2.2.0" + scheduler@^0.23.0: version "0.23.0" resolved "https://registry.yarnpkg.com/scheduler/-/scheduler-0.23.0.tgz#ba8041afc3d30eb206a487b6b384002e4e61fdfe" @@ -10951,6 +11095,11 @@ supports-preserve-symlinks-flag@^1.0.0: resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09" integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w== +symbol-tree@^3.2.4: + version "3.2.4" + resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2" + integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw== + symbol.prototype.description@^1.0.0: version "1.0.5" resolved "https://registry.yarnpkg.com/symbol.prototype.description/-/symbol.prototype.description-1.0.5.tgz#d30e01263b6020fbbd2d2884a6276ce4d49ab568" @@ -11128,6 +11277,18 @@ tinyspy@^2.2.0: resolved "https://registry.yarnpkg.com/tinyspy/-/tinyspy-2.2.1.tgz#117b2342f1f38a0dbdcc73a50a454883adf861d1" integrity sha512-KYad6Vy5VDWV4GH3fjpseMQ/XU2BhIYP7Vzd0LG44qRWm/Yt2WCOTicFdvmgo6gWaqooMQCawTtILVQJupKu7A== +tldts-core@^6.1.47: + version "6.1.47" + resolved "https://registry.yarnpkg.com/tldts-core/-/tldts-core-6.1.47.tgz#bb6deb97abb6ef04243af60968d2d0055a65cbd7" + integrity sha512-6SWyFMnlst1fEt7GQVAAu16EGgFK0cLouH/2Mk6Ftlwhv3Ol40L0dlpGMcnnNiiOMyD2EV/aF3S+U2nKvvLvrA== + +tldts@^6.1.32: + version "6.1.47" + resolved "https://registry.yarnpkg.com/tldts/-/tldts-6.1.47.tgz#bab4edf5867e2bbd763e72d9435289de97b082df" + integrity sha512-R/K2tZ5MiY+mVrnSkNJkwqYT2vUv1lcT6wJvd2emGaMJ7PHUGRY4e3tUsdFCXgqxi2QgbHjL3yJgXCo40v9Hxw== + dependencies: + tldts-core "^6.1.47" + to-arraybuffer@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/to-arraybuffer/-/to-arraybuffer-1.0.1.tgz#7d229b1fcc637e466ca081180836a7aabff83f43" @@ -11175,6 +11336,20 @@ toidentifier@1.0.1: resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35" integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA== +tough-cookie@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-5.0.0.tgz#6b6518e2b5c070cf742d872ee0f4f92d69eac1af" + integrity sha512-FRKsF7cz96xIIeMZ82ehjC3xW2E+O2+v11udrDYewUbszngYhsGa8z6YUMMzO9QJZzzyd0nGGXnML/TReX6W8Q== + dependencies: + tldts "^6.1.32" + +tr46@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/tr46/-/tr46-5.0.0.tgz#3b46d583613ec7283020d79019f1335723801cec" + integrity sha512-tk2G5R2KRwBd+ZN0zaEXpmzdKyOYksXwywulIX95MBODjSzMIuQnQ3m8JxgbhnL1LeVo7lqQKsYa1O3Htl7K5g== + dependencies: + punycode "^2.3.1" + tr46@~0.0.3: version "0.0.3" resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a" @@ -11737,6 +11912,13 @@ vm-browserify@^1.0.1: resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.1.2.tgz#78641c488b8e6ca91a75f511e7a3b32a86e5dda0" integrity sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ== +w3c-xmlserializer@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/w3c-xmlserializer/-/w3c-xmlserializer-5.0.0.tgz#f925ba26855158594d907313cedd1476c5967f6c" + integrity sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA== + dependencies: + xml-name-validator "^5.0.0" + watchpack-chokidar2@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.1.tgz#38500072ee6ece66f3769936950ea1771be1c957" @@ -11773,6 +11955,11 @@ webidl-conversions@^3.0.0: resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871" integrity sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ== +webidl-conversions@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-7.0.0.tgz#256b4e1882be7debbf01d05f0aa2039778ea080a" + integrity sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g== + webpack-dev-middleware@^3.7.3: version "3.7.3" resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-3.7.3.tgz#0639372b143262e2b84ab95d3b91a7597061c2c5" @@ -11902,6 +12089,26 @@ webpack@4: watchpack "^2.4.0" webpack-sources "^3.2.3" +whatwg-encoding@^3.1.1: + version "3.1.1" + resolved "https://registry.yarnpkg.com/whatwg-encoding/-/whatwg-encoding-3.1.1.tgz#d0f4ef769905d426e1688f3e34381a99b60b76e5" + integrity sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ== + dependencies: + iconv-lite "0.6.3" + +whatwg-mimetype@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-4.0.0.tgz#bc1bf94a985dc50388d54a9258ac405c3ca2fc0a" + integrity sha512-QaKxh0eNIi2mE9p2vEdzfagOKHCcj1pJ56EEHGQOVxp8r9/iszLUUV7v89x9O1p/T+NlTM5W7jW6+cz4Fq1YVg== + +whatwg-url@^14.0.0: + version "14.0.0" + resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-14.0.0.tgz#00baaa7fd198744910c4b1ef68378f2200e4ceb6" + integrity sha512-1lfMEm2IEr7RIV+f4lUNPOqfFL+pO+Xw3fJSqmjX9AbXcXcYOkCe1P6+9VBZB6n94af16NfZf+sSk0JCBZC9aw== + dependencies: + tr46 "^5.0.0" + webidl-conversions "^7.0.0" + whatwg-url@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d" @@ -12048,6 +12255,11 @@ wrappy@1: resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ== +ws@^8.18.0: + version "8.18.0" + resolved "https://registry.yarnpkg.com/ws/-/ws-8.18.0.tgz#0d7505a6eafe2b0e712d232b42279f53bc289bbc" + integrity sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw== + ws@^8.2.3: version "8.13.0" resolved "https://registry.yarnpkg.com/ws/-/ws-8.13.0.tgz#9a9fb92f93cf41512a0735c8f4dd09b8a1211cd0" @@ -12060,6 +12272,16 @@ x-default-browser@^0.4.0: optionalDependencies: default-browser-id "^1.0.4" +xml-name-validator@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/xml-name-validator/-/xml-name-validator-5.0.0.tgz#82be9b957f7afdacf961e5980f1bf227c0bf7673" + integrity sha512-EvGK8EJ3DhaHfbRlETOWAS5pO9MZITeauHKJyb8wyajUfQUenkIg2MvLDTZ4T/TgIcm3HU0TFBgWWboAZ30UHg== + +xmlchars@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/xmlchars/-/xmlchars-2.2.0.tgz#060fe1bcb7f9c76fe2a17db86a9bc3ab894210cb" + integrity sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw== + xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.1: version "4.0.2" resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"