Correct handling of the note object foir state diagrams when sanitizing it
This commit is contained in:
parent
dd088bc603
commit
7ad509cc7a
|
@ -3266,7 +3266,10 @@ var rectWithTitle = function rectWithTitle(parent, node) {
|
|||
|
||||
_logger__WEBPACK_IMPORTED_MODULE_1__["log"].info('Label text abc79', title, text2, _typeof(text2) === 'object');
|
||||
var text = label.node().appendChild(Object(_createLabel__WEBPACK_IMPORTED_MODULE_5__["default"])(title, node.labelStyle, true, true));
|
||||
var bbox;
|
||||
var bbox = {
|
||||
width: 0,
|
||||
height: 0
|
||||
};
|
||||
|
||||
if (Object(_diagrams_common_common__WEBPACK_IMPORTED_MODULE_8__["evaluate"])(Object(_config__WEBPACK_IMPORTED_MODULE_3__["getConfig"])().flowchart.htmlLabels)) {
|
||||
var div = text.children[0];
|
||||
|
@ -7405,9 +7408,11 @@ var removeScript = function removeScript(txt) {
|
|||
}
|
||||
}
|
||||
|
||||
rs = rs.replace(/javascript:/g, '#');
|
||||
rs = rs.replace(/onerror=/g, 'onerror:');
|
||||
rs = rs.replace(/<iframe/g, '');
|
||||
rs = rs.replace(/script>/gi, '#');
|
||||
rs = rs.replace(/script>/gi, '#');
|
||||
rs = rs.replace(/javascript:/gi, '#');
|
||||
rs = rs.replace(/onerror=/gi, 'onerror:');
|
||||
rs = rs.replace(/<iframe/gi, '');
|
||||
return rs;
|
||||
};
|
||||
|
||||
|
@ -7437,7 +7442,10 @@ var sanitizeMore = function sanitizeMore(text, config) {
|
|||
};
|
||||
|
||||
var sanitizeText = function sanitizeText(text, config) {
|
||||
var txt = sanitizeMore(dompurify__WEBPACK_IMPORTED_MODULE_0___default.a.sanitize(text), config);
|
||||
var level = config.securityLevel;
|
||||
console.log('security level', level);
|
||||
if (!text) return text;
|
||||
var txt = dompurify__WEBPACK_IMPORTED_MODULE_0___default.a.sanitize(sanitizeMore(text, config));
|
||||
return txt;
|
||||
};
|
||||
var lineBreakRegex = /<br\s*\/?>/gi;
|
||||
|
@ -22578,7 +22586,8 @@ __webpack_require__.r(__webpack_exports__);
|
|||
/* harmony import */ var _logger__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(/*! ../../logger */ "./src/logger.js");
|
||||
/* harmony import */ var _utils__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(/*! ../../utils */ "./src/utils.js");
|
||||
/* harmony import */ var _mermaidAPI__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(/*! ../../mermaidAPI */ "./src/mermaidAPI.js");
|
||||
/* harmony import */ var _config__WEBPACK_IMPORTED_MODULE_3__ = __webpack_require__(/*! ../../config */ "./src/config.js");
|
||||
/* harmony import */ var _common_common__WEBPACK_IMPORTED_MODULE_3__ = __webpack_require__(/*! ../common/common */ "./src/diagrams/common/common.js");
|
||||
/* harmony import */ var _config__WEBPACK_IMPORTED_MODULE_4__ = __webpack_require__(/*! ../../config */ "./src/config.js");
|
||||
function _typeof(obj) { "@babel/helpers - typeof"; if (typeof Symbol === "function" && typeof Symbol.iterator === "symbol") { _typeof = function _typeof(obj) { return typeof obj; }; } else { _typeof = function _typeof(obj) { return obj && typeof Symbol === "function" && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }; } return _typeof(obj); }
|
||||
|
||||
|
||||
|
@ -22586,6 +22595,7 @@ function _typeof(obj) { "@babel/helpers - typeof"; if (typeof Symbol === "functi
|
|||
|
||||
|
||||
|
||||
|
||||
var clone = function clone(o) {
|
||||
return JSON.parse(JSON.stringify(o));
|
||||
};
|
||||
|
@ -22749,7 +22759,7 @@ var addState = function addState(id, type, doc, descr, note) {
|
|||
}
|
||||
}
|
||||
|
||||
if (note) currentDocument.states[id].note = note;
|
||||
if (note) currentDocument.states[id].note = _common_common__WEBPACK_IMPORTED_MODULE_3__["default"].sanitizeText(note, _config__WEBPACK_IMPORTED_MODULE_4__["getConfig"]());
|
||||
};
|
||||
var clear = function clear() {
|
||||
documents = {
|
||||
|
@ -22797,7 +22807,7 @@ var addRelation = function addRelation(_id1, _id2, title) {
|
|||
currentDocument.relations.push({
|
||||
id1: id1,
|
||||
id2: id2,
|
||||
title: title
|
||||
title: _common_common__WEBPACK_IMPORTED_MODULE_3__["default"].sanitizeText(title, _config__WEBPACK_IMPORTED_MODULE_4__["getConfig"]())
|
||||
});
|
||||
};
|
||||
|
||||
|
@ -22809,7 +22819,7 @@ var addDescription = function addDescription(id, _descr) {
|
|||
descr = descr.substr(1).trim();
|
||||
}
|
||||
|
||||
theState.descriptions.push(descr);
|
||||
theState.descriptions.push(_common_common__WEBPACK_IMPORTED_MODULE_3__["default"].sanitizeText(descr, _config__WEBPACK_IMPORTED_MODULE_4__["getConfig"]()));
|
||||
};
|
||||
|
||||
var cleanupLabel = function cleanupLabel(label) {
|
||||
|
@ -22860,7 +22870,7 @@ var trimColon = function trimColon(str) {
|
|||
/* harmony default export */ __webpack_exports__["default"] = ({
|
||||
parseDirective: parseDirective,
|
||||
getConfig: function getConfig() {
|
||||
return _config__WEBPACK_IMPORTED_MODULE_3__["getConfig"]().state;
|
||||
return _config__WEBPACK_IMPORTED_MODULE_4__["getConfig"]().state;
|
||||
},
|
||||
addState: addState,
|
||||
clear: clear,
|
||||
|
@ -22909,11 +22919,12 @@ __webpack_require__.r(__webpack_exports__);
|
|||
/* harmony import */ var _dagre_wrapper_index_js__WEBPACK_IMPORTED_MODULE_5__ = __webpack_require__(/*! ../../dagre-wrapper/index.js */ "./src/dagre-wrapper/index.js");
|
||||
/* harmony import */ var _logger__WEBPACK_IMPORTED_MODULE_6__ = __webpack_require__(/*! ../../logger */ "./src/logger.js");
|
||||
/* harmony import */ var _utils__WEBPACK_IMPORTED_MODULE_7__ = __webpack_require__(/*! ../../utils */ "./src/utils.js");
|
||||
/* harmony import */ var _common_common__WEBPACK_IMPORTED_MODULE_8__ = __webpack_require__(/*! ../common/common */ "./src/diagrams/common/common.js");
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
// import { evaluate } from '../common/common';
|
||||
|
||||
|
||||
|
||||
|
@ -22963,7 +22974,7 @@ var setupNode = function setupNode(g, parent, node, altFlag) {
|
|||
nodeDb[node.id] = {
|
||||
id: node.id,
|
||||
shape: shape,
|
||||
description: node.id,
|
||||
description: _common_common__WEBPACK_IMPORTED_MODULE_8__["default"].sanitizeText(node.id, Object(_config__WEBPACK_IMPORTED_MODULE_4__["getConfig"])()),
|
||||
classes: 'statediagram-state'
|
||||
};
|
||||
} // Build of the array of description strings accordinging
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -148,7 +148,13 @@ export const addState = function (id, type, doc, descr, note) {
|
|||
}
|
||||
}
|
||||
|
||||
if (note) currentDocument.states[id].note = common.sanitizeText(note, configApi.getConfig());
|
||||
if (note) {
|
||||
currentDocument.states[id].note = note;
|
||||
currentDocument.states[id].note.text = common.sanitizeText(
|
||||
currentDocument.states[id].note.text,
|
||||
configApi.getConfig()
|
||||
);
|
||||
}
|
||||
};
|
||||
|
||||
export const clear = function () {
|
||||
|
|
Loading…
Reference in New Issue