Skip to content

Commit

Permalink
Editor sanitize parser updates.
Browse files Browse the repository at this point in the history
  • Loading branch information
@pphod
pphod committed Sep 18, 2021
1 parent fe1d3cc commit d47a6f4
Show file tree
Hide file tree
Showing 6 changed files with 107 additions and 53 deletions.
26 changes: 20 additions & 6 deletions dist/jsuites.basic.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@

var jSuites = function(options) {
var obj = {}
var version = '4.4.0';
var version = '4.9.11';

var find = function(DOMElement, component) {
if (DOMElement[component.type] && DOMElement[component.type] == component) {
Expand Down Expand Up @@ -4999,6 +4999,10 @@ jSuites.editor = (function(el, options) {
}

obj.addImage = function(src, asSnippet) {
if (! src) {
src = '';
}

if (src.substr(0,4) != 'data' && ! obj.options.remoteParser) {
console.error('remoteParser not defined in your initialization');
} else {
Expand Down Expand Up @@ -5273,6 +5277,9 @@ jSuites.editor = (function(el, options) {
// Elements to be removed
var remove = [HTMLUnknownElement,HTMLAudioElement,HTMLEmbedElement,HTMLIFrameElement,HTMLTextAreaElement,HTMLInputElement,HTMLScriptElement];

// Valid properties
var validProperty = ['width', 'height', 'align', 'border', 'src', 'tabindex'];

// Valid CSS attributes
var validStyle = ['color', 'font-weight', 'font-size', 'background', 'background-color', 'margin'];

Expand All @@ -5297,20 +5304,27 @@ jSuites.editor = (function(el, options) {
}
// Process image
if (element.tagName.toUpperCase() == 'IMG') {
if (! obj.options.acceptImages) {
if (! obj.options.acceptImages || ! element.src) {
element.parentNode.removeChild(element);
} else {
// Check if is data
element.setAttribute('tabindex', '900');
// Check attributes for persistance
obj.addImage(element.src);
}
} else {
// Remove attributes
var numAttributes = element.attributes.length - 1;
}
// Remove attributes
var attr = [];
var numAttributes = element.attributes.length - 1;
if (numAttributes > 0) {
for (var i = numAttributes; i >= 0 ; i--) {
element.removeAttribute(element.attributes[i].name);
attr.push(element.attributes[i].name);
}
attr.forEach(function(v) {
if (validProperty.indexOf(v) == -1) {
element.removeAttribute(v);
}
});
}
element.style = '';
// Add valid style
Expand Down
26 changes: 20 additions & 6 deletions dist/jsuites.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@

var jSuites = function(options) {
var obj = {}
var version = '4.4.0';
var version = '4.9.11';

var find = function(DOMElement, component) {
if (DOMElement[component.type] && DOMElement[component.type] == component) {
Expand Down Expand Up @@ -5010,6 +5010,10 @@ jSuites.editor = (function(el, options) {
}

obj.addImage = function(src, asSnippet) {
if (! src) {
src = '';
}

if (src.substr(0,4) != 'data' && ! obj.options.remoteParser) {
console.error('remoteParser not defined in your initialization');
} else {
Expand Down Expand Up @@ -5284,6 +5288,9 @@ jSuites.editor = (function(el, options) {
// Elements to be removed
var remove = [HTMLUnknownElement,HTMLAudioElement,HTMLEmbedElement,HTMLIFrameElement,HTMLTextAreaElement,HTMLInputElement,HTMLScriptElement];

// Valid properties
var validProperty = ['width', 'height', 'align', 'border', 'src', 'tabindex'];

// Valid CSS attributes
var validStyle = ['color', 'font-weight', 'font-size', 'background', 'background-color', 'margin'];

Expand All @@ -5308,20 +5315,27 @@ jSuites.editor = (function(el, options) {
}
// Process image
if (element.tagName.toUpperCase() == 'IMG') {
if (! obj.options.acceptImages) {
if (! obj.options.acceptImages || ! element.src) {
element.parentNode.removeChild(element);
} else {
// Check if is data
element.setAttribute('tabindex', '900');
// Check attributes for persistance
obj.addImage(element.src);
}
} else {
// Remove attributes
var numAttributes = element.attributes.length - 1;
}
// Remove attributes
var attr = [];
var numAttributes = element.attributes.length - 1;
if (numAttributes > 0) {
for (var i = numAttributes; i >= 0 ; i--) {
element.removeAttribute(element.attributes[i].name);
attr.push(element.attributes[i].name);
}
attr.forEach(function(v) {
if (validProperty.indexOf(v) == -1) {
element.removeAttribute(v);
}
});
}
element.style = '';
// Add valid style
Expand Down
1 change: 1 addition & 0 deletions dist/jsuites.layout.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1588,6 +1588,7 @@ section.middle {

.jmenu a:hover, .jmenu a.selected {
text-decoration: underline;
font-weight: bold;
}

.jmenu .title {
Expand Down
81 changes: 46 additions & 35 deletions dist/jsuites.layout.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1701,7 +1701,7 @@ jSuites.menu = (function(el, options) {
menu[i].classList.remove('selected');
if (menu[i].getAttribute('data-id')) {
var state = localStorage.getItem('jmenu-' + menu[i].getAttribute('data-id'));
if (state === null || state == 1) {
if (state == 1) {
menu[i].classList.add('selected');
}
}
Expand All @@ -1716,48 +1716,59 @@ jSuites.menu = (function(el, options) {
}
}

obj.select = function(o) {
var menu = el.querySelectorAll('nav a');
for (var i = 0; i < menu.length; i++) {
menu[i].classList.remove('selected');
}
o.classList.add('selected');

// Better navigation
if (options && options.collapse == true) {
if (o.classList.contains('show')) {
menu = el.querySelectorAll('nav');
for (var i = 0; i < menu.length; i++) {
menu[i].style.display = '';
}
o.style.display = 'none';
} else {
menu = el.querySelectorAll('nav');
for (var i = 0; i < menu.length; i++) {
menu[i].style.display = 'none';
}
obj.select = function(o, e) {
if (o.tagName == 'NAV') {
var m = el.querySelectorAll('nav');
for (var i = 0; i < m.length; i++) {
m[i].style.display = 'none';
}
o.style.display = '';
o.classList.add('selected');
} else {
var m = el.querySelectorAll('nav a');
for (var i = 0; i < m.length; i++) {
m[i].classList.remove('selected');
}
o.classList.add('selected');

// Better navigation
if (options && options.collapse == true) {
if (o.classList.contains('show')) {
m = el.querySelectorAll('nav');
for (var i = 0; i < m.length; i++) {
m[i].style.display = '';
}
o.style.display = 'none';
} else {
m = el.querySelectorAll('nav');
for (var i = 0; i < m.length; i++) {
m[i].style.display = 'none';
}

menu = el.querySelector('.show');
if (menu) {
menu.style.display = 'block';
}
m = el.querySelector('.show');
if (m) {
m.style.display = 'block';
}

menu = jSuites.findElement(o.parentNode, 'selected');
if (menu) {
menu.style.display = '';
m = jSuites.findElement(o.parentNode, 'selected');
if (m) {
m.style.display = '';
}
}
}
}

if (options && typeof(options.onclick) == 'function') {
options.onclick(obj, e);
}

// Close menu if is oped
if (jSuites.getWindowWidth() < 800) {
setTimeout(function() {
obj.hide();
}, 0);
obj.hide();
}
}

var actionDown = function(e) {
var action = function(e) {
if (e.target.tagName == 'H2') {
if (e.target.parentNode.classList.contains('selected')) {
e.target.parentNode.classList.remove('selected');
Expand All @@ -1768,14 +1779,14 @@ jSuites.menu = (function(el, options) {
}
} else if (e.target.tagName == 'A') {
// Mark link as selected
obj.select(e.target);
obj.select(e.target, e);
}
}

if ('ontouchstart' in document.documentElement === true) {
el.addEventListener('touchstart', actionDown);
el.addEventListener('touchsend', action);
} else {
el.addEventListener('mousedown', actionDown);
el.addEventListener('mouseup', action);
}

// Add close action
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
"javascript plugins"
],
"main": "dist/jsuites.js",
"version": "4.9.10",
"version": "4.9.11",
"bugs": "https://github.com/jsuites/jsuites/issues",
"homepage": "https://github.com/jsuites/jsuites",
"docs": "https://jsuites.net",
Expand Down
24 changes: 19 additions & 5 deletions src/editor.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -452,6 +452,10 @@ jSuites.editor = (function(el, options) {
}

obj.addImage = function(src, asSnippet) {
if (! src) {
src = '';
}

if (src.substr(0,4) != 'data' && ! obj.options.remoteParser) {
console.error('remoteParser not defined in your initialization');
} else {
Expand Down Expand Up @@ -726,6 +730,9 @@ jSuites.editor = (function(el, options) {
// Elements to be removed
var remove = [HTMLUnknownElement,HTMLAudioElement,HTMLEmbedElement,HTMLIFrameElement,HTMLTextAreaElement,HTMLInputElement,HTMLScriptElement];

// Valid properties
var validProperty = ['width', 'height', 'align', 'border', 'src', 'tabindex'];

// Valid CSS attributes
var validStyle = ['color', 'font-weight', 'font-size', 'background', 'background-color', 'margin'];

Expand All @@ -750,20 +757,27 @@ jSuites.editor = (function(el, options) {
}
// Process image
if (element.tagName.toUpperCase() == 'IMG') {
if (! obj.options.acceptImages) {
if (! obj.options.acceptImages || ! element.src) {
element.parentNode.removeChild(element);
} else {
// Check if is data
element.setAttribute('tabindex', '900');
// Check attributes for persistance
obj.addImage(element.src);
}
} else {
// Remove attributes
var numAttributes = element.attributes.length - 1;
}
// Remove attributes
var attr = [];
var numAttributes = element.attributes.length - 1;
if (numAttributes > 0) {
for (var i = numAttributes; i >= 0 ; i--) {
element.removeAttribute(element.attributes[i].name);
attr.push(element.attributes[i].name);
}
attr.forEach(function(v) {
if (validProperty.indexOf(v) == -1) {
element.removeAttribute(v);
}
});
}
element.style = '';
// Add valid style
Expand Down

0 comments on commit d47a6f4

Please sign in to comment.