forked from Cloud-Player/web
-
Notifications
You must be signed in to change notification settings - Fork 0
/
default.ts
51 lines (45 loc) · 1.64 KB
/
default.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
/// <reference types="trusted-types" />
import {environment} from '../environments/environment';
export const TrustedTypesAvailable = typeof window.trustedTypes !== 'undefined';
// tslint:disable-next-line: trusted-types-no-create-policy
export const DefaultPolicy = TrustedTypesAvailable ? window.trustedTypes.createPolicy('default', {
createHTML(i) {
const ALLOWED_HTML = [
// jQuery does that.
`<textarea>x</textarea>`,
`<a href='' disabled='disabled'></a><select disabled='disabled'><option/></select>`,
`<a href='#'></a>`,
`<input/>`,
];
const ALLOWED_HTML_REGEXP: RegExp[] = [
// jQuery.
new RegExp(`^<a id='sizzle[0-9]+'></a><select id='sizzle[0-9]+-\\s*\\\\' msallowcapture=''><option selected=''></option></select>$`),
];
if (ALLOWED_HTML.includes(i)) {
return i;
}
if (ALLOWED_HTML_REGEXP.find((regexp) => regexp.test(i))) {
return i;
}
},
createScriptURL(i) { // script.src
const ALLOWED_SCRIPTS_REGEXP = [
// YT API loads that.
new RegExp(`^https://s\.ytimg\.com/yts/jsbin/www-widgetapi-[-a-zA-Z0-9]+/www-widgetapi\.js$`),
new RegExp(`^/assets/logo-layers/[^/]+\.svg`), // Loading svg assets via <object>,
];
if (ALLOWED_SCRIPTS_REGEXP.find((regexp) => regexp.test(i))) {
return i;
}
console.error('Please refactor, script URL: ' + i);
return i;
},
createScript(i) { // eval & friends
if (environment.production) {
return; // No eval in production, please.
}
if (i.match('jit_')) {
return i; // JIT compiler-generated code, only enabled in development.
}
},
}) : null;