Bump. I’m stuck on this issue. I need to understand how the GCL library works for me to finish the sanitize functions.
Thanks, Harbs > On Dec 13, 2021, at 2:50 PM, Harbs <harbs.li...@gmail.com> wrote: > > I created a page about swcs: > https://apache.github.io/royale-docs/libraries/library-basics > <https://apache.github.io/royale-docs/libraries/library-basics> > > I added a paragraph about the GCL swc, but I’m really not very clear on how > it works... > >> On Dec 12, 2021, at 5:46 PM, Harbs <harbs.li...@gmail.com >> <mailto:harbs.li...@gmail.com>> wrote: >> >> I spent some more time on this, but I’m not sure how to get the compiler to >> realize that we need the goog files. >> >> For Event we have this: >> >> goog.addDependency('../../../org/apache/royale/events/Event.js', >> ['org.apache.royale.events.Event'], ['goog.events.Event', >> 'org.apache.royale.events.IRoyaleEvent']); >> >> But Royale Event subclasses goog.events.Event. >> >> How do I tell the compiler that org.apache.royale.utils.string.sanitizeUrl >> requires goog.html.SafeUrl ? >> >> The same for org.apache.royale.utils.string.sanitizeHtml with >> goog.html.sanitizer.HtmlSanitizer and goog.html.SafeHtml. >> >> Alex? Josh? Greg? >> >> Thanks, >> Harbs >> >>> On Dec 12, 2021, at 2:13 AM, Harbs <harbs.li...@gmail.com >>> <mailto:harbs.li...@gmail.com>> wrote: >>> >>> I added code for sanitizing, but it’s not working because the goog.html >>> files are not being copied. I don’t know what needs to be done to make that >>> happen. >>> >>> Harbs >>> >>>> On Dec 12, 2021, at 2:12 AM, ha...@apache.org <mailto:ha...@apache.org> >>>> wrote: >>>> >>>> This is an automated email from the ASF dual-hosted git repository. >>>> >>>> harbs pushed a commit to branch feature/sanitize >>>> in repository https://gitbox.apache.org/repos/asf/royale-asjs.git >>>> <https://gitbox.apache.org/repos/asf/royale-asjs.git> >>>> >>>> commit 1b12594c60420d3503f9e366f314c9d875e16ddb >>>> Author: Harbs <ha...@in-tools.com <mailto:ha...@in-tools.com>> >>>> AuthorDate: Sun Dec 12 02:12:05 2021 +0200 >>>> >>>> Added sanitizeUrl and sanitizeHtml >>>> --- >>>> .../projects/Core/src/main/royale/CoreClasses.as | 2 + >>>> .../org/apache/royale/utils/string/sanitizeHtml.as | 38 ++++++++++++++ >>>> .../org/apache/royale/utils/string/sanitizeUrl.as | 36 +++++++++++++ >>>> .../src/test/royale/flexUnitTests/CoreTester.as | 1 + >>>> .../{CoreTester.as => SanitizeTest.as} | 59 >>>> ++++++++++++++-------- >>>> 5 files changed, 115 insertions(+), 21 deletions(-) >>>> >>>> diff --git a/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>> b/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>> index 21593fd..dd088eb 100644 >>>> --- a/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>> +++ b/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>> @@ -342,6 +342,8 @@ internal class CoreClasses >>>> import org.apache.royale.utils.string.trimRight; trimRight; >>>> import org.apache.royale.utils.string.trimLeft; trimLeft; >>>> import org.apache.royale.utils.string.cacheBust; cacheBust; >>>> + import org.apache.royale.utils.string.sanitizeHtml; sanitizeHtml; >>>> + import org.apache.royale.utils.string.sanitizeUrl; sanitizeUrl; >>>> >>>> import org.apache.royale.utils.date.addDays; addDays; >>>> import org.apache.royale.utils.date.addHours; addHours; >>>> diff --git >>>> a/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as >>>> >>>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as >>>> new file mode 100644 >>>> index 0000000..360ef63 >>>> --- /dev/null >>>> +++ >>>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as >>>> @@ -0,0 +1,38 @@ >>>> +//////////////////////////////////////////////////////////////////////////////// >>>> +// >>>> +// Licensed to the Apache Software Foundation (ASF) under one or more >>>> +// contributor license agreements. See the NOTICE file distributed with >>>> +// this work for additional information regarding copyright ownership. >>>> +// The ASF licenses this file to You under the Apache License, Version >>>> 2.0 >>>> +// (the "License"); you may not use this file except in compliance with >>>> +// the License. You may obtain a copy of the License at >>>> +// >>>> +// http://www.apache.org/licenses/LICENSE-2.0 >>>> <http://www.apache.org/licenses/LICENSE-2.0> >>>> +// >>>> +// Unless required by applicable law or agreed to in writing, software >>>> +// distributed under the License is distributed on an "AS IS" BASIS, >>>> +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >>>> implied. >>>> +// See the License for the specific language governing permissions and >>>> +// limitations under the License. >>>> +// >>>> +//////////////////////////////////////////////////////////////////////////////// >>>> +package org.apache.royale.utils.string >>>> +{ >>>> + COMPILE::JS{ >>>> + import goog.html.sanitizer.HtmlSanitizer; >>>> + import goog.html.SafeHtml; >>>> + } >>>> + >>>> + public function sanitizeHtml(html:String):String >>>> + { >>>> + COMPILE::JS >>>> + { >>>> + return SafeHtml.unwrap(HtmlSanitizer.sanitize(html)); >>>> + } >>>> + //TODO sanitize in swf >>>> + COMPILE::SWF >>>> + { >>>> + return html; >>>> + } >>>> + } >>>> +} >>>> \ No newline at end of file >>>> diff --git >>>> a/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as >>>> >>>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as >>>> new file mode 100644 >>>> index 0000000..cd4151d >>>> --- /dev/null >>>> +++ >>>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as >>>> @@ -0,0 +1,36 @@ >>>> +//////////////////////////////////////////////////////////////////////////////// >>>> +// >>>> +// Licensed to the Apache Software Foundation (ASF) under one or more >>>> +// contributor license agreements. See the NOTICE file distributed with >>>> +// this work for additional information regarding copyright ownership. >>>> +// The ASF licenses this file to You under the Apache License, Version >>>> 2.0 >>>> +// (the "License"); you may not use this file except in compliance with >>>> +// the License. You may obtain a copy of the License at >>>> +// >>>> +// http://www.apache.org/licenses/LICENSE-2.0 >>>> <http://www.apache.org/licenses/LICENSE-2.0> >>>> +// >>>> +// Unless required by applicable law or agreed to in writing, software >>>> +// distributed under the License is distributed on an "AS IS" BASIS, >>>> +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >>>> implied. >>>> +// See the License for the specific language governing permissions and >>>> +// limitations under the License. >>>> +// >>>> +//////////////////////////////////////////////////////////////////////////////// >>>> +package org.apache.royale.utils.string >>>> +{ >>>> + COMPILE::JS{ >>>> + import goog.html.SafeUrl; >>>> + import goog.html.SafeUrl; >>>> + } >>>> + public function sanitizeUrl(url:String):String >>>> + { >>>> + COMPILE::JS{ >>>> + return SafeUrl.unwrap(SafeUrl.sanitize(url)); >>>> + } >>>> + >>>> + //TODO sanitize in swf >>>> + COMPILE::SWF{ >>>> + return url; >>>> + } >>>> + } >>>> +} >>>> \ No newline at end of file >>>> diff --git >>>> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> index c8adc02..9441daf 100644 >>>> --- a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> +++ b/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> @@ -42,5 +42,6 @@ package flexUnitTests >>>> public var keyConverterTest:KeyConverterTest; >>>> public var keyboardEventConverterTest:KeyboardEventConverterTest; >>>> public var stringUtilsTest:StringUtilsTest; >>>> + public var sanitizerTest:SanitizeTest; >>>> } >>>> } >>>> diff --git >>>> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as >>>> similarity index 50% >>>> copy from >>>> frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> copy to >>>> frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as >>>> index c8adc02..7173f52 100644 >>>> --- a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>> +++ >>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as >>>> @@ -18,29 +18,46 @@ >>>> //////////////////////////////////////////////////////////////////////////////// >>>> package flexUnitTests >>>> { >>>> - import flexUnitTests.language.* >>>> + import org.apache.royale.utils.string.*; >>>> + import org.apache.royale.test.asserts.*; >>>> >>>> - [Suite] >>>> - [RunWith("org.apache.royale.test.runners.SuiteRunner")] >>>> - public class CoreTester >>>> - { >>>> + public class SanitizeTest >>>> + { >>>> + [Before] >>>> + public function setUp():void >>>> + { >>>> + } >>>> >>>> - //language tests >>>> - public var languageTestIs:LanguageTesterTestIs; >>>> - public var languageTestIntUint:LanguageTesterIntUint; >>>> - public var languageTestVector:LanguageTesterTestVector; >>>> - public var languageTestClass:LanguageTesterTestClass; >>>> - public var >>>> languageTestLoopVariants:LanguageTesterTestLoopVariants; >>>> - public var languageTestArraySort:LanguageTesterArraySort; >>>> - public var languageTesttryCatch:LanguageTesterTestTryCatch; >>>> + [After] >>>> + public function tearDown():void >>>> + { >>>> + } >>>> >>>> - //core tests >>>> - public var strandTesterTest:StrandTesterTest; >>>> - public var binaryDataTesterTest:BinaryDataTesterTest; >>>> - public var arrayUtilsTest:ArrayUtilsTest; >>>> - public var dateUtilsTest:DateUtilsTest; >>>> - public var keyConverterTest:KeyConverterTest; >>>> - public var keyboardEventConverterTest:KeyboardEventConverterTest; >>>> - public var stringUtilsTest:StringUtilsTest; >>>> + [BeforeClass] >>>> + public static function setUpBeforeClass():void >>>> + { >>>> + } >>>> + >>>> + [AfterClass] >>>> + public static function tearDownAfterClass():void >>>> + { >>>> + } >>>> + >>>> + [Test] >>>> + public function testHTML():void >>>> + { >>>> + var safeHtml:String = 'Hello <em>World</em>'; >>>> + assertEquals(safeHtml, sanitizeHtml(safeHtml)); >>>> + } >>>> + >>>> + [Test] >>>> + public function testUrl():void >>>> + { >>>> + var safeUrl:String = "https://foobaz.com >>>> <https://foobaz.com/>" >>>> + assertEquals(safeUrl, sanitizeUrl(safeUrl)); >>>> + } >>>> + >>>> + >>>> + >>>> } >>>> } >>> >> >
