mirror of
https://github.com/Microsoft/vscode
synced 2024-11-05 18:29:38 +00:00
474d4951d8
* Switch to dompurify for sanitizing markdown content Switches us from using `insane` to instead use `dompurify`, which seems to be better maintained and also has some nice features, such as built-in trusted types support I've tried to port over our existing sanitizer settings as best as possible, but there's not always a 1:1 mapping between how insane works and how dompurify does. I'd like to get this change in early in the iteration to catch potential regressions * Remove logging and renaming param * Move dompurify to browser layer * Fixing tests and how we check valid attributes * Allow innerhtml in specific files * Use isEqualNode instead of checking innerHTML directly innerHTML can return different results on different browsers. Use `isEqualNode` instead * Reapply fix for trusted types * Enable ALLOW_UNKNOWN_PROTOCOLS I beleive this is required since we allow links to commands and loading images over remote * in -> of * Fix check of protocol * Enable two more safe tags
158 lines
4.3 KiB
JavaScript
158 lines
4.3 KiB
JavaScript
/*---------------------------------------------------------------------------------------------
|
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
* Licensed under the MIT License. See License.txt in the project root for license information.
|
|
*--------------------------------------------------------------------------------------------*/
|
|
|
|
/**
|
|
* Hygiene works by creating cascading subsets of all our files and
|
|
* passing them through a sequence of checks. Here are the current subsets,
|
|
* named according to the checks performed on them. Each subset contains
|
|
* the following one, as described in mathematical notation:
|
|
*
|
|
* all ⊃ eol ⊇ indentation ⊃ copyright ⊃ typescript
|
|
*/
|
|
|
|
module.exports.all = [
|
|
'*',
|
|
'build/**/*',
|
|
'extensions/**/*',
|
|
'scripts/**/*',
|
|
'src/**/*',
|
|
'test/**/*',
|
|
'!out*/**',
|
|
'!test/**/out/**',
|
|
'!**/node_modules/**',
|
|
];
|
|
|
|
module.exports.indentationFilter = [
|
|
'**',
|
|
|
|
// except specific files
|
|
'!**/ThirdPartyNotices.txt',
|
|
'!**/LICENSE.{txt,rtf}',
|
|
'!LICENSES.chromium.html',
|
|
'!**/LICENSE',
|
|
'!src/vs/nls.js',
|
|
'!src/vs/nls.build.js',
|
|
'!src/vs/css.js',
|
|
'!src/vs/css.build.js',
|
|
'!src/vs/loader.js',
|
|
'!src/vs/base/browser/dompurify/*',
|
|
'!src/vs/base/common/marked/marked.js',
|
|
'!src/vs/base/common/semver/semver.js',
|
|
'!src/vs/base/node/terminateProcess.sh',
|
|
'!src/vs/base/node/cpuUsage.sh',
|
|
'!test/unit/assert.js',
|
|
'!resources/linux/snap/electron-launch',
|
|
'!build/ext.js',
|
|
|
|
// except specific folders
|
|
'!test/automation/out/**',
|
|
'!test/monaco/out/**',
|
|
'!test/smoke/out/**',
|
|
'!extensions/typescript-language-features/test-workspace/**',
|
|
'!extensions/markdown-math/notebook-out/**',
|
|
'!extensions/vscode-api-tests/testWorkspace/**',
|
|
'!extensions/vscode-api-tests/testWorkspace2/**',
|
|
'!extensions/vscode-custom-editor-tests/test-workspace/**',
|
|
'!build/monaco/**',
|
|
'!build/win32/**',
|
|
|
|
// except multiple specific files
|
|
'!**/package.json',
|
|
'!**/yarn.lock',
|
|
'!**/yarn-error.log',
|
|
|
|
// except multiple specific folders
|
|
'!**/codicon/**',
|
|
'!**/fixtures/**',
|
|
'!**/lib/**',
|
|
'!extensions/**/dist/**',
|
|
'!extensions/**/out/**',
|
|
'!extensions/**/snippets/**',
|
|
'!extensions/**/syntaxes/**',
|
|
'!extensions/**/themes/**',
|
|
'!extensions/**/colorize-fixtures/**',
|
|
|
|
// except specific file types
|
|
'!src/vs/*/**/*.d.ts',
|
|
'!src/typings/**/*.d.ts',
|
|
'!extensions/**/*.d.ts',
|
|
'!**/*.{svg,exe,png,bmp,jpg,scpt,bat,cmd,cur,ttf,woff,eot,md,ps1,template,yaml,yml,d.ts.recipe,ico,icns,plist}',
|
|
'!build/{lib,download,linux,darwin}/**/*.js',
|
|
'!build/**/*.sh',
|
|
'!build/azure-pipelines/**/*.js',
|
|
'!build/azure-pipelines/**/*.config',
|
|
'!**/Dockerfile',
|
|
'!**/Dockerfile.*',
|
|
'!**/*.Dockerfile',
|
|
'!**/*.dockerfile',
|
|
'!extensions/markdown-language-features/media/*.js',
|
|
'!extensions/markdown-language-features/notebook-out/*.js',
|
|
'!extensions/markdown-math/notebook-out/*.js',
|
|
'!extensions/simple-browser/media/*.js',
|
|
];
|
|
|
|
module.exports.copyrightFilter = [
|
|
'**',
|
|
'!**/*.desktop',
|
|
'!**/*.json',
|
|
'!**/*.html',
|
|
'!**/*.template',
|
|
'!**/*.md',
|
|
'!**/*.bat',
|
|
'!**/*.cmd',
|
|
'!**/*.ico',
|
|
'!**/*.icns',
|
|
'!**/*.xml',
|
|
'!**/*.sh',
|
|
'!**/*.txt',
|
|
'!**/*.xpm',
|
|
'!**/*.opts',
|
|
'!**/*.disabled',
|
|
'!**/*.code-workspace',
|
|
'!**/*.js.map',
|
|
'!build/**/*.init',
|
|
'!build/linux/libcxx-fetcher.*',
|
|
'!resources/linux/snap/snapcraft.yaml',
|
|
'!resources/win32/bin/code.js',
|
|
'!resources/web/code-web.js',
|
|
'!resources/completions/**',
|
|
'!extensions/configuration-editing/build/inline-allOf.ts',
|
|
'!extensions/markdown-language-features/media/highlight.css',
|
|
'!extensions/markdown-math/notebook-out/**',
|
|
'!extensions/html-language-features/server/src/modes/typescript/*',
|
|
'!extensions/*/server/bin/*',
|
|
'!src/vs/editor/test/node/classification/typescript-test.ts',
|
|
];
|
|
|
|
module.exports.jsHygieneFilter = [
|
|
'src/**/*.js',
|
|
'build/gulpfile.*.js',
|
|
'!src/vs/loader.js',
|
|
'!src/vs/css.js',
|
|
'!src/vs/nls.js',
|
|
'!src/vs/css.build.js',
|
|
'!src/vs/nls.build.js',
|
|
'!src/**/dompurify.js',
|
|
'!src/**/marked.js',
|
|
'!src/**/semver.js',
|
|
'!**/test/**',
|
|
];
|
|
|
|
module.exports.tsHygieneFilter = [
|
|
'src/**/*.ts',
|
|
'test/**/*.ts',
|
|
'extensions/**/*.ts',
|
|
'!src/vs/*/**/*.d.ts',
|
|
'!src/typings/**/*.d.ts',
|
|
'!extensions/**/*.d.ts',
|
|
'!**/fixtures/**',
|
|
'!**/typings/**',
|
|
'!**/node_modules/**',
|
|
'!extensions/**/colorize-fixtures/**',
|
|
'!extensions/vscode-api-tests/testWorkspace/**',
|
|
'!extensions/vscode-api-tests/testWorkspace2/**',
|
|
'!extensions/**/*.test.ts',
|
|
'!extensions/html-language-features/server/lib/jquery.d.ts',
|
|
];
|