mirror of
https://github.com/Microsoft/vscode
synced 2024-10-30 08:37:37 +00:00
8f672cac62
This should help improve scroll sync and also reduce the number of times we go out to the network if images are in the preview
66 lines
2 KiB
TypeScript
66 lines
2 KiB
TypeScript
/*---------------------------------------------------------------------------------------------
|
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
* Licensed under the MIT License. See License.txt in the project root for license information.
|
|
*--------------------------------------------------------------------------------------------*/
|
|
|
|
import { MessagePoster } from './messaging';
|
|
import { SettingsManager } from './settings';
|
|
import { getStrings } from './strings';
|
|
|
|
/**
|
|
* Shows an alert when there is a content security policy violation.
|
|
*/
|
|
export class CspAlerter {
|
|
private didShow = false;
|
|
private didHaveCspWarning = false;
|
|
|
|
private messaging?: MessagePoster;
|
|
|
|
constructor(
|
|
private readonly settingsManager: SettingsManager,
|
|
) {
|
|
document.addEventListener('securitypolicyviolation', () => {
|
|
this.onCspWarning();
|
|
});
|
|
|
|
window.addEventListener('message', (event) => {
|
|
if (event && event.data && event.data.name === 'vscode-did-block-svg') {
|
|
this.onCspWarning();
|
|
}
|
|
});
|
|
}
|
|
|
|
public setPoster(poster: MessagePoster) {
|
|
this.messaging = poster;
|
|
if (this.didHaveCspWarning) {
|
|
this.showCspWarning();
|
|
}
|
|
}
|
|
|
|
private onCspWarning() {
|
|
this.didHaveCspWarning = true;
|
|
this.showCspWarning();
|
|
}
|
|
|
|
private showCspWarning() {
|
|
const strings = getStrings();
|
|
const settings = this.settingsManager.settings;
|
|
|
|
if (this.didShow || settings.disableSecurityWarnings || !this.messaging) {
|
|
return;
|
|
}
|
|
this.didShow = true;
|
|
|
|
const notification = document.createElement('a');
|
|
notification.innerText = strings.cspAlertMessageText;
|
|
notification.setAttribute('id', 'code-csp-warning');
|
|
notification.setAttribute('title', strings.cspAlertMessageTitle);
|
|
|
|
notification.setAttribute('role', 'button');
|
|
notification.setAttribute('aria-label', strings.cspAlertMessageLabel);
|
|
notification.onclick = () => {
|
|
this.messaging!.postMessage('showPreviewSecuritySelector', { source: settings.source });
|
|
};
|
|
document.body.appendChild(notification);
|
|
}
|
|
}
|