wikimedia/mediawiki-extensions-MultimediaViewer
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/MultimediaViewer synced 2024-11-24 00:03:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename whitelist to allowlist

Browse source 
Bug: T277952
Change-Id: I67ce70df18d9f9c86579cedcb63aa63685156b09
This commit is contained in:
Simon Legner 2024-06-26 21:04:57 +02:00 committed by Simon04
parent 2a8b140ed3
commit c872e64988
4 changed files with 28 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
resources/mmv.bootstrap/mmv.HtmlUtils.js
View file

@ -97,14 +97,14 @@ class HtmlUtils {
} }
/** /**
* Discards all nodes which do not match the whitelist, * Discards all nodes which do not match the allowlist,
* but keeps the text and whitelisted nodes inside them. * but keeps the text and allowlisted nodes inside them.
* Works in-place. * Works in-place.
* *
* @param {jQuery} $el * @param {jQuery} $el
* @param {string} whitelist a jQuery selector string such as 'a, span, br' * @param {string} allowlist a jQuery selector string such as 'a, span, br'
*/ */
static whitelistHtml( $el, whitelist ) { static allowlistHtml( $el, allowlist ) {
let $prev; let $prev;
let $child = $el.children().first(); let $child = $el.children().first();
@ -115,9 +115,9 @@ class HtmlUtils {
return; return;
} }
HtmlUtils.whitelistHtml( $child, whitelist ); HtmlUtils.allowlistHtml( $child, allowlist );
if ( !$child.is( whitelist ) ) { if ( !$child.is( allowlist ) ) {
$prev = $child.prev(); $prev = $child.prev();
$child.replaceWith( $child.contents() ); $child.replaceWith( $child.contents() );
} else { } else {
@ -217,7 +217,7 @@ class HtmlUtils {
const $html = HtmlUtils.wrapAndJquerify( html ); const $html = HtmlUtils.wrapAndJquerify( html );
HtmlUtils.filterInvisible( $html ); HtmlUtils.filterInvisible( $html );
HtmlUtils.appendWhitespaceToBlockElements( $html ); HtmlUtils.appendWhitespaceToBlockElements( $html );
HtmlUtils.whitelistHtml( $html, 'a, span, i, b, sup, sub, s' ); HtmlUtils.allowlistHtml( $html, 'a, span, i, b, sup, sub, s' );
cache.textWithTags[ html ] = HtmlUtils.mergeWhitespace( $html.html() ); cache.textWithTags[ html ] = HtmlUtils.mergeWhitespace( $html.html() );
} }
return cache.textWithTags[ html ]; return cache.textWithTags[ html ];
@ -235,7 +235,7 @@ class HtmlUtils {
const $html = HtmlUtils.wrapAndJquerify( html ); const $html = HtmlUtils.wrapAndJquerify( html );
HtmlUtils.filterInvisible( $html ); HtmlUtils.filterInvisible( $html );
HtmlUtils.appendWhitespaceToBlockElements( $html ); HtmlUtils.appendWhitespaceToBlockElements( $html );
HtmlUtils.whitelistHtml( $html, 'a, span' ); HtmlUtils.allowlistHtml( $html, 'a, span' );
cache.textWithLinks[ html ] = HtmlUtils.mergeWhitespace( $html.html() ); cache.textWithLinks[ html ] = HtmlUtils.mergeWhitespace( $html.html() );
} }
return cache.textWithLinks[ html ]; return cache.textWithLinks[ html ];

2
resources/mmv.ui.reuse/mmv.EmbedFileFormatter.js
View file

@ -58,7 +58,7 @@ class EmbedFileFormatter {
* @param {string} [author] author name (can contain HTML) * @param {string} [author] author name (can contain HTML)
* @param {string} [source] source name (can contain HTML) * @param {string} [source] source name (can contain HTML)
* @param {string} [attribution] custom attribution line (can contain HTML) * @param {string} [attribution] custom attribution line (can contain HTML)
* @param {Function} [formatterFunction] Format function for the text - defaults to whitelisting HTML links, but all else sanitized. * @param {Function} [formatterFunction] Format function for the text - defaults to allowlisting HTML links, but all else sanitized.
* @return {string} Byline (can contain HTML) * @return {string} Byline (can contain HTML)
*/ */
getByline( author, source, attribution, formatterFunction ) { getByline( author, source, attribution, formatterFunction ) {

2
resources/mmv/ui/mmv.ui.canvas.less
View file

@ -53,7 +53,7 @@
/* stylelint-disable-next-line plugin/no-unsupported-browser-features */ /* stylelint-disable-next-line plugin/no-unsupported-browser-features */
cursor: zoom-in; cursor: zoom-in;
/* Whitelist file types that are potentially transparent. /* Allowlist file types that are potentially transparent.
We don't set it for other file types because Media Viewer plugins We don't set it for other file types because Media Viewer plugins
can find that undesirable (eg. 3d) */ can find that undesirable (eg. 3d) */
&.gif, &.gif,

36
tests/qunit/mmv/mmv.HtmlUtils.test.js
View file

@ -91,27 +91,27 @@ const { HtmlUtils } = require( 'mmv.bootstrap' );
assert.strictEqual( $invisibleChildWithVisibleSiblings.has( 'b' ).length, 1, '...but its visible siblings are not' ); assert.strictEqual( $invisibleChildWithVisibleSiblings.has( 'b' ).length, 1, '...but its visible siblings are not' );
} ); } );
QUnit.test( 'whitelistHtml()', ( assert ) => { QUnit.test( 'allowlistHtml()', ( assert ) => {
const $whitelisted = $( '<div>abc<a>def</a>ghi</div>' ); const $allowlisted = $( '<div>abc<a>def</a>ghi</div>' );
const $nonWhitelisted = $( '<div>abc<span>def</span>ghi</div>' ); const $nonAllowlisted = $( '<div>abc<span>def</span>ghi</div>' );
const $nonWhitelistedInWhitelisted = $( '<div>abc<a>d<span>e</span>f</a>ghi</div>' ); const $nonAllowlistedInAllowlisted = $( '<div>abc<a>d<span>e</span>f</a>ghi</div>' );
const $whitelistedInNonWhitelisted = $( '<div>abc<span>d<a>e</a>f</span>ghi</div>' ); const $allowlistedInNonAllowlisted = $( '<div>abc<span>d<a>e</a>f</span>ghi</div>' );
const $siblings = $( '<div>ab<span>c</span>d<a>e</a>f<span>g</span>hi</div>' ); const $siblings = $( '<div>ab<span>c</span>d<a>e</a>f<span>g</span>hi</div>' );
HtmlUtils.whitelistHtml( $whitelisted, 'a' ); HtmlUtils.allowlistHtml( $allowlisted, 'a' );
HtmlUtils.whitelistHtml( $nonWhitelisted, 'a' ); HtmlUtils.allowlistHtml( $nonAllowlisted, 'a' );
HtmlUtils.whitelistHtml( $nonWhitelistedInWhitelisted, 'a' ); HtmlUtils.allowlistHtml( $nonAllowlistedInAllowlisted, 'a' );
HtmlUtils.whitelistHtml( $whitelistedInNonWhitelisted, 'a' ); HtmlUtils.allowlistHtml( $allowlistedInNonAllowlisted, 'a' );
HtmlUtils.whitelistHtml( $siblings, 'a' ); HtmlUtils.allowlistHtml( $siblings, 'a' );
assert.strictEqual( $whitelisted.has( 'a' ).length, 1, 'Whitelisted elements are kept.' ); assert.strictEqual( $allowlisted.has( 'a' ).length, 1, 'Allowlisted elements are kept.' );
assert.strictEqual( $nonWhitelisted.has( 'span' ).length, 0, 'Non-whitelisted elements are removed.' ); assert.strictEqual( $nonAllowlisted.has( 'span' ).length, 0, 'Non-allowlisted elements are removed.' );
assert.strictEqual( $nonWhitelistedInWhitelisted.has( 'a' ).length, 1, 'Whitelisted parents are kept.' ); assert.strictEqual( $nonAllowlistedInAllowlisted.has( 'a' ).length, 1, 'Allowlisted parents are kept.' );
assert.strictEqual( $nonWhitelistedInWhitelisted.has( 'span' ).length, 0, 'Non-whitelisted children are removed.' ); assert.strictEqual( $nonAllowlistedInAllowlisted.has( 'span' ).length, 0, 'Non-allowlisted children are removed.' );
assert.strictEqual( $whitelistedInNonWhitelisted.has( 'span' ).length, 0, 'Non-whitelisted parents are removed.' ); assert.strictEqual( $allowlistedInNonAllowlisted.has( 'span' ).length, 0, 'Non-allowlisted parents are removed.' );
assert.strictEqual( $whitelistedInNonWhitelisted.has( 'a' ).length, 1, 'Whitelisted children are kept.' ); assert.strictEqual( $allowlistedInNonAllowlisted.has( 'a' ).length, 1, 'Allowlisted children are kept.' );
assert.strictEqual( $siblings.has( 'span' ).length, 0, 'Non-whitelisted siblings are removed.' ); assert.strictEqual( $siblings.has( 'span' ).length, 0, 'Non-allowlisted siblings are removed.' );
assert.strictEqual( $siblings.has( 'a' ).length, 1, 'Whitelisted siblings are kept.' ); assert.strictEqual( $siblings.has( 'a' ).length, 1, 'Allowlisted siblings are kept.' );
} ); } );
QUnit.test( 'appendWhitespaceToBlockElements()', ( assert ) => { QUnit.test( 'appendWhitespaceToBlockElements()', ( assert ) => {