diff options
Diffstat (limited to 'vendor/github.com/google/safehtml/script.go')
| -rw-r--r-- | vendor/github.com/google/safehtml/script.go | 90 |
1 files changed, 0 insertions, 90 deletions
diff --git a/vendor/github.com/google/safehtml/script.go b/vendor/github.com/google/safehtml/script.go deleted file mode 100644 index c9e0fd298..000000000 --- a/vendor/github.com/google/safehtml/script.go +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright (c) 2017 The Go Authors. All rights reserved. -// -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file or at -// https://developers.google.com/open-source/licenses/bsd - -package safehtml - -import ( - "encoding/json" - "fmt" - "regexp" -) - -// A Script is an immutable string-like type which represents JavaScript -// code and guarantees that its value, as a string, will not cause execution -// of unconstrained attacker controlled code (cross-site scripting) when -// evaluated as JavaScript in a browser. -// -// Script's string representation can safely be interpolated as the -// content of a script element within HTML, and can safely be passed to DOM -// properties and functions which expect JavaScript. In these cases, the Script -// string should not be escaped. Script's string representation can also be safely -// used as the value for on* attribute handlers in HTML, though the Script string -// must be escaped before such use. -// -// Note that the Script might contain text that is attacker-controlled but -// that text should have been interpolated with appropriate escaping, -// sanitization and/or validation into the right location in the script, such -// that it is highly constrained in its effect (for example, it had to match a -// set of allowed words). -// -// In order to ensure that an attacker cannot influence the Script -// value, a Script can only be instantiated from compile-time -// constant string literals or security-reviewed unchecked conversions, -// but never from arbitrary string values potentially representing untrusted -// user input. -type Script struct { - // We declare a Script not as a string but as a struct wrapping a string - // to prevent construction of Script values through string conversion. - str string -} - -// ScriptFromConstant constructs a Script with its underlying script set -// to the given script, which must be an untyped string constant. -// -// No runtime validation or sanitization is performed on script; being under -// application control, it is simply assumed to comply with the Script -// contract. -func ScriptFromConstant(script stringConstant) Script { - return Script{string(script)} -} - -// ScriptFromDataAndConstant constructs a Script of the form -// -// var name = data; script -// -// where name is the supplied variable name, data is the supplied data value -// encoded as JSON using encoding/json.Marshal, and script is the supplied -// JavaScript statement or sequence of statements. The supplied name and script -// must both be untyped string constants. It returns an error if name is not a -// valid Javascript identifier or JSON encoding fails. -// -// No runtime validation or sanitization is performed on script; being under -// application control, it is simply assumed to comply with the Script -// contract. -func ScriptFromDataAndConstant(name stringConstant, data interface{}, script stringConstant) (Script, error) { - if !jsIdentifierPattern.MatchString(string(name)) { - return Script{}, fmt.Errorf("variable name %q is an invalid Javascript identifier", string(name)) - } - json, err := json.Marshal(data) - if err != nil { - return Script{}, err - } - return Script{fmt.Sprintf("var %s = %s;\n%s", name, json, string(script))}, nil -} - -// jsIdentifierPattern matches strings that are valid Javascript identifiers. -// -// This pattern accepts only a subset of valid identifiers defined in -// https://tc39.github.io/ecma262/#sec-names-and-keywords. In particular, -// it does not match identifiers that contain non-ASCII letters, Unicode -// escape sequences, and the Unicode format-control characters -// \u200C (zero-width non-joiner) and \u200D (zero-width joiner). -var jsIdentifierPattern = regexp.MustCompile(`^[$_a-zA-Z][$_a-zA-Z0-9]+$`) - -// String returns the string form of the Script. -func (s Script) String() string { - return s.str -} |