Skip to content

Commit 133d95e

Browse files
jriekenjrieken
committed
adopt new amd loader with support for TrustedScriptURL, add typings for TrustedTypesFactory et al, microsoft#106396 
1 parent c2da750 commit 133d95e

6 files changed

Lines changed: 87 additions & 2 deletions

File tree

src/typings/trustedTypes.d.ts

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
/*---------------------------------------------------------------------------------------------
2+
* Copyright (c) Microsoft Corporation. All rights reserved.
3+
* Licensed under the MIT License. See License.txt in the project root for license information.
4+
*--------------------------------------------------------------------------------------------*/
5+
6+
// see https://w3c.github.io/webappsec-trusted-types/dist/spec/
7+
// this isn't complete nor 100% correct
8+
9+
type TrustedHTML = string & object;
10+
type TrustedScript = string;
11+
type TrustedScriptURL = string;
12+
13+
interface TrustedTypePolicyOptions {
14+
createHTML?: (value: string) => string
15+
createScript?: (value: string) => string
16+
createScriptURL?: (value: string) => string
17+
}
18+
19+
interface TrustedTypePolicy {
20+
readonly name: string;
21+
createHTML(input: string, ...more: any[]): TrustedHTML
22+
createScript(input: string, ...more: any[]): TrustedScript
23+
createScriptURL(input: string, ...more: any[]): TrustedScriptURL
24+
}
25+
26+
interface TrustedTypePolicyFactory {
27+
createPolicy(policyName: string, object: TrustedTypePolicyOptions): TrustedTypePolicy;
28+
}
29+
30+
interface Window {
31+
trustedTypes: TrustedTypePolicyFactory | undefined;
32+
}
33+
34+
interface WorkerGlobalScope {
35+
trustedTypes: TrustedTypePolicyFactory | undefined;
36+
}

src/vs/base/worker/workerMain.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,8 @@
1414

1515
require.config({
1616
baseUrl: monacoBaseUrl,
17-
catchError: true
17+
catchError: true,
18+
createTrustedScriptURL: (value: string) => value,
1819
});
1920

2021
let loadCode = function (moduleId: string) {

src/vs/code/browser/workbench/workbench-dev.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
self.require = {
3434
baseUrl: `${window.location.origin}/static/out`,
3535
recordStats: true,
36+
createTrustedScriptURL: value => value,
3637
paths: {
3738
'vscode-textmate': `${window.location.origin}/static/remote/web/node_modules/vscode-textmate/release/main`,
3839
'vscode-oniguruma': `${window.location.origin}/static/remote/web/node_modules/vscode-oniguruma/release/main`,

src/vs/code/browser/workbench/workbench.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
self.require = {
3232
baseUrl: `${window.location.origin}/static/out`,
3333
recordStats: true,
34+
createTrustedScriptURL: value => value,
3435
paths: {
3536
'vscode-textmate': `${window.location.origin}/static/node_modules/vscode-textmate/release/main`,
3637
'vscode-oniguruma': `${window.location.origin}/static/node_modules/vscode-oniguruma/release/main`,

src/vs/loader.js

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -618,8 +618,37 @@ var AMDLoader;
618618
};
619619
return OnlyOnceScriptLoader;
620620
}());
621+
var trustedTypesPolyfill = new /** @class */(function () {
622+
function class_1() {
623+
}
624+
class_1.prototype.installIfNeeded = function () {
625+
if (typeof globalThis.trustedTypes !== 'undefined') {
626+
return; // already defined
627+
}
628+
var _defaultRules = {
629+
createHTML: function () { throw new Error('Policy\'s TrustedTypePolicyOptions did not specify a \'createHTML\' member'); },
630+
createScript: function () { throw new Error('Policy\'s TrustedTypePolicyOptions did not specify a \'createScript\' member'); },
631+
createScriptURL: function () { throw new Error('Policy\'s TrustedTypePolicyOptions did not specify a \'createScriptURL\' member'); },
632+
};
633+
globalThis.trustedTypes = {
634+
createPolicy: function (name, rules) {
635+
var _a, _b, _c;
636+
return {
637+
name: name,
638+
createHTML: (_a = rules.createHTML) !== null && _a !== void 0 ? _a : _defaultRules.createHTML,
639+
createScript: (_b = rules.createScript) !== null && _b !== void 0 ? _b : _defaultRules.createScript,
640+
createScriptURL: (_c = rules.createScriptURL) !== null && _c !== void 0 ? _c : _defaultRules.createScriptURL,
641+
};
642+
}
643+
};
644+
};
645+
return class_1;
646+
}());
647+
//#endregion
621648
var BrowserScriptLoader = /** @class */ (function () {
622649
function BrowserScriptLoader() {
650+
// polyfill trustedTypes-support if missing
651+
trustedTypesPolyfill.installIfNeeded();
623652
}
624653
/**
625654
* Attach load / error listeners to a script element and remove them when either one has fired.
@@ -662,6 +691,13 @@ var AMDLoader;
662691
script.setAttribute('async', 'async');
663692
script.setAttribute('type', 'text/javascript');
664693
this.attachListeners(script, callback, errorback);
694+
var createTrustedScriptURL = moduleManager.getConfig().getOptionsLiteral().createTrustedScriptURL;
695+
if (createTrustedScriptURL) {
696+
if (!this.scriptSourceURLPolicy) {
697+
this.scriptSourceURLPolicy = trustedTypes.createPolicy('amdLoader', { createScriptURL: createTrustedScriptURL });
698+
}
699+
scriptSrc = this.scriptSourceURLPolicy.createScriptURL(scriptSrc);
700+
}
665701
script.setAttribute('src', scriptSrc);
666702
// Propagate CSP nonce to dynamically created script tag.
667703
var cspNonce = moduleManager.getConfig().getOptionsLiteral().cspNonce;
@@ -675,8 +711,17 @@ var AMDLoader;
675711
}());
676712
var WorkerScriptLoader = /** @class */ (function () {
677713
function WorkerScriptLoader() {
714+
// polyfill trustedTypes-support if missing
715+
trustedTypesPolyfill.installIfNeeded();
678716
}
679717
WorkerScriptLoader.prototype.load = function (moduleManager, scriptSrc, callback, errorback) {
718+
var createTrustedScriptURL = moduleManager.getConfig().getOptionsLiteral().createTrustedScriptURL;
719+
if (createTrustedScriptURL) {
720+
if (!this.scriptSourceURLPolicy) {
721+
this.scriptSourceURLPolicy = trustedTypes.createPolicy('amdLoader', { createScriptURL: createTrustedScriptURL });
722+
}
723+
scriptSrc = this.scriptSourceURLPolicy.createScriptURL(scriptSrc);
724+
}
680725
try {
681726
importScripts(scriptSrc);
682727
callback();

src/vs/workbench/services/extensions/worker/extensionHostWorkerMain.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,8 @@
1414

1515
require.config({
1616
baseUrl: monacoBaseUrl,
17-
catchError: true
17+
catchError: true,
18+
createTrustedScriptURL: (value: string) => value
1819
});
1920

2021
require(['vs/workbench/services/extensions/worker/extensionHostWorker'], () => { }, err => console.error(err));

0 commit comments

Comments
 (0)