1 line
3.3 KiB
Plaintext
1 line
3.3 KiB
Plaintext
{"version":3,"file":"unsafe-html.js","sources":["../src/directives/unsafe-html.ts"],"sourcesContent":["/**\n * @license\n * Copyright 2017 Google LLC\n * SPDX-License-Identifier: BSD-3-Clause\n */\n\nimport {nothing, TemplateResult, noChange} from '../lit-html.js';\nimport {directive, Directive, PartInfo, PartType} from '../directive.js';\n\nconst HTML_RESULT = 1;\n\nexport class UnsafeHTMLDirective extends Directive {\n static directiveName = 'unsafeHTML';\n static resultType = HTML_RESULT;\n\n private _value: unknown = nothing;\n private _templateResult?: TemplateResult;\n\n constructor(partInfo: PartInfo) {\n super(partInfo);\n if (partInfo.type !== PartType.CHILD) {\n throw new Error(\n `${\n (this.constructor as typeof UnsafeHTMLDirective).directiveName\n }() can only be used in child bindings`\n );\n }\n }\n\n render(value: string | typeof nothing | typeof noChange | undefined | null) {\n if (value === nothing || value == null) {\n this._templateResult = undefined;\n return (this._value = value);\n }\n if (value === noChange) {\n return value;\n }\n if (typeof value != 'string') {\n throw new Error(\n `${\n (this.constructor as typeof UnsafeHTMLDirective).directiveName\n }() called with a non-string value`\n );\n }\n if (value === this._value) {\n return this._templateResult;\n }\n this._value = value;\n const strings = [value] as unknown as TemplateStringsArray;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n (strings as any).raw = strings;\n // WARNING: impersonating a TemplateResult like this is extremely\n // dangerous. Third-party directives should not do this.\n return (this._templateResult = {\n // Cast to a known set of integers that satisfy ResultType so that we\n // don't have to export ResultType and possibly encourage this pattern.\n // This property needs to remain unminified.\n ['_$litType$']: (this.constructor as typeof UnsafeHTMLDirective)\n .resultType as 1 | 2,\n strings,\n values: [],\n });\n }\n}\n\n/**\n * Renders the result as HTML, rather than text.\n *\n * The values `undefined`, `null`, and `nothing`, will all result in no content\n * (empty string) being rendered.\n *\n * Note, this is unsafe to use with any user-provided input that hasn't been\n * sanitized or escaped, as it may lead to cross-site-scripting\n * vulnerabilities.\n */\nexport const unsafeHTML = directive(UnsafeHTMLDirective);\n"],"names":["UnsafeHTMLDirective","Directive","constructor","partInfo","super","this","_value","nothing","type","PartType","CHILD","Error","directiveName","render","value","_templateResult","undefined","noChange","strings","raw","_$litType$","resultType","values","unsafeHTML","directive"],"mappings":";;;;;GAWM,MAAOA,UAA4BC,EAOvCC,YAAYC,GAEV,GADAC,MAAMD,GAJAE,KAAMC,GAAYC,EAKpBJ,EAASK,OAASC,EAASC,MAC7B,MAAUC,MAELN,KAAKH,YAA2CU,cADnD,wCAKL,CAEDC,OAAOC,GACL,GAAIA,IAAUP,GAAoB,MAATO,EAEvB,OADAT,KAAKU,QAAkBC,EACfX,KAAKC,GAASQ,EAExB,GAAIA,IAAUG,EACZ,OAAOH,EAET,GAAoB,iBAATA,EACT,MAAUH,MAELN,KAAKH,YAA2CU,cADnD,qCAKJ,GAAIE,IAAUT,KAAKC,GACjB,OAAOD,KAAKU,GAEdV,KAAKC,GAASQ,EACd,MAAMI,EAAU,CAACJ,GAKjB,OAHCI,EAAgBC,IAAMD,EAGfb,KAAKU,GAAkB,CAI7BK,WAAiBf,KAAKH,YACnBmB,WACHH,UACAI,OAAQ,GAEX,EAlDMtB,EAAaY,cAAG,aAChBZ,EAAUqB,WAJC,QAkEPE,EAAaC,EAAUxB"} |