I had to modify the script here:
https://github.com/apache/royale-asjs/blob/feature/sanitize/frameworks/downloads.xml#L286
<https://github.com/apache/royale-asjs/blob/develop/frameworks/downloads.xml#L286>
Adding the necessary files worked to get the goog.html files. I confirmed that
the files ended up in the debug folder.
BUT, there’s no reference to requiring them in the compiled JS code.
That’s the bit I’m stuck on.
Why does using the following code not generate something akin to goog.require
(or goog.addDependency) somewhere?
package org.apache.royale.utils.string
{
COMPILE::JS{
import goog.html.sanitizer.HtmlSanitizer;
import goog.html.SafeHtml;
}
public function sanitizeHtml(html:String):String
{
COMPILE::JS
{
return SafeHtml.unwrap(HtmlSanitizer.sanitize(html));
}
//TODO sanitize in swf
COMPILE::SWF
{
return html;
}
}
}
> On Dec 14, 2021, at 10:00 PM, Josh Tynjala <joshtynj...@bowlerhat.dev> wrote:
>
> I think that GCL.swc might be kind of a weird edge case. The .swc exists
> only to make the AS3 compiler happy. As I understand it, Closure Compiler
> analyzes our generated .js files to determine which .js files from Closure
> library are needed in the final output. I think we copy all of Closure
> library for a debug build, and it grabs what it needs automatically.
>
> Could it be that the Closure library .js files that you are trying to use
> are missing from the version of Closure library that we currently depend
> on? Maybe we need an upgrade? Or maybe we're simply excluding them in some
> way because they weren't being used.
>
> --
> Josh Tynjala
> Bowler Hat LLC <https://bowlerhat.dev>
>
>
> On Tue, Dec 14, 2021 at 10:58 AM Harbs <harbs.li...@gmail.com> wrote:
>
>> Thanks for responding.
>>
>> Yes. I tried to add the definitions here.
>>
>>
>> https://github.com/apache/royale-typedefs/tree/feature/sanitize/GCL/src/main/royale/goog/html
>> <
>> https://github.com/apache/royale-typedefs/tree/feature/sanitize/GCL/src/main/royale/goog/html
>>>
>>
>> It helped to get the type definitions in
>> https://github.com/apache/royale-asjs/blob/1b12594c60420d3503f9e366f314c9d875e16ddb/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as
>> <
>> https://github.com/apache/royale-asjs/blob/1b12594c60420d3503f9e366f314c9d875e16ddb/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as
>>>
>>
>> But the goog.html files were not referenced in the JS output. I also
>> changed the script that extracts the goog js files, but that did not help.
>>
>> Basically, GCL is like a regular swc library in that JS files are needed,
>> but it’s like a typedef file in that the JS doesn’t come from the swc
>> (IFAICT). I’m struggling to understand how the compiler builds the
>> dependencies from GCL.swc…
>>
>> Thanks,
>> Harbs
>>
>>> On Dec 14, 2021, at 8:11 PM, Josh Tynjala <joshtynj...@bowlerhat.dev>
>> wrote:
>>>
>>> It looks like the GCL typedefs are defined here:
>>>
>>>
>> https://github.com/apache/royale-typedefs/tree/develop/GCL/src/main/royale/goog
>>>
>>> I think that so far we've included only the classes that we use in the
>>> framework, so if you need something that we haven't used before, you can
>>> add it here. It'll get included in the GCL .swc file, and then you can
>> use
>>> it in AS3/MXML.
>>>
>>> --
>>> Josh Tynjala
>>> Bowler Hat LLC <https://bowlerhat.dev>
>>>
>>>
>>> On Tue, Dec 14, 2021 at 9:42 AM Harbs <harbs.li...@gmail.com> wrote:
>>>
>>>> Bump.
>>>>
>>>> I’m stuck on this issue. I need to understand how the GCL library works
>>>> for me to finish the sanitize functions.
>>>>
>>>> Thanks,
>>>> Harbs
>>>>
>>>>> On Dec 13, 2021, at 2:50 PM, Harbs <harbs.li...@gmail.com> wrote:
>>>>>
>>>>> I created a page about swcs:
>>>> https://apache.github.io/royale-docs/libraries/library-basics <
>>>> https://apache.github.io/royale-docs/libraries/library-basics>
>>>>>
>>>>> I added a paragraph about the GCL swc, but I’m really not very clear on
>>>> how it works...
>>>>>
>>>>>> On Dec 12, 2021, at 5:46 PM, Harbs <harbs.li...@gmail.com <mailto:
>>>> harbs.li...@gmail.com>> wrote:
>>>>>>
>>>>>> I spent some more time on this, but I’m not sure how to get the
>>>> compiler to realize that we need the goog files.
>>>>>>
>>>>>> For Event we have this:
>>>>>>
>>>>>> goog.addDependency('../../../org/apache/royale/events/Event.js',
>>>> ['org.apache.royale.events.Event'], ['goog.events.Event',
>>>> 'org.apache.royale.events.IRoyaleEvent']);
>>>>>>
>>>>>> But Royale Event subclasses goog.events.Event.
>>>>>>
>>>>>> How do I tell the compiler that
>>>> org.apache.royale.utils.string.sanitizeUrl requires goog.html.SafeUrl ?
>>>>>>
>>>>>> The same for org.apache.royale.utils.string.sanitizeHtml with
>>>> goog.html.sanitizer.HtmlSanitizer and goog.html.SafeHtml.
>>>>>>
>>>>>> Alex? Josh? Greg?
>>>>>>
>>>>>> Thanks,
>>>>>> Harbs
>>>>>>
>>>>>>> On Dec 12, 2021, at 2:13 AM, Harbs <harbs.li...@gmail.com <mailto:
>>>> harbs.li...@gmail.com>> wrote:
>>>>>>>
>>>>>>> I added code for sanitizing, but it’s not working because the
>>>> goog.html files are not being copied. I don’t know what needs to be
>> done to
>>>> make that happen.
>>>>>>>
>>>>>>> Harbs
>>>>>>>
>>>>>>>> On Dec 12, 2021, at 2:12 AM, ha...@apache.org <mailto:
>>>> ha...@apache.org> wrote:
>>>>>>>>
>>>>>>>> This is an automated email from the ASF dual-hosted git repository.
>>>>>>>>
>>>>>>>> harbs pushed a commit to branch feature/sanitize
>>>>>>>> in repository https://gitbox.apache.org/repos/asf/royale-asjs.git <
>>>> https://gitbox.apache.org/repos/asf/royale-asjs.git>
>>>>>>>>
>>>>>>>> commit 1b12594c60420d3503f9e366f314c9d875e16ddb
>>>>>>>> Author: Harbs <ha...@in-tools.com <mailto:ha...@in-tools.com>>
>>>>>>>> AuthorDate: Sun Dec 12 02:12:05 2021 +0200
>>>>>>>>
>>>>>>>> Added sanitizeUrl and sanitizeHtml
>>>>>>>> ---
>>>>>>>> .../projects/Core/src/main/royale/CoreClasses.as | 2 +
>>>>>>>> .../org/apache/royale/utils/string/sanitizeHtml.as | 38
>> ++++++++++++++
>>>>>>>> .../org/apache/royale/utils/string/sanitizeUrl.as | 36
>> +++++++++++++
>>>>>>>> .../src/test/royale/flexUnitTests/CoreTester.as | 1 +
>>>>>>>> .../{CoreTester.as => SanitizeTest.as} | 59
>>>> ++++++++++++++--------
>>>>>>>> 5 files changed, 115 insertions(+), 21 deletions(-)
>>>>>>>>
>>>>>>>> diff --git a/frameworks/projects/Core/src/main/royale/CoreClasses.as
>>>> b/frameworks/projects/Core/src/main/royale/CoreClasses.as
>>>>>>>> index 21593fd..dd088eb 100644
>>>>>>>> --- a/frameworks/projects/Core/src/main/royale/CoreClasses.as
>>>>>>>> +++ b/frameworks/projects/Core/src/main/royale/CoreClasses.as
>>>>>>>> @@ -342,6 +342,8 @@ internal class CoreClasses
>>>>>>>> import org.apache.royale.utils.string.trimRight; trimRight;
>>>>>>>> import org.apache.royale.utils.string.trimLeft; trimLeft;
>>>>>>>> import org.apache.royale.utils.string.cacheBust; cacheBust;
>>>>>>>> + import org.apache.royale.utils.string.sanitizeHtml; sanitizeHtml;
>>>>>>>> + import org.apache.royale.utils.string.sanitizeUrl; sanitizeUrl;
>>>>>>>>
>>>>>>>> import org.apache.royale.utils.date.addDays; addDays;
>>>>>>>> import org.apache.royale.utils.date.addHours; addHours;
>>>>>>>> diff --git
>>>>
>> a/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as
>>>>
>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as
>>>>>>>> new file mode 100644
>>>>>>>> index 0000000..360ef63
>>>>>>>> --- /dev/null
>>>>>>>> +++
>>>>
>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as
>>>>>>>> @@ -0,0 +1,38 @@
>>>>>>>>
>>>>
>> +////////////////////////////////////////////////////////////////////////////////
>>>>>>>> +//
>>>>>>>> +// Licensed to the Apache Software Foundation (ASF) under one or
>>>> more
>>>>>>>> +// contributor license agreements. See the NOTICE file
>> distributed
>>>> with
>>>>>>>> +// this work for additional information regarding copyright
>>>> ownership.
>>>>>>>> +// The ASF licenses this file to You under the Apache License,
>>>> Version 2.0
>>>>>>>> +// (the "License"); you may not use this file except in compliance
>>>> with
>>>>>>>> +// the License. You may obtain a copy of the License at
>>>>>>>> +//
>>>>>>>> +// http://www.apache.org/licenses/LICENSE-2.0 <
>>>> http://www.apache.org/licenses/LICENSE-2.0>
>>>>>>>> +//
>>>>>>>> +// Unless required by applicable law or agreed to in writing,
>>>> software
>>>>>>>> +// distributed under the License is distributed on an "AS IS"
>> BASIS,
>>>>>>>> +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>>> implied.
>>>>>>>> +// See the License for the specific language governing permissions
>>>> and
>>>>>>>> +// limitations under the License.
>>>>>>>> +//
>>>>>>>>
>>>>
>> +////////////////////////////////////////////////////////////////////////////////
>>>>>>>> +package org.apache.royale.utils.string
>>>>>>>> +{
>>>>>>>> + COMPILE::JS{
>>>>>>>> + import goog.html.sanitizer.HtmlSanitizer;
>>>>>>>> + import goog.html.SafeHtml;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function sanitizeHtml(html:String):String
>>>>>>>> + {
>>>>>>>> + COMPILE::JS
>>>>>>>> + {
>>>>>>>> + return
>>>> SafeHtml.unwrap(HtmlSanitizer.sanitize(html));
>>>>>>>> + }
>>>>>>>> + //TODO sanitize in swf
>>>>>>>> + COMPILE::SWF
>>>>>>>> + {
>>>>>>>> + return html;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>> \ No newline at end of file
>>>>>>>> diff --git
>>>>
>> a/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as
>>>>
>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as
>>>>>>>> new file mode 100644
>>>>>>>> index 0000000..cd4151d
>>>>>>>> --- /dev/null
>>>>>>>> +++
>>>>
>> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as
>>>>>>>> @@ -0,0 +1,36 @@
>>>>>>>>
>>>>
>> +////////////////////////////////////////////////////////////////////////////////
>>>>>>>> +//
>>>>>>>> +// Licensed to the Apache Software Foundation (ASF) under one or
>>>> more
>>>>>>>> +// contributor license agreements. See the NOTICE file
>> distributed
>>>> with
>>>>>>>> +// this work for additional information regarding copyright
>>>> ownership.
>>>>>>>> +// The ASF licenses this file to You under the Apache License,
>>>> Version 2.0
>>>>>>>> +// (the "License"); you may not use this file except in compliance
>>>> with
>>>>>>>> +// the License. You may obtain a copy of the License at
>>>>>>>> +//
>>>>>>>> +// http://www.apache.org/licenses/LICENSE-2.0 <
>>>> http://www.apache.org/licenses/LICENSE-2.0>
>>>>>>>> +//
>>>>>>>> +// Unless required by applicable law or agreed to in writing,
>>>> software
>>>>>>>> +// distributed under the License is distributed on an "AS IS"
>> BASIS,
>>>>>>>> +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>>> implied.
>>>>>>>> +// See the License for the specific language governing permissions
>>>> and
>>>>>>>> +// limitations under the License.
>>>>>>>> +//
>>>>>>>>
>>>>
>> +////////////////////////////////////////////////////////////////////////////////
>>>>>>>> +package org.apache.royale.utils.string
>>>>>>>> +{
>>>>>>>> + COMPILE::JS{
>>>>>>>> + import goog.html.SafeUrl;
>>>>>>>> + import goog.html.SafeUrl;
>>>>>>>> + }
>>>>>>>> + public function sanitizeUrl(url:String):String
>>>>>>>> + {
>>>>>>>> + COMPILE::JS{
>>>>>>>> + return SafeUrl.unwrap(SafeUrl.sanitize(url));
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + //TODO sanitize in swf
>>>>>>>> + COMPILE::SWF{
>>>>>>>> + return url;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>> \ No newline at end of file
>>>>>>>> diff --git
>>>> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>>>>>> index c8adc02..9441daf 100644
>>>>>>>> ---
>>>> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>>>>>> +++
>>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>>>>>> @@ -42,5 +42,6 @@ package flexUnitTests
>>>>>>>> public var keyConverterTest:KeyConverterTest;
>>>>>>>> public var
>>>> keyboardEventConverterTest:KeyboardEventConverterTest;
>>>>>>>> public var stringUtilsTest:StringUtilsTest;
>>>>>>>> + public var sanitizerTest:SanitizeTest;
>>>>>>>> }
>>>>>>>> }
>>>>>>>> diff --git
>>>> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as
>>>>>>>> similarity index 50%
>>>>>>>> copy from
>>>> frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>>>>>> copy to
>>>> frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as
>>>>>>>> index c8adc02..7173f52 100644
>>>>>>>> ---
>>>> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as
>>>>>>>> +++
>>>> b/frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as
>>>>>>>> @@ -18,29 +18,46 @@
>>>>>>>>
>>>>
>> ////////////////////////////////////////////////////////////////////////////////
>>>>>>>> package flexUnitTests
>>>>>>>> {
>>>>>>>> - import flexUnitTests.language.*
>>>>>>>> + import org.apache.royale.utils.string.*;
>>>>>>>> + import org.apache.royale.test.asserts.*;
>>>>>>>>
>>>>>>>> - [Suite]
>>>>>>>> - [RunWith("org.apache.royale.test.runners.SuiteRunner")]
>>>>>>>> - public class CoreTester
>>>>>>>> - {
>>>>>>>> + public class SanitizeTest
>>>>>>>> + {
>>>>>>>> + [Before]
>>>>>>>> + public function setUp():void
>>>>>>>> + {
>>>>>>>> + }
>>>>>>>>
>>>>>>>> - //language tests
>>>>>>>> - public var languageTestIs:LanguageTesterTestIs;
>>>>>>>> - public var languageTestIntUint:LanguageTesterIntUint;
>>>>>>>> - public var languageTestVector:LanguageTesterTestVector;
>>>>>>>> - public var languageTestClass:LanguageTesterTestClass;
>>>>>>>> - public var
>>>> languageTestLoopVariants:LanguageTesterTestLoopVariants;
>>>>>>>> - public var languageTestArraySort:LanguageTesterArraySort;
>>>>>>>> - public var languageTesttryCatch:LanguageTesterTestTryCatch;
>>>>>>>> + [After]
>>>>>>>> + public function tearDown():void
>>>>>>>> + {
>>>>>>>> + }
>>>>>>>>
>>>>>>>> - //core tests
>>>>>>>> - public var strandTesterTest:StrandTesterTest;
>>>>>>>> - public var binaryDataTesterTest:BinaryDataTesterTest;
>>>>>>>> - public var arrayUtilsTest:ArrayUtilsTest;
>>>>>>>> - public var dateUtilsTest:DateUtilsTest;
>>>>>>>> - public var keyConverterTest:KeyConverterTest;
>>>>>>>> - public var
>>>> keyboardEventConverterTest:KeyboardEventConverterTest;
>>>>>>>> - public var stringUtilsTest:StringUtilsTest;
>>>>>>>> + [BeforeClass]
>>>>>>>> + public static function setUpBeforeClass():void
>>>>>>>> + {
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + [AfterClass]
>>>>>>>> + public static function tearDownAfterClass():void
>>>>>>>> + {
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + [Test]
>>>>>>>> + public function testHTML():void
>>>>>>>> + {
>>>>>>>> + var safeHtml:String = 'Hello <em>World</em>';
>>>>>>>> + assertEquals(safeHtml, sanitizeHtml(safeHtml));
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + [Test]
>>>>>>>> + public function testUrl():void
>>>>>>>> + {
>>>>>>>> + var safeUrl:String = "https://foobaz.com <
>>>> https://foobaz.com/>"
>>>>>>>> + assertEquals(safeUrl, sanitizeUrl(safeUrl));
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> +
>>>>>>>> +
>>>>>>>> }
>>>>>>>> }
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>
>>
