Skip to content

Commit

Permalink
policy: refactor to use more primordials
Browse files Browse the repository at this point in the history
PR-URL: #36210
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
  • Loading branch information
aduh95 authored and targos committed May 16, 2021
1 parent f59ee44 commit ac47032
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 15 deletions.
18 changes: 9 additions & 9 deletions lib/internal/policy/manifest.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@

const {
ArrayIsArray,
Map,
MapPrototypeSet,
ObjectCreate,
ObjectEntries,
ObjectFreeze,
Expand All @@ -12,6 +10,8 @@ const {
RegExpPrototypeTest,
SafeMap,
SafeSet,
StringPrototypeEndsWith,
StringPrototypeReplace,
Symbol,
uncurryThis,
} = primordials;
Expand Down Expand Up @@ -334,14 +334,15 @@ class Manifest {
* @returns {string}
*/
const protocolOrResolve = (resourceHREF) => {
if (resourceHREF.endsWith(':')) {
if (StringPrototypeEndsWith(resourceHREF, ':')) {
// URL parse will trim these anyway, save the compute
resourceHREF = resourceHREF.replace(
resourceHREF = StringPrototypeReplace(
resourceHREF,
// eslint-disable-next-line
/^[\x00-\x1F\x20]|\x09\x0A\x0D|[\x00-\x1F\x20]$/g,
''
);
if (/^[a-zA-Z][a-zA-Z+\-.]*:$/.test(resourceHREF)) {
if (RegExpPrototypeTest(/^[a-zA-Z][a-zA-Z+\-.]*:$/, resourceHREF)) {
return resourceHREF;
}
}
Expand Down Expand Up @@ -424,7 +425,7 @@ class Manifest {
// Only a few schemes are hierarchical
if (kSpecialSchemes.has(currentURL.protocol)) {
// Make first '..' act like '.'
if (currentURL.pathname.slice(-1) !== '/') {
if (!StringPrototypeEndsWith(currentURL.pathname, '/')) {
currentURL.pathname += '/';
}
let lastHREF;
Expand Down Expand Up @@ -476,7 +477,7 @@ class Manifest {
assertIntegrity(url, content) {
const href = `${url}`;
debug('Checking integrity of %s', href);
const realIntegrities = new Map();
const realIntegrities = new SafeMap();
const integrities = this.#resourceIntegrities;
function processEntry(href) {
let integrityEntries = integrities.get(href);
Expand Down Expand Up @@ -505,8 +506,7 @@ class Manifest {
timingSafeEqual(digest, expected)) {
return true;
}
MapPrototypeSet(
realIntegrities,
realIntegrities.set(
algorithm,
BufferToString(digest, 'base64')
);
Expand Down
11 changes: 5 additions & 6 deletions lib/internal/policy/sri.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
// https://w3c.github.io/webappsec-subresource-integrity/#the-integrity-attribute

const {
ArrayPrototype,
ObjectDefineProperty,
ObjectFreeze,
ObjectGetPrototypeOf,
ObjectSeal,
ObjectSetPrototypeOf,
RegExp,
Expand All @@ -32,7 +32,6 @@ const kAllWSP = RegExp(`^${kWSP}*$`);
ObjectSeal(kAllWSP);

const BufferFrom = require('buffer').Buffer.from;
const RealArrayPrototype = ObjectGetPrototypeOf([]);

// Returns {algorithm, value (in base64 string), options,}[]
const parse = (str) => {
Expand All @@ -41,10 +40,10 @@ const parse = (str) => {
const entries = [];
while (match = RegExpPrototypeExec(kSRIPattern, str)) {
if (match.index !== prevIndex) {
throw new ERR_SRI_PARSE(str, str.charAt(prevIndex), prevIndex);
throw new ERR_SRI_PARSE(str, str[prevIndex], prevIndex);
}
if (entries.length > 0 && match[1] === '') {
throw new ERR_SRI_PARSE(str, str.charAt(prevIndex), prevIndex);
throw new ERR_SRI_PARSE(str, str[prevIndex], prevIndex);
}

// Avoid setters being fired
Expand All @@ -63,10 +62,10 @@ const parse = (str) => {

if (prevIndex !== str.length) {
if (!RegExpPrototypeTest(kAllWSP, StringPrototypeSlice(str, prevIndex))) {
throw new ERR_SRI_PARSE(str, str.charAt(prevIndex), prevIndex);
throw new ERR_SRI_PARSE(str, str[prevIndex], prevIndex);
}
}
return ObjectSetPrototypeOf(entries, RealArrayPrototype);
return ObjectSetPrototypeOf(entries, ArrayPrototype);
};

module.exports = {
Expand Down

0 comments on commit ac47032

Please sign in to comment.