@@ -51,9 +51,45 @@ function REACTION_LOG(error) {
5151}
5252
5353class Manifest {
54+ /**
55+ * Url string => true | string | SRI[]
56+ *
57+ * Used to compare a resource to the content body at the resource.
58+ * `true` is used to signify that all integrities are allowed, otherwise,
59+ * SRI strings are parsed to compare with the body.
60+ *
61+ * This stores strings instead of eagerly parsing SRI strings
62+ * and only converts them to SRI data structures when needed.
63+ * This avoids needing to parse all SRI strings at startup even
64+ * if some never end up being used.
65+ */
5466 #integrities = new SafeMap ( ) ;
67+ /**
68+ * Url string => (string) => true | URL
69+ *
70+ * Used to find where a dependency is located.
71+ *
72+ * This stores functions to lazily calculate locations as needed.
73+ * `true` is used to signify that the location is not specified
74+ * by the manifest and default resolution should be allowed.
75+ */
5576 #dependencies = new SafeMap ( ) ;
77+ /**
78+ * (Error) => undefined
79+ *
80+ * Performs default action for what happens when a manifest encounters
81+ * a violation such as abort()ing or exiting the process, throwing the error,
82+ * or logging the error.
83+ */
5684 #reaction = null ;
85+
86+ /**
87+ * `obj` should match the policy file format described in the docs
88+ * it is expected to not have prototype pollution issues either by reassigning
89+ * the prototype to `null` for values or by running prior to any user code.
90+ *
91+ * `manifestURL` is a URL to resolve relative locations against.
92+ */
5793 constructor ( obj , manifestURL ) {
5894 const integrities = this . #integrities;
5995 const dependencies = this . #dependencies;
0 commit comments