5.0.0

Author: tmunzer

.DS_Store

@@ -30,6 +30,10 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
 
 ---
 
+## Store links:
+- [Chrome Web Store](https://chromewebstore.google.com/detail/mist-extension/ejhpdcljeamillfhdihkkmoakanpbplh)
+
+
 ## Features
 
 ### Supported Juniper Clouds
@@ -141,9 +145,9 @@ This extension is not yet available on the [Chrome Web Store](https://chrome.goo
 ## Build Instructions
 
 This extension was developed on macOS 12.6.1 using:
-- Node.js 19.0.1
-- npm 8.19.2
-- Python 3.8.5
+- Node.js >= 19.0.1
+- npm >= 8.19.2
+- Python >= 3.8.5
 
 ### Prerequisites
 From the `angular` folder, install dependencies:

._readme/.DS_Store

@@ -36,6 +36,7 @@
     "@angular/platform-browser-dynamic": "^18.2.13",
     "@angular/router": "^18.2.13",
     "@types/webextension-polyfill": "^0.12.1",
+    "dompurify": "^3.2.5",
     "ngx-build-plus": "^18.0.0",
     "rxjs": "^7.8.1",
     "tslib": "^2.8.1",

README.md

@@ -1,6 +1,5 @@
 import { Injectable } from '@angular/core';
 import { BehaviorSubject } from 'rxjs';
-//import browser from "webextension-polyfill";
 import browser from "webextension-polyfill";
 
 
@@ -167,15 +166,11 @@ export class BrowserService {
     }
 
     setStorage(k:string, v:string):void{
-        browser.storage.local.set({k: v}).then((res)=>{
-            console.log("Storage: "+k+" saved to "+v)
-        }).catch(err => console.log(err))
+        browser.storage.local.set({k: v}).catch(err => console.log(err))
     }
     getStorage(k:string, cb:(res)=>void) {
         browser.storage.local.get({k}).then(
             data => {
-            console.log("Storage: "+k+" was saved to "+data.k)
-            console.log(data.k)
             cb(data.k);
         }, err => {
             console.log(err)

angular/package-lock.json

@@ -13,8 +13,8 @@ browser.storage.local
 //if (window.location.host == "api.mist.com") {
 const uuid_re = /[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/
 const uuid_re_tail = /[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/
-function process_ids() {
 
+function process_ids() {
     const domElements = document.getElementsByClassName("response-info")
     var domElement, finalElements;
     try {
@@ -73,21 +73,23 @@ function process_ids() {
             }
         }
     } catch (e) {
-        console.warning("Error in process_ids: ", e);
+        console.warn("Error in process_ids: ", e);
     }
 }
 
 function inject_next(finalElements, index, host) {
     const next_value = finalElements[index].innerText.replaceAll("\"", "")
     const url = "https://" + host + next_value;
-    finalElements[index].innerHTML = "\"<a href=\"" + url + "\" style=\"text-decoration: underline;color: #D14;\">" + next_value + "</a>\"";
+    let cleanHTML = DOMPurify.sanitize("\"<a href=\"" + url + "\" style=\"text-decoration: underline;color: #D14;\">" + next_value + "</a>\"");
+    finalElements[index].innerHTML = cleanHTML;
 }
 
 function inject_common_link(finalElements, index, baseUrl) {
     const id = get_id(finalElements, index)
     const url = get_url(baseUrl, id)
     if (url && id) {
-        finalElements[index].innerHTML = "\"<a href=\"" + url + "\" style=\"text-decoration: underline;color: #D14;\">" + id + "</a>\"";
+        let cleanHTML = DOMPurify.sanitize("\"<a href=\"" + url + "\" style=\"text-decoration: underline;color: #D14;\">" + id + "</a>\"")
+        finalElements[index].innerHTML = cleanHTML;
     }
     return id;
 }

angular/package.json

@@ -1,4 +1,5 @@
 
+
 var browser_name = "ffx";
 if (typeof browser === "undefined") {
     var browser = chrome;
@@ -56,3 +57,5 @@ function apiBadge(color) {
         browser.action.setBadgeText({ "text": "" });
     }
 }
+
+

angular/src/app/services/browser.service.ts

@@ -23,7 +23,8 @@
       ],
       "js": [
         "/assets/js/content.js",
-        "/assets/js/id_links.js"
+        "/assets/js/id_links.js",
+        "/assets/js/purify.min.js"
       ]
     }
   ],