Thanks for responding. Yes. I tried to add the definitions here.
https://github.com/apache/royale-typedefs/tree/feature/sanitize/GCL/src/main/royale/goog/html <https://github.com/apache/royale-typedefs/tree/feature/sanitize/GCL/src/main/royale/goog/html> It helped to get the type definitions in https://github.com/apache/royale-asjs/blob/1b12594c60420d3503f9e366f314c9d875e16ddb/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as <https://github.com/apache/royale-asjs/blob/1b12594c60420d3503f9e366f314c9d875e16ddb/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as> But the goog.html files were not referenced in the JS output. I also changed the script that extracts the goog js files, but that did not help. Basically, GCL is like a regular swc library in that JS files are needed, but it’s like a typedef file in that the JS doesn’t come from the swc (IFAICT). I’m struggling to understand how the compiler builds the dependencies from GCL.swc… Thanks, Harbs > On Dec 14, 2021, at 8:11 PM, Josh Tynjala <joshtynj...@bowlerhat.dev> wrote: > > It looks like the GCL typedefs are defined here: > > https://github.com/apache/royale-typedefs/tree/develop/GCL/src/main/royale/goog > > I think that so far we've included only the classes that we use in the > framework, so if you need something that we haven't used before, you can > add it here. It'll get included in the GCL .swc file, and then you can use > it in AS3/MXML. > > -- > Josh Tynjala > Bowler Hat LLC <https://bowlerhat.dev> > > > On Tue, Dec 14, 2021 at 9:42 AM Harbs <harbs.li...@gmail.com> wrote: > >> Bump. >> >> I’m stuck on this issue. I need to understand how the GCL library works >> for me to finish the sanitize functions. >> >> Thanks, >> Harbs >> >>> On Dec 13, 2021, at 2:50 PM, Harbs <harbs.li...@gmail.com> wrote: >>> >>> I created a page about swcs: >> https://apache.github.io/royale-docs/libraries/library-basics < >> https://apache.github.io/royale-docs/libraries/library-basics> >>> >>> I added a paragraph about the GCL swc, but I’m really not very clear on >> how it works... >>> >>>> On Dec 12, 2021, at 5:46 PM, Harbs <harbs.li...@gmail.com <mailto: >> harbs.li...@gmail.com>> wrote: >>>> >>>> I spent some more time on this, but I’m not sure how to get the >> compiler to realize that we need the goog files. >>>> >>>> For Event we have this: >>>> >>>> goog.addDependency('../../../org/apache/royale/events/Event.js', >> ['org.apache.royale.events.Event'], ['goog.events.Event', >> 'org.apache.royale.events.IRoyaleEvent']); >>>> >>>> But Royale Event subclasses goog.events.Event. >>>> >>>> How do I tell the compiler that >> org.apache.royale.utils.string.sanitizeUrl requires goog.html.SafeUrl ? >>>> >>>> The same for org.apache.royale.utils.string.sanitizeHtml with >> goog.html.sanitizer.HtmlSanitizer and goog.html.SafeHtml. >>>> >>>> Alex? Josh? Greg? >>>> >>>> Thanks, >>>> Harbs >>>> >>>>> On Dec 12, 2021, at 2:13 AM, Harbs <harbs.li...@gmail.com <mailto: >> harbs.li...@gmail.com>> wrote: >>>>> >>>>> I added code for sanitizing, but it’s not working because the >> goog.html files are not being copied. I don’t know what needs to be done to >> make that happen. >>>>> >>>>> Harbs >>>>> >>>>>> On Dec 12, 2021, at 2:12 AM, ha...@apache.org <mailto: >> ha...@apache.org> wrote: >>>>>> >>>>>> This is an automated email from the ASF dual-hosted git repository. >>>>>> >>>>>> harbs pushed a commit to branch feature/sanitize >>>>>> in repository https://gitbox.apache.org/repos/asf/royale-asjs.git < >> https://gitbox.apache.org/repos/asf/royale-asjs.git> >>>>>> >>>>>> commit 1b12594c60420d3503f9e366f314c9d875e16ddb >>>>>> Author: Harbs <ha...@in-tools.com <mailto:ha...@in-tools.com>> >>>>>> AuthorDate: Sun Dec 12 02:12:05 2021 +0200 >>>>>> >>>>>> Added sanitizeUrl and sanitizeHtml >>>>>> --- >>>>>> .../projects/Core/src/main/royale/CoreClasses.as | 2 + >>>>>> .../org/apache/royale/utils/string/sanitizeHtml.as | 38 ++++++++++++++ >>>>>> .../org/apache/royale/utils/string/sanitizeUrl.as | 36 +++++++++++++ >>>>>> .../src/test/royale/flexUnitTests/CoreTester.as | 1 + >>>>>> .../{CoreTester.as => SanitizeTest.as} | 59 >> ++++++++++++++-------- >>>>>> 5 files changed, 115 insertions(+), 21 deletions(-) >>>>>> >>>>>> diff --git a/frameworks/projects/Core/src/main/royale/CoreClasses.as >> b/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>>>> index 21593fd..dd088eb 100644 >>>>>> --- a/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>>>> +++ b/frameworks/projects/Core/src/main/royale/CoreClasses.as >>>>>> @@ -342,6 +342,8 @@ internal class CoreClasses >>>>>> import org.apache.royale.utils.string.trimRight; trimRight; >>>>>> import org.apache.royale.utils.string.trimLeft; trimLeft; >>>>>> import org.apache.royale.utils.string.cacheBust; cacheBust; >>>>>> + import org.apache.royale.utils.string.sanitizeHtml; sanitizeHtml; >>>>>> + import org.apache.royale.utils.string.sanitizeUrl; sanitizeUrl; >>>>>> >>>>>> import org.apache.royale.utils.date.addDays; addDays; >>>>>> import org.apache.royale.utils.date.addHours; addHours; >>>>>> diff --git >> a/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as >> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as >>>>>> new file mode 100644 >>>>>> index 0000000..360ef63 >>>>>> --- /dev/null >>>>>> +++ >> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeHtml.as >>>>>> @@ -0,0 +1,38 @@ >>>>>> >> +//////////////////////////////////////////////////////////////////////////////// >>>>>> +// >>>>>> +// Licensed to the Apache Software Foundation (ASF) under one or >> more >>>>>> +// contributor license agreements. See the NOTICE file distributed >> with >>>>>> +// this work for additional information regarding copyright >> ownership. >>>>>> +// The ASF licenses this file to You under the Apache License, >> Version 2.0 >>>>>> +// (the "License"); you may not use this file except in compliance >> with >>>>>> +// the License. You may obtain a copy of the License at >>>>>> +// >>>>>> +// http://www.apache.org/licenses/LICENSE-2.0 < >> http://www.apache.org/licenses/LICENSE-2.0> >>>>>> +// >>>>>> +// Unless required by applicable law or agreed to in writing, >> software >>>>>> +// distributed under the License is distributed on an "AS IS" BASIS, >>>>>> +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >> implied. >>>>>> +// See the License for the specific language governing permissions >> and >>>>>> +// limitations under the License. >>>>>> +// >>>>>> >> +//////////////////////////////////////////////////////////////////////////////// >>>>>> +package org.apache.royale.utils.string >>>>>> +{ >>>>>> + COMPILE::JS{ >>>>>> + import goog.html.sanitizer.HtmlSanitizer; >>>>>> + import goog.html.SafeHtml; >>>>>> + } >>>>>> + >>>>>> + public function sanitizeHtml(html:String):String >>>>>> + { >>>>>> + COMPILE::JS >>>>>> + { >>>>>> + return >> SafeHtml.unwrap(HtmlSanitizer.sanitize(html)); >>>>>> + } >>>>>> + //TODO sanitize in swf >>>>>> + COMPILE::SWF >>>>>> + { >>>>>> + return html; >>>>>> + } >>>>>> + } >>>>>> +} >>>>>> \ No newline at end of file >>>>>> diff --git >> a/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as >> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as >>>>>> new file mode 100644 >>>>>> index 0000000..cd4151d >>>>>> --- /dev/null >>>>>> +++ >> b/frameworks/projects/Core/src/main/royale/org/apache/royale/utils/string/sanitizeUrl.as >>>>>> @@ -0,0 +1,36 @@ >>>>>> >> +//////////////////////////////////////////////////////////////////////////////// >>>>>> +// >>>>>> +// Licensed to the Apache Software Foundation (ASF) under one or >> more >>>>>> +// contributor license agreements. See the NOTICE file distributed >> with >>>>>> +// this work for additional information regarding copyright >> ownership. >>>>>> +// The ASF licenses this file to You under the Apache License, >> Version 2.0 >>>>>> +// (the "License"); you may not use this file except in compliance >> with >>>>>> +// the License. You may obtain a copy of the License at >>>>>> +// >>>>>> +// http://www.apache.org/licenses/LICENSE-2.0 < >> http://www.apache.org/licenses/LICENSE-2.0> >>>>>> +// >>>>>> +// Unless required by applicable law or agreed to in writing, >> software >>>>>> +// distributed under the License is distributed on an "AS IS" BASIS, >>>>>> +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >> implied. >>>>>> +// See the License for the specific language governing permissions >> and >>>>>> +// limitations under the License. >>>>>> +// >>>>>> >> +//////////////////////////////////////////////////////////////////////////////// >>>>>> +package org.apache.royale.utils.string >>>>>> +{ >>>>>> + COMPILE::JS{ >>>>>> + import goog.html.SafeUrl; >>>>>> + import goog.html.SafeUrl; >>>>>> + } >>>>>> + public function sanitizeUrl(url:String):String >>>>>> + { >>>>>> + COMPILE::JS{ >>>>>> + return SafeUrl.unwrap(SafeUrl.sanitize(url)); >>>>>> + } >>>>>> + >>>>>> + //TODO sanitize in swf >>>>>> + COMPILE::SWF{ >>>>>> + return url; >>>>>> + } >>>>>> + } >>>>>> +} >>>>>> \ No newline at end of file >>>>>> diff --git >> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >> b/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>>>> index c8adc02..9441daf 100644 >>>>>> --- >> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>>>> +++ >> b/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>>>> @@ -42,5 +42,6 @@ package flexUnitTests >>>>>> public var keyConverterTest:KeyConverterTest; >>>>>> public var >> keyboardEventConverterTest:KeyboardEventConverterTest; >>>>>> public var stringUtilsTest:StringUtilsTest; >>>>>> + public var sanitizerTest:SanitizeTest; >>>>>> } >>>>>> } >>>>>> diff --git >> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >> b/frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as >>>>>> similarity index 50% >>>>>> copy from >> frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>>>> copy to >> frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as >>>>>> index c8adc02..7173f52 100644 >>>>>> --- >> a/frameworks/projects/Core/src/test/royale/flexUnitTests/CoreTester.as >>>>>> +++ >> b/frameworks/projects/Core/src/test/royale/flexUnitTests/SanitizeTest.as >>>>>> @@ -18,29 +18,46 @@ >>>>>> >> //////////////////////////////////////////////////////////////////////////////// >>>>>> package flexUnitTests >>>>>> { >>>>>> - import flexUnitTests.language.* >>>>>> + import org.apache.royale.utils.string.*; >>>>>> + import org.apache.royale.test.asserts.*; >>>>>> >>>>>> - [Suite] >>>>>> - [RunWith("org.apache.royale.test.runners.SuiteRunner")] >>>>>> - public class CoreTester >>>>>> - { >>>>>> + public class SanitizeTest >>>>>> + { >>>>>> + [Before] >>>>>> + public function setUp():void >>>>>> + { >>>>>> + } >>>>>> >>>>>> - //language tests >>>>>> - public var languageTestIs:LanguageTesterTestIs; >>>>>> - public var languageTestIntUint:LanguageTesterIntUint; >>>>>> - public var languageTestVector:LanguageTesterTestVector; >>>>>> - public var languageTestClass:LanguageTesterTestClass; >>>>>> - public var >> languageTestLoopVariants:LanguageTesterTestLoopVariants; >>>>>> - public var languageTestArraySort:LanguageTesterArraySort; >>>>>> - public var languageTesttryCatch:LanguageTesterTestTryCatch; >>>>>> + [After] >>>>>> + public function tearDown():void >>>>>> + { >>>>>> + } >>>>>> >>>>>> - //core tests >>>>>> - public var strandTesterTest:StrandTesterTest; >>>>>> - public var binaryDataTesterTest:BinaryDataTesterTest; >>>>>> - public var arrayUtilsTest:ArrayUtilsTest; >>>>>> - public var dateUtilsTest:DateUtilsTest; >>>>>> - public var keyConverterTest:KeyConverterTest; >>>>>> - public var >> keyboardEventConverterTest:KeyboardEventConverterTest; >>>>>> - public var stringUtilsTest:StringUtilsTest; >>>>>> + [BeforeClass] >>>>>> + public static function setUpBeforeClass():void >>>>>> + { >>>>>> + } >>>>>> + >>>>>> + [AfterClass] >>>>>> + public static function tearDownAfterClass():void >>>>>> + { >>>>>> + } >>>>>> + >>>>>> + [Test] >>>>>> + public function testHTML():void >>>>>> + { >>>>>> + var safeHtml:String = 'Hello <em>World</em>'; >>>>>> + assertEquals(safeHtml, sanitizeHtml(safeHtml)); >>>>>> + } >>>>>> + >>>>>> + [Test] >>>>>> + public function testUrl():void >>>>>> + { >>>>>> + var safeUrl:String = "https://foobaz.com < >> https://foobaz.com/>" >>>>>> + assertEquals(safeUrl, sanitizeUrl(safeUrl)); >>>>>> + } >>>>>> + >>>>>> + >>>>>> + >>>>>> } >>>>>> } >>>>> >>>> >>> >> >>
