Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Maybe check your changes to what we added to the Google Closure Library for html and see if any of these files are a result of the goog.html package. They might have always been there to handle EventTarget and minification. HelloWorld used to be 60K (actually, 29K way back) but if it zips to 20

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Source maps are likely a clue as to where the code is coming from: "goog/base.js","class com.google.javascript.jscomp.FunctionRewriter$EmptyFunctionReducer:helper","class com.google.javascript.jscomp.FunctionRewriter$SetterReducer:helper","class com.google.javascript.jscomp.FunctionRewriter$Get

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

HelloWorld size: 78,547 bytes and 20,788 bytes minified. There does seem to be a bunch of cruft at the top of the file. Not sure where it’s all coming from: https://paste.apache.org/d6p4j > On Dec 28, 2021, at 10:13 PM, Alex Harui wrote: > > Maybe. Can you confirm it? I think if there are a

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Maybe. Can you confirm it? I think if there are any exports in that code it might stick around. -Alex On 12/27/21, 9:24 PM, "Harbs" wrote: Won’t the minification remove the code if it’s not needed? > On Dec 28, 2021, at 2:10 AM, Alex Harui wrote: > > I think with this cha

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Won’t the minification remove the code if it’s not needed? > On Dec 28, 2021, at 2:10 AM, Alex Harui wrote: > > I think with this change we'll see HelloWorld grow by the size of the > goog.html and related code, which could be a noticeable chunk. Ideally, > there'd be some way to kick out the

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I think with this change we'll see HelloWorld grow by the size of the goog.html and related code, which could be a noticeable chunk. Ideally, there'd be some way to kick out the sanitization code if rare situations it isn't needed, or just to show our HelloWorld is still small. And then it wou

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

OK. I’ll give it a go. I see what you did. It’s probably reasonable to just add dependencies if/when we need them. > On Dec 27, 2021, at 9:53 AM, Alex Harui wrote: > > It looks like the compiler has some expectations that goog.events.EventTarget > is the only goog dependency in a Royale app. >

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

It looks like the compiler has some expectations that goog.events.EventTarget is the only goog dependency in a Royale app. I added HtmlSanitizer and a test case I was using that had the same problem started working. Maybe we need a smarter way to dictate what goog dependencies really are. -Ale

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

This is when running the CoreJS tests. > On Dec 26, 2021, at 8:54 PM, Harbs wrote: > > Uncaught TypeError: Cannot read properties of undefined (reading 'ua’) > > in gf(Ci, We.H.ua); > > “We.H" is undefined. > > Here’s the surrounding code: > > function Ci(a, b) { >We.H.ua.call(this, a, b

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Uncaught TypeError: Cannot read properties of undefined (reading 'ua’) in gf(Ci, We.H.ua); “We.H" is undefined. Here’s the surrounding code: function Ci(a, b) { We.H.ua.call(this, a, b) } gf(Ci, We.H.ua); C(je, Ci); Ci.unwrap = function(a) { return We.H.ua.unwrap(a) } ; C('org.apache.ro

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

What error do you get in release mode? The goog classes "should" be renamed in release mode if it is all static methods. -Alex On 12/26/21, 2:11 AM, "Harbs" wrote: I subclassed the goog classes. That seems to help in debug mode, but for some reason I’m not clear on, the goog classes dis

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I subclassed the goog classes. That seems to help in debug mode, but for some reason I’m not clear on, the goog classes disappear in release mode. You can see what I did on the sanitize branch... > On Dec 26, 2021, at 9:35 AM, Harbs wrote: > > I’ll try to create placeholder classes to subclass

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I’ll try to create placeholder classes to subclass them. > Might be simpler to just special case these two. How would we go about that? > On Dec 25, 2021, at 6:08 PM, Alex Harui wrote: > > Hmm. That may not work since you can't extend a static function. Might be > simpler to just special ca

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Hmm. That may not work since you can't extend a static function. Might be simpler to just special case these two. -Alex On 12/25/21, 12:08 AM, "Alex Harui" wrote: I took a look. It does require an "extends" relationship to force the goog.require for something in GCL.swc. I don't thin

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I took a look. It does require an "extends" relationship to force the goog.require for something in GCL.swc. I don't think we want to change that, so try a workaround. On 12/20/21, 9:02 AM, "Alex Harui" wrote: I will try to look at it this coming weekend. One thing to try for now is t

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I will try to look at it this coming weekend. One thing to try for now is to create a class that extends goog.html.SafeHtml and redirect sanitization through the subclass. Maybe the only way to get the dependency is to have an 'extends' relationship on the dependency, since that's what EventDi

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

> On Dec 20, 2021, at 10:20 AM, Alex Harui wrote: > > I might have time this weekend to spend more time getting it to work, but the > idea is that you add to GCL.swc the .as version of whatever JS file you need > from Google Closure Library Check. > , make sure the subset code in downloads.

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I rummaged through the js-debug output of examples/royale/ASDoc. I was surprised that I could not find a goog.require of goog.events.EventTarget from our code. There may have been a reason for that but I don't recall. Maybe I missed it. Probably something to do with circular dependencies. Th

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I investigated inside the compiler a bit, and it looks like we don't add goog.require() calls for any of the goog.* symbols that we use (at least in CoreJS and BasicJS). If a .swc file contains .js files in the right location, the compiler assumes that those symbols need a goog.require() call. Howe

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I had to modify the script here: https://github.com/apache/royale-asjs/blob/feature/sanitize/frameworks/downloads.xml#L286 Adding the necessary files worked to get the goog.html files. I confirmed that the files

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I think that GCL.swc might be kind of a weird edge case. The .swc exists only to make the AS3 compiler happy. As I understand it, Closure Compiler analyzes our generated .js files to determine which .js files from Closure library are needed in the final output. I think we copy all of Closure librar

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Thanks > On Dec 14, 2021, at 8:51 PM, Andrew Wetmore wrote: > > I have made some minor text changes to the file, which is a nice addition. > > Basically, I made the headings consistently sentence case (they were a mix > of sentence case and title case), changed passive voice to active voice > w

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Thanks for responding. Yes. I tried to add the definitions here. https://github.com/apache/royale-typedefs/tree/feature/sanitize/GCL/src/main/royale/goog/html It helped to get the type definitions i

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I have made some minor text changes to the file, which is a nice addition. Basically, I made the headings consistently sentence case (they were a mix of sentence case and title case), changed passive voice to active voice wherever I could, and tweaked a couple of minor things. a On Mon, Dec 13,

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

It looks like the GCL typedefs are defined here: https://github.com/apache/royale-typedefs/tree/develop/GCL/src/main/royale/goog I think that so far we've included only the classes that we use in the framework, so if you need something that we haven't used before, you can add it here. It'll get i

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

Bump. I’m stuck on this issue. I need to understand how the GCL library works for me to finish the sanitize functions. Thanks, Harbs > On Dec 13, 2021, at 2:50 PM, Harbs wrote: > > I created a page about swcs: > https://apache.github.io/royale-docs/libraries/library-basics >

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I created a page about swcs: https://apache.github.io/royale-docs/libraries/library-basics I added a paragraph about the GCL swc, but I’m really not very clear on how it works... > On Dec 12, 2021, at 5:46 PM, Harbs wrote: > > I

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I spent some more time on this, but I’m not sure how to get the compiler to realize that we need the goog files. For Event we have this: goog.addDependency('../../../org/apache/royale/events/Event.js', ['org.apache.royale.events.Event'], ['goog.events.Event', 'org.apache.royale.events.IRoyaleE

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

For final use, should the API perhaps be something that accepts Element / HTMLElement and a string, to be compatible with a future HTML Sanitizer API? (And it would somehow internally keep track of a Sanitizer object.) https://developer.mozilla.org/en-US/docs/Web/API/HTML_Sanitizer_API For

Re: [royale-asjs] 01/01: Added sanitizeUrl and sanitizeHtml

I added code for sanitizing, but it’s not working because the goog.html files are not being copied. I don’t know what needs to be done to make that happen. Harbs > On Dec 12, 2021, at 2:12 AM, ha...@apache.org wrote: > > This is an automated email from the ASF dual-hosted git repository. > > h