MyRepo-Ums/node_modules/webpack-subresource-integrity/index.js
2024-01-19 11:09:11 +01:00

291 lines
13 KiB
JavaScript

"use strict";
/**
* Copyright (c) 2015-present, Waysact Pty Ltd
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.SubresourceIntegrityPlugin = void 0;
const crypto_1 = require("crypto");
const webpack_1 = require("webpack");
const plugin_1 = require("./plugin");
const reporter_1 = require("./reporter");
const util_1 = require("./util");
const thisPluginName = "webpack-subresource-integrity";
// https://www.w3.org/TR/2016/REC-SRI-20160623/#cryptographic-hash-functions
const standardHashFuncNames = ["sha256", "sha384", "sha512"];
let getHtmlWebpackPluginHooks = null;
class AddLazySriRuntimeModule extends webpack_1.RuntimeModule {
constructor(sriHashes, chunkName) {
super(`webpack-subresource-integrity lazy hashes for direct children of chunk ${chunkName}`);
this.sriHashes = sriHashes;
}
generate() {
return webpack_1.Template.asString([
`Object.assign(${util_1.sriHashVariableReference}, ${JSON.stringify(this.sriHashes)});`,
]);
}
}
/**
* The webpack-subresource-integrity plugin.
*
* @public
*/
class SubresourceIntegrityPlugin {
/**
* Create a new instance.
*
* @public
*/
constructor(options = {}) {
/**
* @internal
*/
this.setup = (compilation) => {
const reporter = new reporter_1.Reporter(compilation, thisPluginName);
if (!this.validateOptions(compilation, reporter) ||
!this.isEnabled(compilation)) {
return;
}
const plugin = new plugin_1.Plugin(compilation, this.options, reporter);
if (typeof compilation.outputOptions.chunkLoading === "string" &&
["require", "async-node"].includes(compilation.outputOptions.chunkLoading)) {
reporter.warnOnce("This plugin is not useful for non-web targets.");
return;
}
compilation.hooks.beforeRuntimeRequirements.tap(thisPluginName, () => {
plugin.beforeRuntimeRequirements();
});
compilation.hooks.processAssets.tap({
name: thisPluginName,
stage: compilation.compiler.webpack.Compilation
.PROCESS_ASSETS_STAGE_OPTIMIZE_INLINE,
}, (records) => {
return plugin.processAssets(records);
});
compilation.hooks.afterProcessAssets.tap(thisPluginName, (records) => {
for (const chunk of compilation.chunks.values()) {
for (const chunkFile of chunk.files) {
if (chunkFile in records &&
records[chunkFile].source().includes(util_1.placeholderPrefix)) {
reporter.errorOnce(`Asset ${chunkFile} contains unresolved integrity placeholders`);
}
}
}
});
compilation.compiler.webpack.optimize.RealContentHashPlugin.getCompilationHooks(compilation).updateHash.tap(thisPluginName, (input, oldHash) => {
// FIXME: remove type hack pending https://github.com/webpack/webpack/pull/12642#issuecomment-784744910
return plugin.updateHash(input, oldHash);
});
if (getHtmlWebpackPluginHooks) {
getHtmlWebpackPluginHooks(compilation).beforeAssetTagGeneration.tapPromise(thisPluginName, async (pluginArgs) => {
plugin.handleHwpPluginArgs(pluginArgs);
return pluginArgs;
});
getHtmlWebpackPluginHooks(compilation).alterAssetTagGroups.tapPromise({
name: thisPluginName,
stage: 10000,
}, async (data) => {
plugin.handleHwpBodyTags(data);
return data;
});
}
const { mainTemplate } = compilation;
mainTemplate.hooks.jsonpScript.tap(thisPluginName, (source) => plugin.addAttribute("script", source));
mainTemplate.hooks.linkPreload.tap(thisPluginName, (source) => plugin.addAttribute("link", source));
mainTemplate.hooks.localVars.tap(thisPluginName, (source, chunk) => {
const allChunks = this.options.hashLoading === "lazy"
? plugin.getChildChunksToAddToChunkManifest(chunk)
: util_1.findChunks(chunk);
const includedChunks = chunk.getChunkMaps(false).hash;
if (Object.keys(includedChunks).length > 0) {
return compilation.compiler.webpack.Template.asString([
source,
`${util_1.sriHashVariableReference} = ` +
JSON.stringify(util_1.generateSriHashPlaceholders(Array.from(allChunks).filter((depChunk) => depChunk.id !== null &&
includedChunks[depChunk.id.toString()]), this.options.hashFuncNames)) +
";",
]);
}
return source;
});
if (this.options.hashLoading === "lazy") {
compilation.hooks.additionalChunkRuntimeRequirements.tap(thisPluginName, (chunk) => {
var _a;
const childChunks = plugin.getChildChunksToAddToChunkManifest(chunk);
if (childChunks.size > 0 && !chunk.hasRuntime()) {
compilation.addRuntimeModule(chunk, new AddLazySriRuntimeModule(util_1.generateSriHashPlaceholders(childChunks, this.options.hashFuncNames), (_a = chunk.name) !== null && _a !== void 0 ? _a : chunk.id));
}
});
}
};
/**
* @internal
*/
this.validateOptions = (compilation, reporter) => {
if (this.isEnabled(compilation) &&
!compilation.compiler.options.output.crossOriginLoading) {
reporter.warnOnce('SRI requires a cross-origin policy, defaulting to "anonymous". ' +
"Set webpack option output.crossOriginLoading to a value other than false " +
"to make this warning go away. " +
"See https://w3c.github.io/webappsec-subresource-integrity/#cross-origin-data-leakage");
}
return (this.validateHashFuncNames(reporter) && this.validateHashLoading(reporter));
};
/**
* @internal
*/
this.validateHashFuncNames = (reporter) => {
if (!Array.isArray(this.options.hashFuncNames)) {
reporter.error("options.hashFuncNames must be an array of hash function names, " +
"instead got '" +
this.options.hashFuncNames +
"'.");
return false;
}
else if (this.options.hashFuncNames.length === 0) {
reporter.error("Must specify at least one hash function name.");
return false;
}
else if (!this.options.hashFuncNames.every(this.validateHashFuncName.bind(this, reporter))) {
return false;
}
else {
this.warnStandardHashFunc(reporter);
return true;
}
};
/**
* @internal
*/
this.validateHashLoading = (reporter) => {
const supportedHashLoadingOptions = Object.freeze(["eager", "lazy"]);
if (supportedHashLoadingOptions.includes(this.options.hashLoading)) {
return true;
}
const optionsStr = supportedHashLoadingOptions
.map((opt) => `'${opt}'`)
.join(", ");
reporter.error(`options.hashLoading must be one of ${optionsStr}, instead got '${this.options.hashLoading}'`);
return false;
};
/**
* @internal
*/
this.warnStandardHashFunc = (reporter) => {
let foundStandardHashFunc = false;
for (let i = 0; i < this.options.hashFuncNames.length; i += 1) {
if (standardHashFuncNames.indexOf(this.options.hashFuncNames[i]) >= 0) {
foundStandardHashFunc = true;
}
}
if (!foundStandardHashFunc) {
reporter.warnOnce("It is recommended that at least one hash function is part of the set " +
"for which support is mandated by the specification. " +
"These are: " +
standardHashFuncNames.join(", ") +
". " +
"See http://www.w3.org/TR/SRI/#cryptographic-hash-functions for more information.");
}
};
/**
* @internal
*/
this.validateHashFuncName = (reporter, hashFuncName) => {
if (typeof hashFuncName !== "string" &&
!(hashFuncName instanceof String)) {
reporter.error("options.hashFuncNames must be an array of hash function names, " +
"but contained " +
hashFuncName +
".");
return false;
}
try {
crypto_1.createHash(hashFuncName);
}
catch (error) {
reporter.error("Cannot use hash function '" + hashFuncName + "': " + error.message);
return false;
}
return true;
};
if (typeof options !== "object") {
throw new Error("webpack-subresource-integrity: argument must be an object");
}
this.options = {
hashFuncNames: ["sha384"],
enabled: "auto",
hashLoading: "eager",
...options,
};
}
/**
* @internal
*/
isEnabled(compilation) {
if (this.options.enabled === "auto") {
return compilation.options.mode !== "development";
}
return this.options.enabled;
}
apply(compiler) {
compiler.hooks.beforeCompile.tapPromise(thisPluginName, async () => {
try {
getHtmlWebpackPluginHooks = (await Promise.resolve().then(() => __importStar(require("html-webpack-plugin"))))
.default.getHooks;
}
catch (e) {
if (e.code !== "MODULE_NOT_FOUND") {
throw e;
}
}
});
compiler.hooks.afterPlugins.tap(thisPluginName, (compiler) => {
compiler.hooks.thisCompilation.tap({
name: thisPluginName,
stage: -10000,
}, (compilation) => {
this.setup(compilation);
});
compiler.hooks.compilation.tap(thisPluginName, (compilation) => {
compilation.hooks.statsFactory.tap(thisPluginName, (statsFactory) => {
statsFactory.hooks.extract
.for("asset")
.tap(thisPluginName, (object, asset) => {
var _a;
const contenthash = (_a = asset.info) === null || _a === void 0 ? void 0 : _a.contenthash;
if (contenthash) {
const shaHashes = (Array.isArray(contenthash) ? contenthash : [contenthash]).filter((hash) => String(hash).match(/^sha[0-9]+-/));
if (shaHashes.length > 0) {
object.integrity =
shaHashes.join(" ");
}
}
});
});
});
});
}
}
exports.SubresourceIntegrityPlugin = SubresourceIntegrityPlugin;
//# sourceMappingURL=index.js.map