-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathpermissions-policy-header.mjs
124 lines (115 loc) · 3.7 KB
/
permissions-policy-header.mjs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
'use strict';
/**
* Copyright 2020 Google Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export class FeaturePolicyHeader {
/**
* @param {Map<string, string[]>} policies
*/
constructor(policies) {
this.policies = policies;
}
/**
* Parse Feature-Policy header string
*
* @param {string} header_string e.g. unsized-images 'none'; geolocation *; usb foo.com bar.com
* @returns {FeaturePolicyHeader}
*/
static parse(header_string) {
if (!header_string)
return new FeaturePolicyHeader(new Map());
return new FeaturePolicyHeader(header_string.split(';')
.reduce((acc, item) => {
const [policyName, ...allowlist] = item.trim().split(' ').filter(s => s !== '');
acc.set(policyName, allowlist);
return acc;
}, new Map()));
}
serialize() {
return [...this.policies.entries()]
.map(([policyName, allowlist]) => `${policyName} ${allowlist.join(' ')}`)
.join('; ');
}
};
export class PermissionsPolicyHeader {
/**
* @param {Map<string, string[]>} policies
*/
constructor(policies) {
this.policies = policies;
}
/**
* Parse Permissions-Policy header string.
*
* Note: Permissions-Policy header uses Dictionary in [structured header syntax]
*(https://httpwg.org/http-extensions/draft-ietf-httpbis-header-structure.html).
*
* Note: This function does not provide full structured header syntax parsing.
* When incomplete syntax is received, it can lead to unexpected behaviour.
*
* @param {string} header_string e.g. p1=(), p2=("foo.com" "bar.com"), p3=self
* @returns {PermissionsPolicyHeader}
*/
static parse(header_string) {
if (!header_string)
return new PermissionsPolicyHeader(new Map());
return new PermissionsPolicyHeader(header_string.split(',')
.reduce((acc, item) => {
const [policyName, allowlist_string] = item.split('=').map(s => s.trim());
const match_result = allowlist_string.match(/\((.*)\)/);
// Bracket is optional when there is only single item in SH's dictionary
// value.
const allowlist = match_result ? (
match_result.length > 1 ? match_result[1].split(' ') : ['']
) : [allowlist_string];
acc.set(policyName, allowlist);
return acc;
}, new Map()));
}
serialize() {
return [...this.policies.entries()]
.map(([policyName, allowlist]) => `${policyName}=(${allowlist.join(' ')})`)
.join(', ');
}
/**
* @returns {FeaturePolicyHeader}
*/
toFeaturePolicy() {
/**
* Convert permissions policy allowlist item to feature policy allowlist
* item.
* @param {string} item
* @returns {string}
*/
function mapAllowlistItem(item) {
switch (item) {
case '*':
return '*';
case "self":
return "'self'";
case "":
return "'none'";
default:
// Remove leading and trailing '"' in permissions header syntax.
return item.slice(1, -1);
}
}
return new FeaturePolicyHeader(
new Map(
[...this.policies.entries()]
.map(([feature, allowlist]) => [feature, allowlist.map(mapAllowlistItem)])
));
}
};