add-to-calendar-button icon indicating copy to clipboard operation
add-to-calendar-button copied to clipboard

Published 20 hours ago verified publisher icon add2cal

Make the script CSP compliant

Open emilebosch opened this issue 2 years ago • 6 comments

It uses new Function thus requiring CSP unsafe-eval. Here Luckily only uses it in the browser detection section. Here is the patched code.

// CHECKING FOR SPECIFIC DEVICED AND SYSTEMS
// browser
const isBrowser = ()=>{try { return this===window; } catch(e) { return false; }}
// iOS
const isiOS = isBrowser()
  ? ()=>{
      if ((/iPad|iPhone|iPod/i.test(navigator.userAgent || navigator.vendor || window.opera) && !window.MSStream) || (navigator.platform === "MacIntel" && navigator.maxTouchPoints > 1)) { return true; } else { return false; }
    }
  : ()=>{return false;}
// Android
const isAndroid = isBrowser()
  ? ()=>{
      if (/android/i.test(navigator.userAgent || navigator.vendor || window.opera) && !window.MSStream) { return true; } else { return false; }
    }
  : ()=>{return false;};
// Chrome
const isChrome = isBrowser()
  ? ()=>{
      if (/chrome|chromium|crios/i.test(navigator.userAgent)) { return true; } else { return false; }
    }
  : ()=>{return false;};
// Mobile
const isMobile = () => {
  if (isAndroid() || isiOS()) {
    return true;
  } else {
    return false;
  }
};
// WebView (iOS and Android)
const isWebView = isBrowser()
  ? ()=>{
      if (/(; ?wv|(iPhone|iPod|iPad).*AppleWebKit(?!.*Safari))/i.test(navigator.userAgent || navigator.vendor)) { return true; } else { return false; }
    }
  : ()=>{return false;};
// checking for problematic apps
const isProblematicWebView = isBrowser()
  ? ()=>{
      if (/(Instagram)/i.test(navigator.userAgent || navigator.vendor || window.opera)) { return true; } else { return false; }
    }
  : ()=>{return false;};

emilebosch avatar Sep 21 '22 08:09 emilebosch

Thanks a lot! Will look into it.

jekuer avatar Sep 21 '22 09:09 jekuer

Do you want to push this as a pull request? Would make you shine up as contributor. Otherwise, I will simply patch it in a few days.

jekuer avatar Sep 21 '22 09:09 jekuer

I had to quickly hack this together for our web team since it was killing their buttons. Here is sloppy pr sorry about that

https://github.com/add2cal/add-to-calendar-button/pull/195

emilebosch avatar Sep 21 '22 10:09 emilebosch

If you could release a version on js deliver you'd make our webflow based web team super happy

emilebosch avatar Sep 21 '22 10:09 emilebosch

will check and release. however, might take ~1 week

jekuer avatar Sep 21 '22 11:09 jekuer

thank you 🙌

emilebosch avatar Sep 21 '22 11:09 emilebosch

Included in new Version 1.16 - thanks again! :)

jekuer avatar Oct 01 '22 15:10 jekuer