viewerjs
viewerjs copied to clipboard
网络安全漏洞修复
Hi! 👋
Firstly, thanks for your work on this project! 🙂
Today I used patch-package to patch [email protected]
for the project I'm working on.
Here is the diff that solved my problem:
diff --git a/node_modules/viewerjs/dist/viewer.common.js b/node_modules/viewerjs/dist/viewer.common.js
index b554bd3..678512a 100644
--- a/node_modules/viewerjs/dist/viewer.common.js
+++ b/node_modules/viewerjs/dist/viewer.common.js
@@ -1033,7 +1033,8 @@ var render = {
list = this.list;
var items = []; // initList may be called in this.update, so should keep idempotent
- list.innerHTML = '';
+ //网络安全漏洞修改 20231106 yangxl
+ (list.textContent != undefined ) ? (list.textContent = "") : (list.innerText = "");
forEach(this.images, function (image, index) {
var src = image.src;
var alt = image.alt || getImageNameFromURL(src);
@@ -1101,7 +1102,8 @@ var render = {
},
resetList: function resetList() {
var list = this.list;
- list.innerHTML = '';
+ //网络安全漏洞修改 20231106 yangxl
+ (list.textContent != undefined ) ? (list.textContent = "") : (list.innerText = "");
removeClass(list, CLASS_TRANSITION);
setStyle(list, getTransforms({
translateX: 0
@@ -1902,18 +1904,22 @@ var methods = {
addClass(canvas, CLASS_LOADING);
}
- canvas.innerHTML = '';
+ //网络安全漏洞修改 20231106 yangxl
+ (canvas.textContent != undefined ) ? (canvas.textContent = "") : (canvas.innerText = "");
canvas.appendChild(image); // Center current item
this.renderList(); // Clear title
+ //网络安全漏洞修改 20231106 yangxl
+ (title.textContent != undefined ) ? (title.textContent = "") : (title.innerText = "");// Generate title after viewed
- title.innerHTML = ''; // Generate title after viewed
var onViewed = function onViewed() {
var imageData = _this.imageData;
var render = Array.isArray(options.title) ? options.title[1] : options.title;
- title.innerHTML = escapeHTMLEntities(isFunction(render) ? render.call(_this, image, imageData) : "".concat(alt, " (").concat(imageData.naturalWidth, " \xD7 ").concat(imageData.naturalHeight, ")"));
- };
+ let _textVal = escapeHTMLEntities(isFunction(render) ? render.call(_this, image, imageData) : "".concat(alt, " (").concat(imageData.naturalWidth, " \xD7 ").concat(imageData.naturalHeight, ")"));
+ //网络安全漏洞修改 20231106 yangxl
+ (title.textContent != undefined ) ?(title.textContent = _textVal):(title.innerText = _textVal);// Generate title after viewed
+ };
var onLoad;
addListener(element, EVENT_VIEWED, onViewed, {
@@ -2335,7 +2341,8 @@ var methods = {
removeListener(image, EVENT_LOAD, _this4.onLoadWhenPlay);
});
removeClass(player, CLASS_SHOW);
- player.innerHTML = '';
+ //网络安全漏洞修复 20231106 yangxl
+ (player.textContent != undefined ) ?(player.textContent = ""):(player.innerText = "");
this.exitFullscreen();
return this;
},
@@ -2572,8 +2579,9 @@ var methods = {
this.viewed = false;
this.index = 0;
this.imageData = {};
- this.canvas.innerHTML = '';
- this.title.innerHTML = '';
+ //网络安全漏洞修复 20231106 yangxl
+ (this.canvas.textContent != undefined ) ? (this.canvas.textContent = "") : (this.canvas.innerText = "");
+ (this.title.textContent != undefined ) ? (this.title.textContent = "") : (this.title.innerText = "");
}
}
} else {
@@ -2927,7 +2935,8 @@ function () {
options = this.options;
var parent = element.parentNode;
var template = document.createElement('div');
- template.innerHTML = TEMPLATE;
+ //网络安全漏洞修复 20231106 yangxl
+ (template.textContent != undefined ) ? (template.textContent = TEMPLATE) : (template.innerText = TEMPLATE);
var viewer = template.querySelector(".".concat(NAMESPACE, "-container"));
var title = viewer.querySelector(".".concat(NAMESPACE, "-title"));
var toolbar = viewer.querySelector(".".concat(NAMESPACE, "-toolbar"));
diff --git a/node_modules/viewerjs/src/.DS_Store b/node_modules/viewerjs/src/.DS_Store
deleted file mode 100644
index c31585c..0000000
Binary files a/node_modules/viewerjs/src/.DS_Store and /dev/null differ
This issue body was partially generated by patch-package.