aboutsummaryrefslogtreecommitdiff
path: root/common
diff options
context:
space:
mode:
Diffstat (limited to 'common')
-rw-r--r--common/entities.js22
-rw-r--r--common/jsonschema.js12
-rw-r--r--common/policy.js43
3 files changed, 60 insertions, 17 deletions
diff --git a/common/entities.js b/common/entities.js
index 74cad20..41d6e3b 100644
--- a/common/entities.js
+++ b/common/entities.js
@@ -116,6 +116,28 @@ function* get_used_files(item)
}
#EXPORT get_used_files AS get_files
+/*
+ * Regex to parse URIs like:
+ * https://hydrilla.koszko.org/schemas/api_mapping_description-2.schema.json
+ */
+const name_base_re = "(?<name_base>[^/]*)";
+const major_number_re = "(?<major>[1-9][0-9]*)";
+const minor_number_re = "(?:[1-9][0-9]*|0)";
+const numbers_rest_re = `(?:\\.${minor_number_re})*`;
+const version_re = `(?<ver>${major_number_re}${numbers_rest_re})`;
+const schema_name_re = `${name_base_re}-${version_re}\\.schema\\.json`;
+
+const haketilo_schema_name_regex = new RegExp(schema_name_re);
+#EXPORT haketilo_schema_name_regex
+
+/* Extract the number that indicates entity's compatibility mode. */
+function get_schema_major_version(instance) {
+ const match = haketilo_schema_name_regex.exec(instance.$schema);
+
+ return parseInt(match.groups.major);
+}
+#EXPORT get_schema_major_version
+
#IF NEVER
/*
diff --git a/common/jsonschema.js b/common/jsonschema.js
index 3e99cd6..9c4a70c 100644
--- a/common/jsonschema.js
+++ b/common/jsonschema.js
@@ -57,6 +57,8 @@
#FROM common/jsonschema/scan.js IMPORT SchemaScanResult, scan
+#FROM common/entities.js IMPORT haketilo_schema_name_regex
+
#EXPORT scan
#EXPORT SchemaScanResult
@@ -86,15 +88,6 @@ const haketilo_schemas = [
#INCLUDE schemas/2.x/common_definitions-2.schema.json
].reduce((ac, s) => Object.assign(ac, {[s.$id]: s}), {});
-const name_base_re = "(?<name_base>[^/]*)";
-const major_number_re = "(?<major>[1-9][0-9]*)";
-const minor_number_re = "(?:[1-9][0-9]*|0)";
-const numbers_rest_re = `(?:\\.${minor_number_re})*`;
-const version_re = `(?<ver>${major_number_re}${numbers_rest_re})`;
-const schema_name_re = `${name_base_re}-${version_re}\\.schema\\.json`;
-
-const haketilo_schema_name_regex = new RegExp(schema_name_re);
-
for (const [$id, schema] of [...Object.entries(haketilo_schemas)]) {
const match = haketilo_schema_name_regex.exec($id);
const schema_name =
@@ -103,7 +96,6 @@ for (const [$id, schema] of [...Object.entries(haketilo_schemas)]) {
}
#EXPORT haketilo_schemas
-#EXPORT haketilo_schema_name_regex
const haketilo_validator = new Validator();
Object.values(haketilo_schemas)
diff --git a/common/policy.js b/common/policy.js
index e14d8cd..6bcb54b 100644
--- a/common/policy.js
+++ b/common/policy.js
@@ -49,16 +49,15 @@
* CSP rule that either blocks all scripts or only allows scripts with specified
* nonce attached.
*/
-function make_csp(nonce)
-{
- const rule = nonce ? `nonce-${nonce}` : "none";
+function make_csp(nonce) {
+ const rule = nonce ? `'nonce-${nonce}'` : "'none'";
const csp_list = [
- ["prefetch-src", "none"],
- ["script-src-attr", "none"],
- ["script-src", rule],
+ ["prefetch-src", "'none'"],
+ ["script-src-attr", "'none'"],
+ ["script-src", rule, "'unsafe-eval'"],
["script-src-elem", rule]
];
- return csp_list.map(([a, b]) => `${a} '${b}';`).join(" ");
+ return csp_list.map(words => `${words.join(" ")};`).join(" ");
}
function decide_policy(patterns_tree, url, default_allow, secret)
@@ -113,3 +112,33 @@ function decide_policy(patterns_tree, url, default_allow, secret)
#EXPORT decide_policy
#EXPORT () => ({allow: false, csp: make_csp()}) AS fallback_policy
+
+#IF NEVER
+
+/*
+ * Note: the functions below were overeagerly written and are not used now but
+ * might prove useful to once we add more functionalities and are hence kept...
+ */
+
+function relaxed_csp_eval(csp) {
+ const new_csp_list = [];
+
+ for (const directive of csp.split(";")) {
+ const directive_words = directive.trim().split(" ");
+ if (directive_words[0] === "script-src")
+ directive_words.push("'unsafe-eval'");
+
+ new_csp_list.push(directive_words);
+ }
+
+ new_policy.csp = new_csp_list.map(d => `${d.join(" ")}';`).join(" ");
+}
+
+function relax_policy_eval(policy) {
+ const new_policy = Object.assign({}, policy);
+
+ return Object.assign(new_policy, {csp: relaxed_csp_eval(policy.csp)});
+}
+#EXPORT relax_policy_eval
+
+#ENDIF