Skip to content

Commit

Permalink
mip.js 沙盒对象增加 BMap\BMapLib (#577)
Browse files Browse the repository at this point in the history 
* 增加 sandbox 白名单

* 将 BMap 改成 readywrite

* 升级 mip.js 核心的 sandbox
  • Loading branch information
@clark-t @chenqiushi
clark-t authored and chenqiushi committed Apr 16, 2019
1 parent 2d3415d commit 6b8f3bb
Show file tree
Hide file tree
Showing 11 changed files with 2,328 additions and 2,333 deletions.
3 changes: 3 additions & 0 deletions packages/mip-cli/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
# CHANGELOG

- 1.5.9
1. 升级 mip-sandbox,添加 `BMap``BMapLib` 白名单

- 1.5.7
1. 升级 mip-sandbox,添加 `swan` 白名单

Expand Down
10 changes: 5 additions & 5 deletions packages/mip-cli/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions packages/mip-cli/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "mip2",
"version": "1.5.7",
"version": "1.5.9",
"description": "CLI for mip 2.0",
"preferGlobal": true,
"bin": {
Expand Down Expand Up @@ -64,7 +64,7 @@
"minimatch": "^3.0.4",
"mip-component-validator": "^1.1.7",
"mip-components-webpack-helpers": "^1.0.7",
"mip-sandbox": "^1.1.7",
"mip-sandbox": "^1.1.9",
"mip-validator": "^1.5.15",
"opn": "^5.3.0",
"ora": "^2.1.0",
Expand Down
9 changes: 9 additions & 0 deletions packages/mip-sandbox/lib/keywords-generate.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,15 @@ module.exports = function () {
return window
},
properties: ORIGINAL.concat([
{
type: TYPE_PROPS,
access: ACCESS_READWRITE,
props: [
// https://github.com/mipengine/mip2/issues/576
'BMap',
'BMapLib'
]
},
{
type: TYPE_PROPS,
access: ACCESS_READONLY,
Expand Down
2 changes: 1 addition & 1 deletion packages/mip-sandbox/lib/unsafe-replace.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ function safeThisExpression (prefix) {

module.exports = function (code, keywords, prefix) {
keywords = keywords || []
prefix = prefix || 'MIP.sandbox'
prefix = prefix || 'window.MIP.sandbox'

return detect(
code,
Expand Down
2 changes: 1 addition & 1 deletion packages/mip-sandbox/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion packages/mip-sandbox/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "mip-sandbox",
"version": "1.1.7",
"version": "1.1.9",
"description": "sandbox tools for MIP project",
"main": "lib/sandbox.js",
"scripts": {
Expand Down
70 changes: 44 additions & 26 deletions packages/mip-sandbox/test/spec/generate.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,13 +62,13 @@ describe('generate', function () {
}
`
var expected = `
var a = MIP.sandbox.this(this)
MIP.sandbox.this(this)()
MIP.sandbox.this(this).setTimeout()
var b = {this: MIP.sandbox.this(this)}
MIP.sandbox.this(this)['setTimeout']()
var a = window.MIP.sandbox.this(this)
window.MIP.sandbox.this(this)()
window.MIP.sandbox.this(this).setTimeout()
var b = {this: window.MIP.sandbox.this(this)}
window.MIP.sandbox.this(this)['setTimeout']()
var c = {
[MIP.sandbox.this(this)]: MIP.sandbox.this(this)[MIP.sandbox.this(this)][MIP.sandbox.this(this).setTimeout()]
[window.MIP.sandbox.this(this)]: window.MIP.sandbox.this(this)[window.MIP.sandbox.this(this)][window.MIP.sandbox.this(this).setTimeout()]
}
`

Expand All @@ -78,7 +78,7 @@ describe('generate', function () {
it('#string', function () {
/* eslint-disable */
var code = '`abcd${this[this].this}efg${b[c].d}`'
var expected = '`abcd${MIP.sandbox.this(this)[MIP.sandbox.this(this)].this}efg${MIP.sandbox.b[MIP.sandbox.c].d}`'
var expected = '`abcd${window.MIP.sandbox.this(this)[window.MIP.sandbox.this(this)].this}efg${window.MIP.sandbox.b[window.MIP.sandbox.c].d}`'
/* eslint-enable */
expect(generate(code, keywords.WHITELIST_RESERVED)).to.be.equal(format(expected))
})
Expand All @@ -91,7 +91,7 @@ describe('generate', function () {
`

var expected = `
var a = {b: MIP.sandbox.b}
var a = {b: window.MIP.sandbox.b}
var c = {c}
var d = {setTimeout}
`
Expand Down Expand Up @@ -148,37 +148,37 @@ describe('generate', function () {
const d = require('xxx')
swan.webView.navigateTo({url: 'abc'})
function e({f, g: h = MIP.sandbox.i}) {
function e({f, g: h = window.MIP.sandbox.i}) {
console.log(a)
console.log(MIP.sandbox.b)
console.log(window.MIP.sandbox.b)
console.log(bb)
console.log(c)
console.log(d)
console.log(e)
console.log(f)
console.log(MIP.sandbox.g)
console.log(window.MIP.sandbox.g)
console.log(h)
console.log(MIP.sandbox.i)
console.log(window.MIP.sandbox.i)
console.log(l)
console.log(m)
MIP.sandbox.j = new Promise(resolve => resolve())
window.MIP.sandbox.j = new Promise(resolve => resolve())
var [k, ...l] = []
MIP.sandbox.eval(k)
window.MIP.sandbox.eval(k)
}
const l = '123'
class m extends MIP.sandbox.n {
class m extends window.MIP.sandbox.n {
o() {}
}
var p = function q() {}
;(r => r()).call(undefined)
;(function s() {})()
console.log(MIP.sandbox.q)
console.log(MIP.sandbox.s)
var t = {u: MIP.sandbox.u}
console.log(window.MIP.sandbox.q)
console.log(window.MIP.sandbox.s)
var t = {u: window.MIP.sandbox.u}
var v = {v}
`

Expand Down Expand Up @@ -210,16 +210,16 @@ describe('generate', function () {
console.log(e)
}
console.log(MIP.sandbox.e)
console.log(window.MIP.sandbox.e)
try {}
catch ({message, code}) {
console.log(code)
console.log(message)
}
console.log(MIP.sandbox.message)
console.log(MIP.sandbox.code)
console.log(window.MIP.sandbox.message)
console.log(window.MIP.sandbox.code)
`

expect(generate(code, keywords.WHITELIST_RESERVED)).to.be.equal(format(expected))
Expand All @@ -233,19 +233,19 @@ describe('generate', function () {

var expected = `
var a = location.href
var b = MIP.sandbox.document.createElement('div')
var b = window.MIP.sandbox.document.createElement('div')
`

var expectedInStrict = `
var a = MIP.sandbox.strict.location.href
var b = MIP.sandbox.strict.document.createElement('div')
var a = window.MIP.sandbox.strict.location.href
var b = window.MIP.sandbox.strict.document.createElement('div')
`

expect(generate(code, keywords.WHITELIST_RESERVED)).to.be.equal(format(expected))
expect(generate(
code,
keywords.WHITELIST_STRICT_RESERVED,
{prefix: 'MIP.sandbox.strict'}
{prefix: 'window.MIP.sandbox.strict'}
)).to.be.equal(format(expectedInStrict))
})

Expand All @@ -269,7 +269,7 @@ describe('generate', function () {
var a = await dynamicA
var b = await import('path/to/b')
console.log(a)
console.log(MIP.sandbox.c)
console.log(window.MIP.sandbox.c)
}
}
`
Expand Down Expand Up @@ -298,6 +298,24 @@ describe('generate', function () {

expect(generate(code, keywords.WHITELIST_RESERVED)).to.be.equal(format(expected))
})

it('BMap', function () {
var code = `
window.BMap.console()
window.BMap = {}
BMap = 'hehe'
BMap = function () {}
`

var expected = `
window.MIP.sandbox.window.BMap.console()
window.MIP.sandbox.window.BMap = {}
BMap = 'hehe'
BMap = function () {}
`

expect(generate(code, keywords.WHITELIST_RESERVED)).to.be.equal(format(expected))
})
})
})

Expand Down
8 changes: 8 additions & 0 deletions packages/mip-sandbox/test/spec/sandbox.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,14 @@ describe('sandbox', function () {
expect(sandbox.strict.location.hash).to.be.equal('#hash2')
})

it('BMap', function () {
expect(sandbox.BMap).to.be.equal(undefined)
window.BMap = {a: 1}
expect(sandbox.BMap).to.be.equal(window.BMap)
sandbox.BMap = {a: 2}
expect(window.BMap.a).to.be.equal(2)
})

it('WHITELIST', function () {
expect(sandbox.WHITELIST).to.not.be.equal(sandbox.strict.WHITELIST)
expect(sandbox.WHITELIST_STRICT).to.not.be.equal(sandbox.strict.WHITELIST_STRICT)
Expand Down
Loading

0 comments on commit 6b8f3bb

Please sign in to comment.