first commit

2025-05-16 00:17:42 +02:00
parent ea5c866137
commit bacf566ec9
6020 changed files with 1715262 additions and 0 deletions
--- a/node_modules/lit-html/node/development/directives/unsafe-html.js
+++ b/node_modules/lit-html/node/development/directives/unsafe-html.js
@@ -0,0 +1,64 @@
+import { nothing, noChange } from '../lit-html.js';
+import { Directive, PartType, directive } from '../directive.js';
+
+/**
+ * @license
+ * Copyright 2017 Google LLC
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+const HTML_RESULT = 1;
+class UnsafeHTMLDirective extends Directive {
+    constructor(partInfo) {
+        super(partInfo);
+        this._value = nothing;
+        if (partInfo.type !== PartType.CHILD) {
+            throw new Error(`${this.constructor.directiveName}() can only be used in child bindings`);
+        }
+    }
+    render(value) {
+        if (value === nothing || value == null) {
+            this._templateResult = undefined;
+            return (this._value = value);
+        }
+        if (value === noChange) {
+            return value;
+        }
+        if (typeof value != 'string') {
+            throw new Error(`${this.constructor.directiveName}() called with a non-string value`);
+        }
+        if (value === this._value) {
+            return this._templateResult;
+        }
+        this._value = value;
+        const strings = [value];
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        strings.raw = strings;
+        // WARNING: impersonating a TemplateResult like this is extremely
+        // dangerous. Third-party directives should not do this.
+        return (this._templateResult = {
+            // Cast to a known set of integers that satisfy ResultType so that we
+            // don't have to export ResultType and possibly encourage this pattern.
+            // This property needs to remain unminified.
+            ['_$litType$']: this.constructor
+                .resultType,
+            strings,
+            values: [],
+        });
+    }
+}
+UnsafeHTMLDirective.directiveName = 'unsafeHTML';
+UnsafeHTMLDirective.resultType = HTML_RESULT;
+/**
+ * Renders the result as HTML, rather than text.
+ *
+ * The values `undefined`, `null`, and `nothing`, will all result in no content
+ * (empty string) being rendered.
+ *
+ * Note, this is unsafe to use with any user-provided input that hasn't been
+ * sanitized or escaped, as it may lead to cross-site-scripting
+ * vulnerabilities.
+ */
+const unsafeHTML = directive(UnsafeHTMLDirective);
+
+export { UnsafeHTMLDirective, unsafeHTML };
+//# sourceMappingURL=unsafe-html.js.map