Move RichObjectStringParser to precompiled Handlebars templates

In Nextcloud 15 the default Content Security Policy disallows unsafe eval expressions, so Handlebars templates can no longer be compiled at runtime. For the time being that default Content Security Policy was lifted for Talk so "Handlebars.compile" could still be used. However, this only applies to Talk itself; when using Talk components in other apps they must abide to the Content Security Policy of those apps. As the RichObjectStringParser is going to be used in the Files app it has been moved to precompiled Handlebars templates (which are still compatible with the regular Talk UI). Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-11-27 15:12:15 +01:00 · 2018-11-27 15:12:15 +01:00 · 87297dea17
--- a/js/views/richobjectstringparser.js
+++ b/js/views/richobjectstringparser.js
@ -1,4 +1,4 @@
-/* global OC, OCA, Handlebars */
+/* global OC, OCA */

 /**
 * @copyright (c) 2016 Joas Schilling <coding@schilljs.com>
@ -9,30 +9,10 @@
 * later. See the COPYING file.
 */

-(function(OC, OCA, Handlebars) {
+(function(OC, OCA) {

 	OCA.SpreedMe.Views.RichObjectStringParser = {

-		_userLocalTemplate: '' +
-				'<span class="atwho-inserted" contenteditable="false">' +
-					'<span class="mention-user avatar-name-wrapper {{#if isCurrentUser}}currentUser{{/if}}">' +
-						'<span class="avatar" ' +
-								'data-user-id="{{id}}" ' +
-								'data-user-display-name="{{name}}">' +
-						'</span>' +
-						'<strong>{{name}}</strong>' +
-					'</span>' +
-				'</span>',
-
-		_filePreviewTemplate: '' +
-				'<a href="{{link}}" class="filePreviewContainer" target="_blank" rel="noopener noreferrer">' +
-					'<span class="filePreview" data-file-id="{{id}}"></span>' +
-					'<strong>{{name}}</strong>' +
-				'</a>',
-
-		_unknownTemplate: '<strong>{{name}}</strong>',
-		_unknownLinkTemplate: '<a href="{{link}}" class="external" target="_blank" rel="noopener noreferrer"><strong>{{name}}</strong></a>',
-
 		/**
 		 * @param {string} subject
 		 * @param {Object} parameters
@ -69,7 +49,7 @@
 			switch (parameter.type) {
 				case 'user':
 					if (!this.userLocalTemplate) {
-						this.userLocalTemplate = Handlebars.compile(this._userLocalTemplate);
+						this.userLocalTemplate = OCA.SpreedMe.Views.Templates['richobjectstringparser_userlocal'];
 					}
 					if (!parameter.name) {
 						parameter.name = parameter.id;
@ -81,20 +61,20 @@

 				case 'file':
 					if (!this.filePreviewTemplate) {
-						this.filePreviewTemplate = Handlebars.compile(this._filePreviewTemplate);
+						this.filePreviewTemplate = OCA.SpreedMe.Views.Templates['richobjectstringparser_filepreview'];
 					}
 					return this.filePreviewTemplate(parameter);

 				default:
 					if (!_.isUndefined(parameter.link)) {
 						if (!this.unknownLinkTemplate) {
-							this.unknownLinkTemplate = Handlebars.compile(this._unknownLinkTemplate);
+							this.unknownLinkTemplate = OCA.SpreedMe.Views.Templates['richobjectstringparser_unknownlink'];
 						}
 						return this.unknownLinkTemplate(parameter);
 					}

 					if (!this.unknownTemplate) {
-						this.unknownTemplate = Handlebars.compile(this._unknownTemplate);
+						this.unknownTemplate = OCA.SpreedMe.Views.Templates['richobjectstringparser_unknown'];
 					}
 					return this.unknownTemplate(parameter);
 			}
@ -102,4 +82,4 @@

 	};

-})(OC, OCA, Handlebars);
+})(OC, OCA);
--- a/js/views/templates.js
+++ b/js/views/templates.js
@ -86,4 +86,46 @@ templates['chatview_comment'] = template({"1":function(container,depth0,helpers,
    + ((stack1 = ((helper = (helper = helpers.formattedMessage || (depth0 != null ? depth0.formattedMessage : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"formattedMessage","hash":{},"data":data}) : helper))) != null ? stack1 : "")
    + "</div>\n</li>\n";
 },"useData":true});
+templates['richobjectstringparser_filepreview'] = template({"compiler":[7,">= 4.0.0"],"main":function(container,depth0,helpers,partials,data) {
+    var helper, alias1=depth0 != null ? depth0 : (container.nullContext || {}), alias2=helpers.helperMissing, alias3="function", alias4=container.escapeExpression;
+
+  return "<a href=\""
+    + alias4(((helper = (helper = helpers.link || (depth0 != null ? depth0.link : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"link","hash":{},"data":data}) : helper)))
+    + "\" class=\"filePreviewContainer\" target=\"_blank\" rel=\"noopener noreferrer\">\n	<span class=\"filePreview\" data-file-id=\""
+    + alias4(((helper = (helper = helpers.id || (depth0 != null ? depth0.id : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"id","hash":{},"data":data}) : helper)))
+    + "\"></span>\n	<strong>"
+    + alias4(((helper = (helper = helpers.name || (depth0 != null ? depth0.name : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"name","hash":{},"data":data}) : helper)))
+    + "</strong>\n</a>\n";
+},"useData":true});
+templates['richobjectstringparser_unknown'] = template({"compiler":[7,">= 4.0.0"],"main":function(container,depth0,helpers,partials,data) {
+    var helper;
+
+  return "<strong>"
+    + container.escapeExpression(((helper = (helper = helpers.name || (depth0 != null ? depth0.name : depth0)) != null ? helper : helpers.helperMissing),(typeof helper === "function" ? helper.call(depth0 != null ? depth0 : (container.nullContext || {}),{"name":"name","hash":{},"data":data}) : helper)))
+    + "</strong>\n";
+},"useData":true});
+templates['richobjectstringparser_unknownlink'] = template({"compiler":[7,">= 4.0.0"],"main":function(container,depth0,helpers,partials,data) {
+    var helper, alias1=depth0 != null ? depth0 : (container.nullContext || {}), alias2=helpers.helperMissing, alias3="function", alias4=container.escapeExpression;
+
+  return "<a href=\""
+    + alias4(((helper = (helper = helpers.link || (depth0 != null ? depth0.link : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"link","hash":{},"data":data}) : helper)))
+    + "\" class=\"external\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>"
+    + alias4(((helper = (helper = helpers.name || (depth0 != null ? depth0.name : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"name","hash":{},"data":data}) : helper)))
+    + "</strong></a>\n";
+},"useData":true});
+templates['richobjectstringparser_userlocal'] = template({"1":function(container,depth0,helpers,partials,data) {
+    return "currentUser";
+},"compiler":[7,">= 4.0.0"],"main":function(container,depth0,helpers,partials,data) {
+    var stack1, helper, alias1=depth0 != null ? depth0 : (container.nullContext || {}), alias2=helpers.helperMissing, alias3="function", alias4=container.escapeExpression;
+
+  return "<span class=\"atwho-inserted\" contenteditable=\"false\">\n	<span class=\"mention-user avatar-name-wrapper "
+    + ((stack1 = helpers["if"].call(alias1,(depth0 != null ? depth0.isCurrentUser : depth0),{"name":"if","hash":{},"fn":container.program(1, data, 0),"inverse":container.noop,"data":data})) != null ? stack1 : "")
+    + "\">\n		<span class=\"avatar\"\n				data-user-id=\""
+    + alias4(((helper = (helper = helpers.id || (depth0 != null ? depth0.id : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"id","hash":{},"data":data}) : helper)))
+    + "\"\n				data-user-display-name=\""
+    + alias4(((helper = (helper = helpers.name || (depth0 != null ? depth0.name : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"name","hash":{},"data":data}) : helper)))
+    + "\">\n		</span>\n		<strong>"
+    + alias4(((helper = (helper = helpers.name || (depth0 != null ? depth0.name : depth0)) != null ? helper : alias2),(typeof helper === alias3 ? helper.call(alias1,{"name":"name","hash":{},"data":data}) : helper)))
+    + "</strong>\n	</span>\n</span>\n";
+},"useData":true});
 })();
--- a/js/views/templates/richobjectstringparser_filepreview.handlebars
+++ b/js/views/templates/richobjectstringparser_filepreview.handlebars
@ -0,0 +1,4 @@
+<a href="{{link}}" class="filePreviewContainer" target="_blank" rel="noopener noreferrer">
+	<span class="filePreview" data-file-id="{{id}}"></span>
+	<strong>{{name}}</strong>
+</a>
--- a/js/views/templates/richobjectstringparser_unknown.handlebars
+++ b/js/views/templates/richobjectstringparser_unknown.handlebars
@ -0,0 +1 @@
+<strong>{{name}}</strong>
--- a/js/views/templates/richobjectstringparser_unknownlink.handlebars
+++ b/js/views/templates/richobjectstringparser_unknownlink.handlebars
@ -0,0 +1 @@
+<a href="{{link}}" class="external" target="_blank" rel="noopener noreferrer"><strong>{{name}}</strong></a>
--- a/js/views/templates/richobjectstringparser_userlocal.handlebars
+++ b/js/views/templates/richobjectstringparser_userlocal.handlebars
@ -0,0 +1,9 @@
+<span class="atwho-inserted" contenteditable="false">
+	<span class="mention-user avatar-name-wrapper {{#if isCurrentUser}}currentUser{{/if}}">
+		<span class="avatar"
+				data-user-id="{{id}}"
+				data-user-display-name="{{name}}">
+		</span>
+		<strong>{{name}}</strong>
+	</span>
+</span>
				`@ -0,0 +1 @@`
				`<a href="{{link}}" class="external" target="_blank" rel="noopener noreferrer"><strong>{{name}}</strong></a>`