Redocly/redoc
1
1
Fork 0
mirror of https://github.com/Redocly/redoc.git synced 2024-11-22 00:26:34 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: nonce support (#1566)

Browse Source 
Signed-off-by: Quentin Devos <4972091+Okhoshi@users.noreply.github.com>
Co-authored-by: AlexVarchuk <olexandr.varchuk@gmail.com>
This commit is contained in:
Quentin D 2022-03-23 17:02:30 +01:00 committed by GitHub
parent 25be934bb1
commit c75ac9cf70
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -243,6 +243,7 @@ You can use all of the following options with the standalone version of the <red
* `payloadSampleIdx` - if set, payload sample will be inserted at this index or last. Indexes start from 0. * `payloadSampleIdx` - if set, payload sample will be inserted at this index or last. Indexes start from 0.
* `theme` - ReDoc theme. For details check [theme docs](#redoc-theme-object). * `theme` - ReDoc theme. For details check [theme docs](#redoc-theme-object).
* `untrustedSpec` - if set, the spec is considered untrusted and all HTML/markdown is sanitized to prevent XSS. **Disabled by default** for performance reasons. **Enable this option if you work with untrusted user data!** * `untrustedSpec` - if set, the spec is considered untrusted and all HTML/markdown is sanitized to prevent XSS. **Disabled by default** for performance reasons. **Enable this option if you work with untrusted user data!**
* `nonce` - if set, the provided value will be injected in every injected HTML element in the `nonce` attribute. Useful when using CSP, see https://webpack.js.org/guides/csp/.
* `sideNavStyle` - can be specified in various ways: * `sideNavStyle` - can be specified in various ways:
* **summary-only**: displays a summary in the sidebar navigation item. (**default**) * **summary-only**: displays a summary in the sidebar navigation item. (**default**)
* **path-only**: displays a path in the sidebar navigation item. * **path-only**: displays a path in the sidebar navigation item.

8
src/components/RedocStandalone.tsx
View File

@ -17,12 +17,20 @@ export interface RedocStandaloneProps {
onLoaded?: (e?: Error) => any; onLoaded?: (e?: Error) => any;
} }
declare let __webpack_nonce__: string;
export const RedocStandalone = function (props: RedocStandaloneProps) { export const RedocStandalone = function (props: RedocStandaloneProps) {
const { spec, specUrl, options = {}, onLoaded } = props; const { spec, specUrl, options = {}, onLoaded } = props;
const hideLoading = argValueToBoolean(options.hideLoading, false); const hideLoading = argValueToBoolean(options.hideLoading, false);
const normalizedOpts = new RedocNormalizedOptions(options); const normalizedOpts = new RedocNormalizedOptions(options);
if (normalizedOpts.nonce !== undefined) {
try {
__webpack_nonce__ = normalizedOpts.nonce;
} catch { } // If we have exception, Webpack was not used to run this.
}
return ( return (
<ErrorBoundary> <ErrorBoundary>
<StoreBuilder spec={spec} specUrl={specUrl} options={options} onLoaded={onLoaded}> <StoreBuilder spec={spec} specUrl={specUrl} options={options} onLoaded={onLoaded}>

4
src/services/RedocNormalizedOptions.ts
View File

@ -54,6 +54,7 @@ export interface RedocRawOptions {
ignoreNamedSchemas?: string[] | string; ignoreNamedSchemas?: string[] | string;
hideSchemaPattern?: boolean; hideSchemaPattern?: boolean;
generatedPayloadSamplesMaxDepth?: number; generatedPayloadSamplesMaxDepth?: number;
nonce?: string;
hideFab?: boolean; hideFab?: boolean;
} }
@ -251,6 +252,8 @@ export class RedocNormalizedOptions {
generatedPayloadSamplesMaxDepth: number; generatedPayloadSamplesMaxDepth: number;
hideFab: boolean; hideFab: boolean;
nonce?: string;
constructor(raw: RedocRawOptions, defaults: RedocRawOptions = {}) { constructor(raw: RedocRawOptions, defaults: RedocRawOptions = {}) {
raw = { ...defaults, ...raw }; raw = { ...defaults, ...raw };
const hook = raw.theme && raw.theme.extensionsHook; const hook = raw.theme && raw.theme.extensionsHook;
@ -320,6 +323,7 @@ export class RedocNormalizedOptions {
RedocNormalizedOptions.normalizeGeneratedPayloadSamplesMaxDepth( RedocNormalizedOptions.normalizeGeneratedPayloadSamplesMaxDepth(
raw.generatedPayloadSamplesMaxDepth, raw.generatedPayloadSamplesMaxDepth,
); );
this.nonce = raw.nonce;
this.hideFab = argValueToBoolean(raw.hideFab); this.hideFab = argValueToBoolean(raw.hideFab);
} }
} }