6f7c4ea6-49ab-4ae8-85cc-c93a702378a1

Committed 09 Jul 2024 09:52AM UTC coverage: 100.0%. Remained the same

Build # 6f7c4ea6-49ab-4ae8-85cc-c93a702378a1

Build Type

push

circleci

Committed by

web-flow

Commit Message

Merge stable into master

Run Details

13840 of 13840 branches covered (100.0%)

Branch coverage included in aggregate %.

36579 of 36579 relevant lines covered (100.0%)

11225.02 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

100.0

/packages/ckeditor5-adapter-ckfinder/src/utils.ts

/**
 * @license Copyright (c) 2003-2024, CKSource Holding sp. z o.o. All rights reserved.
 * For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license
 */

/* globals window, document */

/**
 * @module adapter-ckfinder/utils
 */

const TOKEN_COOKIE_NAME = 'ckCsrfToken';
const TOKEN_LENGTH = 40;
const tokenCharset = 'abcdefghijklmnopqrstuvwxyz0123456789';

/**
 * Returns the CSRF token value. The value is a hash stored in `document.cookie`
 * under the `ckCsrfToken` key. The CSRF token can be used to secure the communication
 * between the web browser and the CKFinder server.
 */
export function getCsrfToken(): string {
        let token = getCookie( TOKEN_COOKIE_NAME );

        if ( !token || token.length != TOKEN_LENGTH ) {
                token = generateToken( TOKEN_LENGTH );
                setCookie( TOKEN_COOKIE_NAME, token );
        }

        return token;
}

/**
 * Returns the value of the cookie with a given name or `null` if the cookie is not found.
 */
export function getCookie( name: string ): string | null {
        name = name.toLowerCase();
        const parts = document.cookie.split( ';' );

        for ( const part of parts ) {
                const pair = part.split( '=' );
                const key = decodeURIComponent( pair[ 0 ].trim().toLowerCase() );

                if ( key === name ) {
                        return decodeURIComponent( pair[ 1 ] );
                }
        }

        return null;
}

/**
 * Sets the value of the cookie with a given name.
 */
export function setCookie( name: string, value: string ): void {
        document.cookie = encodeURIComponent( name ) + '=' + encodeURIComponent( value ) + ';path=/';
}

/**
 * Generates the CSRF token with the given length.
 */
function generateToken( length: number ): string {
        let result = '';
        const randValues = new Uint8Array( length );

        window.crypto.getRandomValues( randValues );

        for ( let j = 0; j < randValues.length; j++ ) {
                const character = tokenCharset.charAt( randValues[ j ] % tokenCharset.length );
                result += Math.random() > 0.5 ? character.toUpperCase() : character;
        }

        return result;
}

1	/**
2	* @license Copyright (c) 2003-2024, CKSource Holding sp. z o.o. All rights reserved.
3	* For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license
4	*/
5
6	/* globals window, document */
7
8	/**
9	* @module adapter-ckfinder/utils
10	*/
11
12	const TOKEN_COOKIE_NAME = 'ckCsrfToken';	1✔
13	const TOKEN_LENGTH = 40;	1✔
14	const tokenCharset = 'abcdefghijklmnopqrstuvwxyz0123456789';	1✔
15
16	/**
17	* Returns the CSRF token value. The value is a hash stored in `document.cookie`
18	* under the `ckCsrfToken` key. The CSRF token can be used to secure the communication
19	* between the web browser and the CKFinder server.
20	*/
21	export function getCsrfToken(): string {
22	let token = getCookie( TOKEN_COOKIE_NAME );	11✔
23
24	if ( !token \|\| token.length != TOKEN_LENGTH ) {	11✔
25	token = generateToken( TOKEN_LENGTH );	4✔
26	setCookie( TOKEN_COOKIE_NAME, token );	4✔
27	}
28
29	return token;	11✔
30	}
31
32	/**
33	* Returns the value of the cookie with a given name or `null` if the cookie is not found.
34	*/
35	export function getCookie( name: string ): string \| null {
36	name = name.toLowerCase();	14✔
37	const parts = document.cookie.split( ';' );	14✔
38
39	for ( const part of parts ) {	14✔
40	const pair = part.split( '=' );	20✔
41	const key = decodeURIComponent( pair[ 0 ].trim().toLowerCase() );	20✔
42
43	if ( key === name ) {	20✔
44	return decodeURIComponent( pair[ 1 ] );	9✔
45	}
46	}
47
48	return null;	5✔
49	}
50
51	/**
52	* Sets the value of the cookie with a given name.
53	*/
54	export function setCookie( name: string, value: string ): void {
55	document.cookie = encodeURIComponent( name ) + '=' + encodeURIComponent( value ) + ';path=/';	5✔
56	}
57
58	/**
59	* Generates the CSRF token with the given length.
60	*/
61	function generateToken( length: number ): string {
62	let result = '';	4✔
63	const randValues = new Uint8Array( length );	4✔
64
65	window.crypto.getRandomValues( randValues );	4✔
66
67	for ( let j = 0; j < randValues.length; j++ ) {	4✔
68	const character = tokenCharset.charAt( randValues[ j ] % tokenCharset.length );	160✔
69	result += Math.random() > 0.5 ? character.toUpperCase() : character;	160✔
70	}
71
72	return result;	4✔
73	}

ckeditor / ckeditor5 / 6f7c4ea6-49ab-4ae8-85cc-c93a702378a1

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous