fix(utils/encode-decode): Use lodash replace

_.replace is harded against undefined/null
2018-01-16 20:02:35 -08:00
parent f6e4bf74cb
commit e8dcc43e23
2 changed files with 95 additions and 33 deletions
--- a/common/utils/encode-decode.js
+++ b/common/utils/encode-decode.js
@ -1,46 +1,38 @@
-import flow from 'lodash/flow';
+import _ from 'lodash/fp';

 // we don't store loop protect disable key
-export function removeNoprotect(val) {
-  return val.replace(/noprotect/gi, '');
-}
+export const removeNoprotect = _.replace(/noprotect/gi, '');

-export function encodeScriptTags(val) {
-  return val
-    .replace(/<script>/gi, 'fccss')
-    .replace(/<\/script>/gi, 'fcces');
-}
+export const encodeScriptTags = _.flow(
+  _.replace(/<script>/gi, 'fccss'),
+  _.replace(/<\/script>/gi, 'fcces')
+);

-export function decodeScriptTags(val) {
-  return val
-    .replace(/fccss/gi, '<script>')
-    .replace(/fcces/gi, '</script>');
-}
+export const decodeScriptTags = _.flow(
+  _.replace(/fccss/gi, '<script>'),
+  _.replace(/fcces/gi, '</script>')
+);

-export function encodeFormAction(val) {
-  return val.replace(
+export const encodeFormAction = _.replace(
  // look for attributes in a form
  /<form[^>]*>/,
  // val is the string within the opening form tag
  // look for an `action` attribute, replace it with a fcc tag
-    val => val.replace(/action(\s*?)=/, 'fccfaa$1=')
-  );
-}
+  _.replace(/action(\s*?)=/, 'fccfaa$1=')
+);

-export function decodeFormAction(val) {
-  return val.replace(
+export const decodeFormAction = _.replace(
  /<form[^>]*>/,
-    val => val.replace(/fccfaa(\s*?)=/, 'action$1=')
-  );
-}
+  _.replace(/fccfaa(\s*?)=/, 'action$1=')
+);

-export const encodeFcc = flow([
+export const encodeFcc = _.flow(
  removeNoprotect,
  encodeFormAction,
  encodeScriptTags
-]);
+);

-export const decodeFcc = flow([
+export const decodeFcc = _.flow(
  decodeFormAction,
  decodeScriptTags
-]);
+);
--- a/common/utils/encode-decode.test.js
+++ b/common/utils/encode-decode.test.js
@ -0,0 +1,70 @@
+import test from 'tape';
+import {
+  encodeScriptTags,
+  decodeScriptTags,
+  encodeFormAction,
+  decodeFormAction,
+  encodeFcc,
+  decodeFcc
+} from './encode-decode.js';
+
+const scriptDecoded = `
+  <script>console.log('foo')</script>
+`;
+const scriptEncoded = `
+  fccssconsole.log('foo')fcces
+`;
+test('encodeScriptTags', t => {
+  t.plan(1);
+  t.equal(
+    encodeScriptTags(scriptDecoded),
+    scriptEncoded
+  );
+});
+
+test('decodeScriptTags', t => {
+  t.plan(1);
+  t.equal(
+    decodeScriptTags(scriptEncoded),
+    scriptDecoded
+  );
+});
+
+const formDecoded = `
+  <form action ='path'>foo</form>
+`;
+const formEncoded = `
+  <form fccfaa ='path'>foo</form>
+`;
+
+test('encodeFormAction', t => {
+  t.plan(1);
+  t.equal(
+    encodeFormAction(formDecoded),
+    formEncoded
+  );
+});
+
+test('decodeFormAction', t => {
+  t.plan(1);
+  t.equal(
+    decodeFormAction(formEncoded),
+    formDecoded
+  );
+});
+
+test('encodeFcc', t => {
+  t.plan(1);
+  t.equal(
+    encodeFcc('//noprotect' + scriptDecoded + formDecoded),
+    '//' + scriptEncoded + formEncoded
+  );
+});
+
+test('decodeFcc', t => {
+  t.plan(1);
+  t.equal(
+    decodeFcc(scriptEncoded + formEncoded),
+    scriptDecoded + formDecoded
+  );
+});