~tychi/code-mirror-shield

3e5e80621c30fb653e923ce41b82be9acebd0d8a — Tyler Childs 7 months ago 1b88084
feature: securely (sub-resource integrity) grant all urls an editor
9 files changed, 88 insertions(+), 71 deletions(-)

D index.html
M lock.json
R editor.bundle.js => public/editor.bundle.js
R editor.js => public/editor.js
M quick-start.sh
M scripts/build.sh
M scripts/install.sh
A scripts/start.sh
A server.js
D index.html => index.html +0 -4
@@ 1,4 0,0 @@
<!doctype html>
<meta charset=utf8>
<h1>CodeMirror!</h1>
<script src="editor.bundle.js"></script>

M lock.json => lock.json +9 -48
@@ 1,50 1,11 @@
{
  "https://cdn.esm.sh/v62/@codemirror/autocomplete@0.19.12/deno/autocomplete.js": "fc8f4ca73d2514f35ba2593429880b40b502ca5b09414fb75a3d3c9fbb48f3be",
  "https://cdn.esm.sh/v62/@codemirror/autocomplete@0.19.12/dist/index.d.ts": "545d54c082215238d6d2d8c02ce32bede39e8df5a40e5d7ef84c77d959ffc5c0",
  "https://cdn.esm.sh/v62/@codemirror/basic-setup@0.19.1/deno/basic-setup.js": "3eac24427a3adfbf083623e28ad1922a82148026ee9f6f4a4c9307b318951cf7",
  "https://cdn.esm.sh/v62/@codemirror/basic-setup@0.19.1/dist/index.d.ts": "7510f3a218dda8a5c55222e459f98dcd8aaa0b9f0c6e96c813523f037dc4404f",
  "https://cdn.esm.sh/v62/@codemirror/closebrackets@0.19.0/deno/closebrackets.js": "82a64660dff35d0f3d0f5f70f85598926e9564b811edd4be6689a93107fc901a",
  "https://cdn.esm.sh/v62/@codemirror/commands@0.19.7/deno/commands.js": "f221705c1c840152f23ae1b2e8538986b5d6884bcd84681cff6e0bb3fbdce596",
  "https://cdn.esm.sh/v62/@codemirror/comment@0.19.0/deno/comment.js": "411360660fb5653c21ef0709efc8d5c17ff01f34d2ec6a44e94a3bf9deb60215",
  "https://cdn.esm.sh/v62/@codemirror/fold@0.19.2/deno/fold.js": "ddefc4308c45f00bde4ec0cc5cc21bb2b73db850788c6082af0212a770acebf4",
  "https://cdn.esm.sh/v62/@codemirror/gutter@0.19.9/deno/gutter.js": "440e05f4acaaad772b54aac0c63c7de520d0c5e1963566a80ec84296aeb5db95",
  "https://cdn.esm.sh/v62/@codemirror/highlight@0.19.7/deno/highlight.js": "b7495fa5d7f215aa7d7a9f50716692e8e8f36e1e5e5d39b3446063add8beaaa3",
  "https://cdn.esm.sh/v62/@codemirror/history@0.19.2/deno/history.js": "69c22fa325f43af3acc9ee60d6c44813707c752066a3121dd7bd38c424c5116d",
  "https://cdn.esm.sh/v62/@codemirror/lang-javascript@0.19.6/deno/lang-javascript.js": "9c3c580ebed3cb1e1d62cae666d45d445ccd4dd29dc4155127894d0cf61b3a56",
  "https://cdn.esm.sh/v62/@codemirror/lang-javascript@0.19.6/dist/index.d.ts": "76a6d7843c40c4b1da6bb9e88f487aa80a802a60ef99fc6e66fc8ad44b1a0b7d",
  "https://cdn.esm.sh/v62/@codemirror/language@0.19.7/deno/language.js": "e7c14d4c9ece4cd5af20390346ee4cfa90010fbfbb852a559526efc26e7bc191",
  "https://cdn.esm.sh/v62/@codemirror/language@0.19.7/dist/index.d.ts": "e6f3fb7b20ddeb114f774580cdadcf03a62547bf9c43fd7267076efe62252133",
  "https://cdn.esm.sh/v62/@codemirror/lint@0.19.3/deno/lint.js": "872ee883bb8b2d6a4172cf75948684b4f4399352786e18e0e00d1f2e74f27762",
  "https://cdn.esm.sh/v62/@codemirror/lint@0.19.3/dist/index.d.ts": "ea441992ec253e989164ed615ca9e7349a266c8cef664a8a9ec1d1f735c78cf7",
  "https://cdn.esm.sh/v62/@codemirror/matchbrackets@0.19.3/deno/matchbrackets.js": "1b54ce6a93560616660401ee7b50406e0fb083cba460dd63fae4733f740b77ae",
  "https://cdn.esm.sh/v62/@codemirror/panel@0.19.1/deno/panel.js": "18b462b426d8d4d704d2b65ba1bedd86192c3419d482fdd5745a99b17c6d50bf",
  "https://cdn.esm.sh/v62/@codemirror/rangeset@0.19.6/deno/rangeset.js": "ab9babfb729a621b8e4a1a7474a71221b50de413fe701d57520e7e39aa21f363",
  "https://cdn.esm.sh/v62/@codemirror/rangeset@0.19.6/dist/index.d.ts": "9e13eac1ee563cf535a17d0649b1909a642f2656670b1c609e0e74a50bf9d99b",
  "https://cdn.esm.sh/v62/@codemirror/rectangular-selection@0.19.1/deno/rectangular-selection.js": "8ea2b17ecd4abfb8f947501a76f9767973b0d4e5d0742929a628bc12137e584d",
  "https://cdn.esm.sh/v62/@codemirror/search@0.19.5/deno/search.js": "74a920c489b548fb69d91bdfd40c85e6952d5c0b48fbb727efc2296ed729d111",
  "https://cdn.esm.sh/v62/@codemirror/state@0.19.6/deno/state.js": "6567336ab785637730283a53f78d9154eb770e90da77556f0c29ef52432bface",
  "https://cdn.esm.sh/v62/@codemirror/state@0.19.6/dist/index.d.ts": "cd1eb1bfa7115e22642b91197db3a273038f52e9abf30a32288dfaa2def94053",
  "https://cdn.esm.sh/v62/@codemirror/text@0.19.6/deno/text.js": "4d97fbd9a7c627bddc47b29c5ce6f33d82680e9667eb6e7b1500fa36568c51e9",
  "https://cdn.esm.sh/v62/@codemirror/text@0.19.6/dist/index.d.ts": "b4da58323412477acdbba555cc0ae8318cd3e6d3c1e2d743e40682185a856ddd",
  "https://cdn.esm.sh/v62/@codemirror/tooltip@0.19.12/deno/tooltip.js": "dd314e5d213bb90d07fea3c44f7e465503614ccb4dfda22bb3216d7c96b82983",
  "https://cdn.esm.sh/v62/@codemirror/view@0.19.39/deno/view.js": "efc87a9e578a4d696d7d8716c23f75aafe6045da925d1f45439b5465b8f4d7e4",
  "https://cdn.esm.sh/v62/@codemirror/view@0.19.39/dist/index.d.ts": "92c4b3d285956d261fd94a0f5105b59f7f12f6d3c7e955634fa24f38802d3fed",
  "https://cdn.esm.sh/v62/@lezer/common@0.15.11/deno/common.js": "f24a11cc2e85d17eff37ddc00ade273b4e52e92ae088bcedd52f1e90c3529dff",
  "https://cdn.esm.sh/v62/@lezer/common@0.15.11/dist/index.d.ts": "1c0e52f50fa2b8dc7496e3c0cc6e2063accbfca1617ebc408a90faf57d60cbf0",
  "https://cdn.esm.sh/v62/@lezer/common@0.15.11/dist/mix.d.ts": "215cd882489dbd463ac4a4c71fd86eec53c82d6deb2aeccce2abc32268e9a8a0",
  "https://cdn.esm.sh/v62/@lezer/common@0.15.11/dist/parse.d.ts": "760453362125afdb6afb591d98a22910155ad6ecd00b26fab7409c15c8ab24fa",
  "https://cdn.esm.sh/v62/@lezer/common@0.15.11/dist/tree.d.ts": "81bee940297426a024bfda1703d0c09e376cc2f9c1d431e769dfb19118a1cece",
  "https://cdn.esm.sh/v62/@lezer/javascript@0.15.2/deno/javascript.js": "f26a43d68e79acbbb1c53ec5669f6b09b711779fc273166ccf6c74d63eed770a",
  "https://cdn.esm.sh/v62/@lezer/lr@0.15.6/deno/lr.js": "6db91d47f90da4f88660baf68ed52a2f03392ce913727514d616f7cb5df050ca",
  "https://cdn.esm.sh/v62/@lezer/lr@0.15.6/dist/index.d.ts": "690f251a6dc9130e7d497c5e967fc855b765b40f929e3436a42945118bd8d317",
  "https://cdn.esm.sh/v62/@lezer/lr@0.15.6/dist/parse.d.ts": "0164c0065755b8d5da4ed2c3679c5082846aeac9b5b06a87a226c8adf28a2421",
  "https://cdn.esm.sh/v62/@lezer/lr@0.15.6/dist/stack.d.ts": "2293ecbf89613df3aa3efd6a57b4f822032e09f124f94bc78b352313ea3d7266",
  "https://cdn.esm.sh/v62/@lezer/lr@0.15.6/dist/token.d.ts": "b5494902748bdd77d52cc8b0333e2292cf8cfa40fff76e3bf77c765ab85f9d62",
  "https://cdn.esm.sh/v62/crelt@1.0.5/deno/crelt.js": "76d65aac73e670c96ac01fcde4ff6d3d34ff5b83cc29eebf410412a816aad49d",
  "https://cdn.esm.sh/v62/node_process.js": "9e88e28df2081e6137bee0c296e4760adf9b48f6b0d14f82e063ea82414e7a71",
  "https://cdn.esm.sh/v62/style-mod@4.0.0/deno/style-mod.js": "869556e68ea8d835dee7590dd838b60bed6ff7461c571b29caa5bfd758a4b5fb",
  "https://cdn.esm.sh/v62/style-mod@4.0.0/src/style-mod.d.ts": "b67005a45a00e302e4f1f170a97155301590841c937df9565532c51d1f75ef9a",
  "https://cdn.esm.sh/v62/w3c-keyname@2.2.4/deno/w3c-keyname.js": "d51a2a29b789e6eb2a511e34731e8a56a41358529d9682b171d8ad3536b26b64",
  "https://esm.sh/@codemirror/basic-setup": "fe02149455f1875d6e5c730b9f58d758b90010cc326dd3d9bd76e4ca737559d7",
  "https://esm.sh/@codemirror/lang-javascript": "714f46688fed08019202f2dc4c06049ce021467264e20e87f8df270d6e6ce993"
  "https://deno.land/std@0.114.0/async/deadline.ts": "1d6ac7aeaee22f75eb86e4e105d6161118aad7b41ae2dd14f4cfd3bf97472b93",
  "https://deno.land/std@0.114.0/async/debounce.ts": "b2f693e4baa16b62793fd618de6c003b63228db50ecfe3bd51fc5f6dc0bc264b",
  "https://deno.land/std@0.114.0/async/deferred.ts": "ab60d46ba561abb3b13c0c8085d05797a384b9f182935f051dc67136817acdee",
  "https://deno.land/std@0.114.0/async/delay.ts": "f2d8ccaa8ebc26594bd8b0989edfd8a96257a714c1dee2fb54d986e5bdd840ac",
  "https://deno.land/std@0.114.0/async/mod.ts": "78425176fabea7bd1046ce3819fd69ce40da85c83e0f174d17e8e224a91f7d10",
  "https://deno.land/std@0.114.0/async/mux_async_iterator.ts": "62abff3af9ff619e8f2adc96fc70d4ca020fa48a50c23c13f12d02ed2b760dbe",
  "https://deno.land/std@0.114.0/async/pool.ts": "353ce4f91865da203a097aa6f33de8966340c91b6f4a055611c8c5d534afd12f",
  "https://deno.land/std@0.114.0/async/tee.ts": "3e9f2ef6b36e55188de16a667c702ace4ad0cf84e3720379160e062bf27348ad",
  "https://deno.land/std@0.114.0/http/server.ts": "46f616eac1ca0ea7b9fce97102d185a3d97ae7d7d3bbd635b74cefe05ed1cb37"
}
\ No newline at end of file

R editor.bundle.js => public/editor.bundle.js +19 -10
@@ 15042,16 15042,25 @@ function A18(t = {
        ], Fe2(T30))
    }));
}
function createEditor(target) {
    const editor = new D3({
        state: w1.create({
            extensions: [
                D14,
                A18()
            ]
        }),
const config = {
    extensions: [
        D14,
        A18()
    ]
};
function createEditor(target, flags = {
}) {
    const state = w1.create({
        ...config,
        ...flags
    });
    const view = new D3({
        state,
        parent: target
    });
    return editor;
    return {
        state,
        view
    };
}
createEditor(document.body);
export { createEditor as default };

R editor.js => public/editor.js +10 -7
@@ 1,15 1,18 @@
import {EditorState, EditorView, basicSetup} from "https://esm.sh/@codemirror/basic-setup"
import {javascript} from "https://esm.sh/@codemirror/lang-javascript"

function createEditor(target) {
  const editor = new EditorView({
    state: EditorState.create({
      extensions: [basicSetup, javascript()]
    }),
const config = {
  extensions: [basicSetup, javascript()]
}

export default function createEditor(target, flags = {}) {
  const state = EditorState.create({...config, ...flags })

  const view = new EditorView({
    state,
    parent: target
  }) 

  return editor
  return { state, view }
}

createEditor(document.body)

M quick-start.sh => quick-start.sh +1 -0
@@ 1,3 1,4 @@
#!/bin/sh
./scripts/install.sh
./scripts/build.sh
./scripts/start.sh

M scripts/build.sh => scripts/build.sh +1 -1
@@ 1,2 1,2 @@
#!/bin/sh
deno bundle ./editor.js ./editor.bundle.js
deno bundle ./public/editor.js ./public/editor.bundle.js

M scripts/install.sh => scripts/install.sh +2 -1
@@ 1,2 1,3 @@
#!/bin/sh
deno cache --lock=lock.json --lock-write editor.js
deno cache --lock=lock.json --lock-write public/editor.js
deno cache --lock=lock.json --lock-write server.js

A scripts/start.sh => scripts/start.sh +2 -0
@@ 0,0 1,2 @@
#!/bin/sh
deno run --allow-read --allow-write --allow-net --allow-run --allow-env --unstable ./server.js

A server.js => server.js +44 -0
@@ 0,0 1,44 @@
import { serve } from "https://deno.land/std@0.114.0/http/server.ts";

async function handleRequest(request) {
  const { pathname } = new URL(request.url);

  if (pathname.startsWith("/public")) {
    const file = await Deno.readFile(`.${pathname}`)
		const extension = pathname.split('.').slice(-1)
    return new Response(file, {
      headers: {
        "content-type": getType(extension),
      },
    })
  }

  return new Response(`
			<!doctype html>
			<meta charset=utf8>
			<script type="module">
				import createEditor from '/public/editor.bundle.js'
				console.log({ createEditor })

				createEditor(document.body)
			</script>
		`,
    {
      headers: {
        "content-type": "text/html; charset=utf-8",
      },
    },
  )
}

const types = {
	'css': 'text/css; charset=utf-8',
	'js': 'text/javascript; charset=utf-8'
}

function getType(ext) {
	return types[ext] || 'text/plain'
}

console.log("Listening on http://localhost:8000");
serve(handleRequest);