From ee2ba047ab7a1b9a24b7fa8ef59be640222f1aaa Mon Sep 17 00:00:00 2001 From: antelle Date: Wed, 29 Apr 2020 18:41:16 +0200 Subject: [PATCH] removed eval's --- app/scripts/plugins/plugin.js | 57 ++++++++++++++++++++--------------- build/webpack.config.js | 9 +++++- 2 files changed, 41 insertions(+), 25 deletions(-) diff --git a/app/scripts/plugins/plugin.js b/app/scripts/plugins/plugin.js index 9a52e456..18504a59 100644 --- a/app/scripts/plugins/plugin.js +++ b/app/scripts/plugins/plugin.js @@ -360,30 +360,39 @@ class Plugin extends Model { } applyJs(name, data) { - return Promise.resolve().then(() => { - let text = kdbxweb.ByteUtils.bytesToString(data); - this.module = { exports: {} }; - const id = 'plugin-' + Date.now().toString() + Math.random().toString(); - global[id] = { - require: PluginApi.require, - module: this.module - }; - text = `(function(require, module){${text}})(window["${id}"].require,window["${id}"].module);`; - const ts = this.logger.ts(); - // eslint-disable-next-line no-eval - eval(text); - return new Promise((resolve, reject) => { - setTimeout(() => { - delete global[id]; - if (this.module.exports.uninstall) { - this.logger.debug('Plugin script installed', this.logger.ts(ts)); - this.loadPluginSettings(); - resolve(); - } else { - reject('Plugin script installation failed'); - } - }, 0); - }); + return new Promise((resolve, reject) => { + try { + let text = kdbxweb.ByteUtils.bytesToString(data); + this.module = { exports: {} }; + const id = 'plugin-' + Date.now().toString() + Math.random().toString(); + global[id] = { + require: PluginApi.require, + module: this.module + }; + text = `(function(require, module){${text}})(window["${id}"].require,window["${id}"].module);`; + const ts = this.logger.ts(); + const blob = new Blob([text], { type: 'text/javascript' }); + const objectUrl = URL.createObjectURL(blob); + const el = this.createElementInHead('script', id, { + src: objectUrl + }); + el.addEventListener('load', () => { + URL.revokeObjectURL(objectUrl); + setTimeout(() => { + delete global[id]; + if (this.module.exports.uninstall) { + this.logger.debug('Plugin script installed', this.logger.ts(ts)); + this.loadPluginSettings(); + resolve(); + } else { + reject('Plugin script installation failed'); + } + }, 0); + }); + } catch (e) { + this.logger.error('Error installing plugin script', e); + reject(e); + } }); } diff --git a/build/webpack.config.js b/build/webpack.config.js index 8200d60b..5f749cf8 100644 --- a/build/webpack.config.js +++ b/build/webpack.config.js @@ -107,7 +107,14 @@ function config(options) { }, { test: /baron(\.min)?\.js$/, - loader: 'exports-loader?baron; delete window.baron;' + use: [ + StringReplacePlugin.replace({ + replacements: [ + { pattern: /\(1,\s*eval\)\('this'\)/g, replacement: () => 'window' } + ] + }), + { loader: 'exports-loader?baron; delete window.baron;' } + ] }, { test: /babel-helpers\.js$/,