mirror of
https://github.com/NoRedInk/noredink-ui.git
synced 2024-12-29 00:21:42 +03:00
💀 replace attribute extras
This commit is contained in:
parent
e9ae1f8a43
commit
4cb887fb81
@ -1,20 +0,0 @@
|
|||||||
module AttributeExtras exposing (targetBlank)
|
|
||||||
|
|
||||||
import Html.Styled exposing (Attribute)
|
|
||||||
import Html.Styled.Attributes as Attributes
|
|
||||||
|
|
||||||
|
|
||||||
{-| Use this list of attributes instead of applying `Attributes.target "_blank"`
|
|
||||||
directly. This prevents an exploits like "tabnabbing", among other things.
|
|
||||||
|
|
||||||
See these resources:
|
|
||||||
|
|
||||||
- <https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a#Security_and_privacy_concerns>
|
|
||||||
- <https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever>
|
|
||||||
|
|
||||||
-}
|
|
||||||
targetBlank : List (Attribute msg)
|
|
||||||
targetBlank =
|
|
||||||
[ Attributes.target "_blank"
|
|
||||||
, Attributes.rel "noopener noreferrer"
|
|
||||||
]
|
|
@ -14,7 +14,7 @@ module ClickableAttributes exposing
|
|||||||
|
|
||||||
{-| -}
|
{-| -}
|
||||||
|
|
||||||
import AttributeExtras exposing (targetBlank)
|
import Nri.Ui.Html.Attributes.V2 as AttributeExtras exposing (targetBlank)
|
||||||
import EventExtras
|
import EventExtras
|
||||||
import Html.Styled exposing (Attribute)
|
import Html.Styled exposing (Attribute)
|
||||||
import Html.Styled.Attributes as Attributes
|
import Html.Styled.Attributes as Attributes
|
||||||
|
@ -1,39 +0,0 @@
|
|||||||
module Nri.Ui.Html.Attributes.Extra exposing (none, includeIf)
|
|
||||||
|
|
||||||
{-| Extras for working with Html.Attributes
|
|
||||||
|
|
||||||
@docs none, includeIf
|
|
||||||
|
|
||||||
-}
|
|
||||||
|
|
||||||
import Html exposing (Attribute)
|
|
||||||
import Html.Attributes as Attributes
|
|
||||||
import Json.Encode as Encode
|
|
||||||
|
|
||||||
|
|
||||||
{-| Represents an attribute with no semantic meaning, useful for conditionals.
|
|
||||||
|
|
||||||
This is implemented such that whenever Html.Attributes.Extra.none is encountered
|
|
||||||
by VirtualDom it will set a meaningless property on the element object itself to
|
|
||||||
null:
|
|
||||||
|
|
||||||
domNode['Html.Attributes.Extra.none'] = null
|
|
||||||
|
|
||||||
It's totally safe and lets us clean up conditional and maybe attributes
|
|
||||||
|
|
||||||
-}
|
|
||||||
none : Attribute msg
|
|
||||||
none =
|
|
||||||
Attributes.property "Html.Attributes.Extra.none" Encode.null
|
|
||||||
|
|
||||||
|
|
||||||
{-| conditionally include an attribute. Useful for CSS classes generated with
|
|
||||||
`UniqueClass`!
|
|
||||||
-}
|
|
||||||
includeIf : Bool -> Attribute msg -> Attribute msg
|
|
||||||
includeIf cond attr =
|
|
||||||
if cond then
|
|
||||||
attr
|
|
||||||
|
|
||||||
else
|
|
||||||
none
|
|
@ -1,4 +1,4 @@
|
|||||||
module Nri.Ui.Html.Attributes.V2 exposing (none, includeIf)
|
module Nri.Ui.Html.Attributes.V2 exposing (none, includeIf, targetBlank)
|
||||||
|
|
||||||
{-| Extras for working with Html.Attributes.
|
{-| Extras for working with Html.Attributes.
|
||||||
|
|
||||||
@ -39,3 +39,18 @@ includeIf cond attr =
|
|||||||
|
|
||||||
else
|
else
|
||||||
none
|
none
|
||||||
|
|
||||||
|
{-| Use this list of attributes instead of applying `Attributes.target "_blank"`
|
||||||
|
directly. This prevents an exploits like "tabnabbing", among other things.
|
||||||
|
|
||||||
|
See these resources:
|
||||||
|
|
||||||
|
- <https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a#Security_and_privacy_concerns>
|
||||||
|
- <https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever>
|
||||||
|
|
||||||
|
-}
|
||||||
|
targetBlank : List (Attribute msg)
|
||||||
|
targetBlank =
|
||||||
|
[ Attributes.target "_blank"
|
||||||
|
, Attributes.rel "noopener noreferrer"
|
||||||
|
]
|
||||||
|
@ -139,7 +139,7 @@ module Nri.Ui.Icon.V5 exposing
|
|||||||
|
|
||||||
import Accessibility.Role as Role
|
import Accessibility.Role as Role
|
||||||
import Accessibility.Styled exposing (..)
|
import Accessibility.Styled exposing (..)
|
||||||
import AttributeExtras
|
import Nri.Ui.Html.Attributes.V2 as AttributeExtras
|
||||||
import Css exposing (..)
|
import Css exposing (..)
|
||||||
import EventExtras
|
import EventExtras
|
||||||
import Html as RootHtml
|
import Html as RootHtml
|
||||||
|
Loading…
Reference in New Issue
Block a user