UNPKG

prismjs/components/prism-csp.js

Version:

1.2 kBJavaScriptView Raw

1/**
* Original by Scott Helme.
*
* Reference: https://scotthelme.co.uk/csp-cheat-sheet/
*
* Supports the following:
*  - CSP Level 1
*  - CSP Level 2
*  - CSP Level 3
*/
11
12Prism.languages.csp = {
'directive': {
pattern: /(^|[^-\da-z])(?:base-uri|block-all-mixed-content|(?:child|connect|default|font|frame|img|manifest|media|object|prefetch|script|style|worker)-src|disown-opener|form-action|frame-(?:ancestors|options)|input-protection(?:-(?:clip|selectors))?|navigate-to|plugin-types|policy-uri|referrer|reflected-xss|report-(?:to|uri)|require-sri-for|sandbox|(?:script|style)-src-(?:attr|elem)|upgrade-insecure-requests)(?=[^-\da-z]|$)/i,
lookbehind: true,
alias: 'keyword'
},
'safe': {
// CSP2 hashes and nonces are base64 values. CSP3 accepts both base64 and base64url values.
// See https://tools.ietf.org/html/rfc4648#section-4
// See https://tools.ietf.org/html/rfc4648#section-5
pattern: /'(?:deny|none|report-sample|self|strict-dynamic|top-only|(?:nonce|sha(?:256|384|512))-[-+/\w=]+)'/i,
alias: 'selector'
},
'unsafe': {
pattern: /(?:'unsafe-(?:allow-redirects|dynamic|eval|hash-attributes|hashed-attributes|hashes|inline)'|\*)/i,
alias: 'function'
}
29};

1	`/**`
2	`* Original by Scott Helme.`
3	`*`
4	`* Reference: https://scotthelme.co.uk/csp-cheat-sheet/`
5	`*`
6	`* Supports the following:`
7	`* - CSP Level 1`
8	`* - CSP Level 2`
9	`* - CSP Level 3`
10	`*/`
11
12	`Prism.languages.csp = {`
13	`'directive': {`
14	`pattern: /(^\|[^-\da-z])(?:base-uri\|block-all-mixed-content\|(?:child\|connect\|default\|font\|frame\|img\|manifest\|media\|object\|prefetch\|script\|style\|worker)-src\|disown-opener\|form-action\|frame-(?:ancestors\|options)\|input-protection(?:-(?:clip\|selectors))?\|navigate-to\|plugin-types\|policy-uri\|referrer\|reflected-xss\|report-(?:to\|uri)\|require-sri-for\|sandbox\|(?:script\|style)-src-(?:attr\|elem)\|upgrade-insecure-requests)(?=[^-\da-z]\|$)/i,`
15	`lookbehind: true,`
16	`alias: 'keyword'`
17	`},`
18	`'safe': {`
19	`// CSP2 hashes and nonces are base64 values. CSP3 accepts both base64 and base64url values.`
20	`// See https://tools.ietf.org/html/rfc4648#section-4`
21	`// See https://tools.ietf.org/html/rfc4648#section-5`
22	`pattern: /'(?:deny\|none\|report-sample\|self\|strict-dynamic\|top-only\|(?:nonce\|sha(?:256\|384\|512))-[-+/\w=]+)'/i,`
23	`alias: 'selector'`
24	`},`
25	`'unsafe': {`
26	`pattern: /(?:'unsafe-(?:allow-redirects\|dynamic\|eval\|hash-attributes\|hashed-attributes\|hashes\|inline)'\|\*)/i,`
27	`alias: 'function'`
28	`}`
29	`};`