[DO NOT MERGE] docs: improve typedoc documentation, fix JSDoc, upgrade deps, and clean up API surface#2958
[DO NOT MERGE] docs: improve typedoc documentation, fix JSDoc, upgrade deps, and clean up API surface#2958Michael Pham (michaelphamcf) wants to merge 1 commit intomasterfrom
Conversation
…an up API surface Comprehensive documentation and API cleanup branch extracted cleanly from refactor/docs (which had rebasing issues with master). See docs/refactor-docs-changelog.md for a detailed breakdown of all changes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| var newVersion = select.value | ||
| var subPath = pathSegments.slice(cmIdx + 2).join('/') | ||
| var newUrl = docsBase + '/' + newVersion + '/' + subPath | ||
| window.location.href = newUrl |
Check failure
Code scanning / CodeQL
DOM text reinterpreted as HTML High documentation
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 days ago
In general, to fix this kind of issue you should (1) validate or whitelist the untrusted value (select.value) against the expected set of safe options, and (2) ensure that the constructed URL cannot become an arbitrary or cross-origin URL (e.g., javascript:..., https://evil.com/...). Since the code already has a known set of versions (versions array plus possibly currentVersion), we can derive an explicit whitelist and only navigate if the chosen value is in that list. Additionally, we can construct the new URL using the existing path segments and the browser’s URL parser to avoid protocol or origin changes.
The minimal, non-breaking change is to: inside the then(function (versions) { ... }) block, define a validVersions array that contains the allowed version values (from versions, plus currentVersion if it is not already in the list). Then, in the change event listener, check whether newVersion is included in validVersions; if not, abort. When constructing newUrl, build it as a relative path anchored to the current origin using the URL constructor, so even if an unexpected string slipped in, it cannot change protocol or origin. Concretely, we will: (a) introduce var validVersions = versions.slice(); after we know versions, optionally pushing currentVersion if needed; (b) update the change handler to return early if validVersions.indexOf(newVersion) === -1; and (c) replace the simple string concatenation var newUrl = docsBase + '/' + newVersion + '/' + subPath with var newUrl = new URL(docsBase + '/' + newVersion + '/' + subPath, window.location.origin).toString();. All changes are within docs/plugins/version-selector/version-selector.js and do not alter the external behavior for valid version values.
| @@ -23,6 +23,12 @@ | ||
| .then(function (versions) { | ||
| if (!versions || !versions.length) return | ||
|
|
||
| // Build a whitelist of valid versions from the data source | ||
| var validVersions = versions.slice() | ||
| if (validVersions.indexOf(currentVersion) === -1) { | ||
| validVersions.push(currentVersion) | ||
| } | ||
|
|
||
| var wrapper = document.createElement('div') | ||
| wrapper.className = 'tsd-version-selector' | ||
|
|
||
| @@ -57,8 +63,13 @@ | ||
|
|
||
| select.addEventListener('change', function () { | ||
| var newVersion = select.value | ||
| // Only allow navigation to known-safe versions | ||
| if (validVersions.indexOf(newVersion) === -1) { | ||
| return | ||
| } | ||
| var subPath = pathSegments.slice(cmIdx + 2).join('/') | ||
| var newUrl = docsBase + '/' + newVersion + '/' + subPath | ||
| var relativePath = docsBase + '/' + newVersion + '/' + subPath | ||
| var newUrl = new URL(relativePath, window.location.origin).toString() | ||
| window.location.href = newUrl | ||
| }) | ||
|
|
2 participants
Summary
Description
Motivation and Context
PR Checklist
CONTRIBUTING.mdfile