From 8c76bf8a93e446a06942d2cfec39b8b5d9ac0700 Mon Sep 17 00:00:00 2001 From: harryadel Date: Fri, 21 Jul 2023 09:57:53 +0300 Subject: [PATCH] Apply @wreiske suggestions --- .../browser-policy-content/browser-policy-content.js | 10 +++------- packages/browser-policy-content/package.js | 6 ------ 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/packages/browser-policy-content/browser-policy-content.js b/packages/browser-policy-content/browser-policy-content.js index 6b7ef1b542..a39430c82d 100644 --- a/packages/browser-policy-content/browser-policy-content.js +++ b/packages/browser-policy-content/browser-policy-content.js @@ -1,7 +1,3 @@ -var isEmpty = Npm.require('lodash.isempty'); -var has = Npm.require('lodash.has'); -var union = Npm.require('lodash.union'); - // By adding this package, you get the following default policy: // No eval or other string-to-code, and content can only be loaded from the // same origin as the app (except for XHRs and websocket connections, which can @@ -79,7 +75,7 @@ var parseCsp = function (csp) { Object.entries(cspSrcs).forEach(function (entry) { var directive = entry[0]; var sources = entry[1]; - cspSrcs[directive] = union(sources || [], cspSrcs["default-src"] || []); + cspSrcs[directive] = [...new Set([...(sources || []), ...(cspSrcs["default-src"] || [])])]; }); }; @@ -94,7 +90,7 @@ var removeCspSrc = function (directive, src) { var prepareForCspDirective = function (directive) { cspSrcs = cspSrcs || {}; cachedCsp = null; - if (!has(cspSrcs, directive)) + if (!(directive in cspSrcs)) cspSrcs[directive] = [].concat(cspSrcs["default-src"]); }; @@ -162,7 +158,7 @@ Object.assign(BrowserPolicy.content, { }, // Exported for tests and browser-policy-common. _constructCsp: function () { - if (! cspSrcs || isEmpty(cspSrcs)) + if (! cspSrcs || (Object.keys(cspSrcs).length === 0 && cspSrcs.constructor === Object)) return null; if (cachedCsp) diff --git a/packages/browser-policy-content/package.js b/packages/browser-policy-content/package.js index 4e57b050a0..3565ae7298 100644 --- a/packages/browser-policy-content/package.js +++ b/packages/browser-policy-content/package.js @@ -3,12 +3,6 @@ Package.describe({ version: "1.1.2" }); -Npm.depends({ - 'lodash.isempty': '4.4.0', - 'lodash.has': '4.5.2', - 'lodash.union': '4.6.0' -}); - Package.onUse(function (api) { api.use("ecmascript"); api.use(["browser-policy-common", "webapp"], "server");