Sanitize user input with DOMPurify.

igvteam · Sep 15, 2023 · 63cce91 · 63cce91
1 parent 3143625
commit 63cce91
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 8 deletions.
diff --git a/js/roi/ROIMenu.js b/js/roi/ROIMenu.js
@@ -54,7 +54,7 @@ class ROIMenu {
 
             const callback = () => {
 
-                const value = this.browser.inputDialog.input.value || ''
+                const value = this.browser.inputDialog.value || ''
                 feature.name = value.trim()
 
                 this.container.style.display = 'none'

diff --git a/js/ui/menuUtils.js b/js/ui/menuUtils.js
@@ -169,7 +169,7 @@ function visibilityWindowMenuItem(trackView) {
 
         const callback = () => {
 
-            let value = trackView.browser.inputDialog.input.value
+            let value = trackView.browser.inputDialog.value
             value = '' === value || undefined === value ? -1 : value.trim()
 
             trackView.track.visibilityWindow = Number.parseInt(value)
@@ -247,7 +247,7 @@ function trackRenameMenuItem(trackView) {
     const click = e => {
 
         const callback = function () {
-            let value = trackView.browser.inputDialog.input.value
+            let value = trackView.browser.inputDialog.value
             value = ('' === value || undefined === value) ? 'untitled' : value.trim()
             trackView.track.name = value
         }
@@ -276,7 +276,7 @@ function trackHeightMenuItem(trackView) {
 
         const callback = () => {
 
-            const number = Number(trackView.browser.inputDialog.input.value, 10)
+            const number = Number(trackView.browser.inputDialog.value, 10)
 
             if (undefined !== number) {
 

diff --git a/js/version.js b/js/version.js
@@ -1,4 +1,4 @@
-const _version = "2.15.10"
+const _version = "2.15.11"
 function version() {
     return _version
 }

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "igv",
-  "version": "2.15.10",
+  "version": "2.15.11",
   "main": "dist/igv.esm.js",
   "browser": "dist/igv.js",
   "module": "dist/igv.esm.js",
@@ -15,7 +15,7 @@
     "build": "node scripts/updateVersion.cjs && node scripts/generateEmbedCss.cjs && npx rollup --config",
     "build_iife": "node scripts/updateVersion.cjs && node scripts/generateEmbedCss.cjs && npx rollup --config rollup.config.iife.js",
     "updateCSS": "node scripts/generateEmbedCss.cjs",
-    "test": "mocha -ui tdd"
+    "test": "node test/utils/forceESM.cjs && mocha -ui tdd"
   },
   "author": {
     "name": "Jim Robinson"
@@ -43,6 +43,7 @@
   },
   "browserslist": "> 1%, not dead",
   "devDependencies": {
+    "html2canvas": "^1.4.1",
     "@rollup/plugin-strip": "^3.0.1",
     "@rollup/plugin-terser": "^0.4.0",
     "@xmldom/xmldom": "^0.7.9",
@@ -52,7 +53,7 @@
     "circular-view": "github:igvteam/circular-view#v0.2.4",
     "eslint": "^6.4.0",
     "hdf5-indexed-reader": "github:jrobinso/hdf5-indexed-reader#v0.5.2",
-    "igv-ui": "github:igvteam/igv-ui#v1.5.0",
+    "igv-ui": "github:igvteam/igv-ui#v1.5.2",
     "igv-utils": "github:igvteam/igv-utils#v1.4.8",
     "mocha": "^10.2.0",
     "rollup": "^2.66.0",