diff options
author | Morris Jobke <hey@morrisjobke.de> | 2018-09-28 13:47:17 +0300 |
---|---|---|
committer | Morris Jobke <hey@morrisjobke.de> | 2018-09-28 13:47:17 +0300 |
commit | 3d9759958558752d0c115774d2b0bc34fac7e31b (patch) | |
tree | efad9add89adc533c4aa584df43d08ad61869af5 | |
parent | 5e6e7bb9fce755f3ecd468bcea6e1f14d0dfb682 (diff) |
Remove dependency on eval() - fixes #190.5.4
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
-rw-r--r-- | README.md | 6 | ||||
-rw-r--r-- | bower.json | 2 | ||||
-rw-r--r-- | jquery.strengthify.js | 14 | ||||
-rw-r--r-- | jquery.strengthify.min.js | 2 | ||||
-rw-r--r-- | strengthify.css | 2 |
5 files changed, 15 insertions, 11 deletions
@@ -97,6 +97,12 @@ Versions -------- <dl> + <dt>0.5.4</dt> + <dd> + <ul> + <li>do not use `eval()` anymore (#19)</li> + </ul> + </dd> <dt>0.5.3</dt> <dd> <ul> @@ -1,6 +1,6 @@ { "name": "strengthify", - "version": "0.5.3", + "version": "0.5.4", "homepage": "https://github.com/MorrisJobke/strengthify", "authors": [ "Eve Ragins <eve.ragins@eve-corp.com", diff --git a/jquery.strengthify.js b/jquery.strengthify.js index c1d7765..6a78a7c 100644 --- a/jquery.strengthify.js +++ b/jquery.strengthify.js @@ -2,7 +2,7 @@ * Strengthify - show the weakness of a password (uses zxcvbn for this) * https://github.com/MorrisJobke/strengthify * - * Version: 0.5.3 + * Version: 0.5.4 * Author: Morris Jobke (github.com/MorrisJobke) - original * Eve Ragins @ Eve Corp (github.com/eve-corp) * @@ -207,13 +207,11 @@ $elem.parent().on('scroll', drawSelf); - $.ajax({ - cache: true, - url: options.zxcvbn - }).done(function(content) { - eval(content); - $elem.bind('keyup input change', drawSelf); - }); + var script = document.createElement("script"); + script.src = options.zxcvbn; + document.head.appendChild(script); + + $elem.bind('keyup input change', drawSelf); }; init.call(this); diff --git a/jquery.strengthify.min.js b/jquery.strengthify.min.js index 8cf2241..ede9739 100644 --- a/jquery.strengthify.min.js +++ b/jquery.strengthify.min.js @@ -1 +1 @@ -!function($){$.fn.strengthify=function(paramOptions){"use strict";var defaults={zxcvbn:"zxcvbn/zxcvbn.js",titles:["Weakest","Weak","So-so","Good","Perfect"],tilesOptions:{tooltip:!0,element:!1},drawTitles:!1,drawMessage:!1,drawBars:!0,$addAfter:null};return this.each(function(){var options=$.extend(defaults,paramOptions);function getWrapperFor(t){return $('div[data-strengthifyFor="'+t+'"]')}function drawStrengthify(){var t=$(this).val(),e=$(this).attr("id"),s=""===t?0:1,a=zxcvbn(t),r="",i="",o="",n=getWrapperFor(e),d=n.find(".strengthify-container"),l=n.find("[data-strengthifyMessage]");switch(n.children().css("opacity",s).css("-ms-filter",'"progid:DXImageTransform.Microsoft.Alpha(Opacity='+100*s+')"'),options.onResult&&options.onResult(a),a.score){case 0:case 1:r="password-bad",i="danger",o=a.feedback?a.feedback.suggestions.join("<br/>"):"";break;case 2:i="warning",o=a.feedback?a.feedback.suggestions.join("<br/>"):"",r="password-medium";break;case 3:r="password-good",i="info",o="Getting better.";break;case 4:r="password-good",i="success",o="Looks good."}l&&(l.removeAttr("class"),l.addClass("bg-"+i),""===t&&(o=""),l.html(o)),d&&(d.attr("class",r+" strengthify-container").css("width",25*(0===a.score?1:a.score)+"%"),""===t&&d.css("width",0)),options.drawTitles&&(options.tilesOptions.tooltip&&(n.attr("title",options.titles[a.score]).tooltip({placement:"bottom",trigger:"manual"}).tooltip("fixTitle").tooltip("show"),0===s&&n.tooltip("hide")),options.tilesOptions.element&&n.find(".strengthify-tiles").text(options.titles[a.score]))}function init(){var $elem=$(this),elemId=$elem.attr("id"),drawSelf=drawStrengthify.bind(this),$addAfter=options.$addAfter;$addAfter||($addAfter=$elem),$addAfter.after('<div class="strengthify-wrapper" data-strengthifyFor="'+$elem.attr("id")+'"></div>'),options.drawBars&&getWrapperFor(elemId).append('<div class="strengthify-bg" />').append('<div class="strengthify-container" />').append('<div class="strengthify-separator" style="left: 25%" />').append('<div class="strengthify-separator" style="left: 50%" />').append('<div class="strengthify-separator" style="left: 75%" />'),options.drawMessage&&getWrapperFor(elemId).append("<div data-strengthifyMessage></div>"),options.drawTitles&&options.tilesOptions&&getWrapperFor(elemId).append('<div class="strengthify-tiles"></div>'),$elem.parent().on("scroll",drawSelf),$.ajax({cache:!0,url:options.zxcvbn}).done(function(content){eval(content),$elem.bind("keyup input change",drawSelf)})}options.drawTitles||options.drawMessage||options.drawBars||console.warn("expect at least one of 'drawTitles', 'drawMessage', or 'drawBars' to be true"),init.call(this)})}}(jQuery);
\ No newline at end of file +(function($){$.fn.strengthify=function(paramOptions){"use strict";var defaults={zxcvbn:'zxcvbn/zxcvbn.js',titles:['Weakest','Weak','So-so','Good','Perfect'],tilesOptions:{tooltip:true,element:false},drawTitles:false,drawMessage:false,drawBars:true,$addAfter:null};return this.each(function(){var options=$.extend(defaults,paramOptions);if(!options.drawTitles&&!options.drawMessage&&!options.drawBars){console.warn("expect at least one of 'drawTitles', 'drawMessage', or 'drawBars' to be true")}function getWrapperFor(id){return $('div[data-strengthifyFor="'+id+'"]')};function drawStrengthify(){var password=$(this).val(),elemId=$(this).attr('id'),opacity=(password==='')?0:1,result=zxcvbn(password),css='',bsLevel='',message='',$wrapper=getWrapperFor(elemId),$container=$wrapper.find('.strengthify-container'),$message=$wrapper.find('[data-strengthifyMessage]');$wrapper.children().css('opacity',opacity).css('-ms-filter','"progid:DXImageTransform.Microsoft.Alpha(Opacity='+opacity*100+')"');if(options.onResult){options.onResult(result)}switch(result.score){case 0:case 1:css='password-bad';bsLevel='danger';message=result.feedback?result.feedback.suggestions.join('<br/>'):"";break;case 2:bsLevel='warning';message=result.feedback?result.feedback.suggestions.join('<br/>'):"";css='password-medium';break;case 3:css='password-good';bsLevel='info';message="Getting better.";break;case 4:css='password-good';bsLevel='success';message="Looks good.";break}if($message){$message.removeAttr('class');$message.addClass('bg-'+bsLevel);if(password===''){message=''}$message.html(message)}if($container){$container.attr('class',css+' strengthify-container').css('width',((result.score===0?1:result.score)*25)+'%');if(password===''){$container.css('width',0)}}if(options.drawTitles){if(options.tilesOptions.tooltip){$wrapper.attr('title',options.titles[result.score]).tooltip({placement:'bottom',trigger:'manual'}).tooltip('fixTitle').tooltip('show');if(opacity===0){$wrapper.tooltip('hide')}}if(options.tilesOptions.element){$wrapper.find(".strengthify-tiles").text(options.titles[result.score])}}};function init(){var $elem=$(this),elemId=$elem.attr('id');var drawSelf=drawStrengthify.bind(this);var $addAfter=options.$addAfter;if(!$addAfter){$addAfter=$elem}$addAfter.after('<div class="strengthify-wrapper" data-strengthifyFor="'+$elem.attr('id')+'"></div>');if(options.drawBars){getWrapperFor(elemId).append('<div class="strengthify-bg" />').append('<div class="strengthify-container" />').append('<div class="strengthify-separator" style="left: 25%" />').append('<div class="strengthify-separator" style="left: 50%" />').append('<div class="strengthify-separator" style="left: 75%" />')}if(options.drawMessage){getWrapperFor(elemId).append('<div data-strengthifyMessage></div>')}if(options.drawTitles&&options.tilesOptions){getWrapperFor(elemId).append('<div class="strengthify-tiles"></div>')}$elem.parent().on('scroll',drawSelf);var script=document.createElement("script");script.src=options.zxcvbn;document.head.appendChild(script);$elem.bind('keyup input change',drawSelf)};init.call(this);})}}(jQuery));
\ No newline at end of file diff --git a/strengthify.css b/strengthify.css index a3710e5..f94e9cc 100644 --- a/strengthify.css +++ b/strengthify.css @@ -1,7 +1,7 @@ /** * Strengthify - show the weakness of a password (uses zxcvbn for this) * https://github.com/MorrisJobke/strengthify - * Version: 0.5.3 + * Version: 0.5.4 * License: The MIT License (MIT) * Copyright (c) 2013-2016 Morris Jobke <morris.jobke@gmail.com> */ |