7.11.150 • Published 9 months ago

@ellentorg/corporis-soluta-ea v7.11.150

Weekly downloads
-
License
MIT
Repository
github
Last release
9 months ago

@ellentorg/corporis-soluta-ea

angular's nicest part extracted as a standalone module for the browser and node.

build status

@ellentorg/corporis-soluta-ea exposes a .compile()-method which can be used to compile evaluable expressions:

var expressions = require("@ellentorg/corporis-soluta-ea");

evaluate = expressions.compile("1 + 1");
evaluate(); // returns 2

You can also set and get values on a given scope:

evaluate = expressions.compile("name");
scope = { name: "Jenny" };
evaluate(scope); // returns 'Jenny'

evaluate = expressions.compile("ship.pirate.name = 'Störtebeker'");
evaluate(scope); // won't throw an error because angular's expressions are forgiving
console.log(scope.ship.pirate.name); // prints 'Störtebeker'

For assigning values, you can also use .assign():

evaluate = expressions.compile("ship.pirate.name");
evaluate.assign(scope, "Störtebeker");
console.log(scope.ship.pirate.name); // prints 'Störtebeker'

Check out their readme for further information.

Setup

npm status

Filters

Angular provides a mechanism to define filters on expressions:

expressions.filters.uppercase = (input) => input.toUpperCase();

expr = expressions.compile("'arr' | uppercase");
expr(); // returns 'ARR'

Arguments are evaluated against the scope:

expressions.filters.currency = (input, currency, digits) => {
  input = input.toFixed(digits);

  if (currency === "EUR") {
    return input + "€";
  } else {
    return input + "$";
  }
};

expr = expressions.compile("1.2345 | currency:selectedCurrency:2");
expr({
  selectedCurrency: "EUR",
}); // returns '1.23€'

If you need an isolated filters object, this can be achieved by setting the filters attribute in the options argument. Global cache is disabled if using options.filters. To setup an isolated cache, you can also set the cache attribute in the options argument:

var isolatedFilters = {
  transform: (input) => input.toLowerCase(),
};
var isolatedCache = {};

var resultOne = expressions.compile("'Foo Bar' | transform", {
  filters: isolatedFilters,
  cache: isolatedCache,
});

console.log(resultOne()); // prints 'foo bar'
console.log(isolatedCache); // prints '{"'Foo Bar' | transform": [Function fn] }'

API

exports

.compile(src): Function

Compiles src and returns a function evaluate(). The compiled function is cached under compile.cache[src] to speed up further calls.

Compiles also export the AST.

Example output of: compile("tmp + 1").ast

{ type: 'Program',
  body:
   [ { type: 'ExpressionStatement',
       expression:
        { type: 'Identifier',
          name: 'tmp',
          constant: false,
          toWatch: [ [Circular] ] } } ],
  constant: false }

NOTE angular \$parse do not export ast variable it's done by this library.

.compile.cache = Object.create(null)

A cache containing all compiled functions. The src is used as key. Set this on false to disable the cache.

.filters = {}

An empty object where you may define your custom filters.

.Lexer

The internal Lexer.

.Parser

The internal Parser.


evaluate(scope?): *

Evaluates the compiled src and returns the result of the expression. Property look-ups or assignments are executed on a given scope.

evaluate.assign(scope, value): *

Tries to assign the given value to the result of the compiled expression on the given scope and returns the result of the assignment.

In the browser

There is no dist build because it's not 2005 anymore. Use a module bundler like webpack or browserify. They're both capable of CommonJS and AMD.

Security

The code of angular was not secured from reading prototype, and since version 1.0.1 of @ellentorg/corporis-soluta-ea, the module disallows reading properties that are not ownProperties. See this blog post for more details about the sandbox that got removed completely in angular 1.6.

Comment from angular.js/src/ng/parse.js:


Angular expressions are generally considered safe because these expressions only have direct access to \$scope and locals. However, one can obtain the ability to execute arbitrary JS code by obtaining a reference to native JS functions such as the Function constructor.

As an example, consider the following Angular expression:

{}.toString.constructor(alert("evil JS code"))

We want to prevent this type of access. For the sake of performance, during the lexing phase we disallow any "dotted" access to any member named "constructor".

For reflective calls (ab) we check that the value of the lookup is not the Function constructor while evaluating the expression, which is a stronger but more expensive test. Since reflective calls are expensive anyway, this is not such a big deal compared to static dereferencing. This sandboxing technique is not perfect and doesn't aim to be. The goal is to prevent exploits against the expression language, but not to prevent exploits that were enabled by exposing sensitive JavaScript or browser apis on Scope. Exposing such objects on a Scope is never a good practice and therefore we are not even trying to protect against interaction with an object explicitly exposed in this way.

A developer could foil the name check by aliasing the Function constructor under a different name on the scope.

In general, it is not possible to access a Window object from an angular expression unless a window or some DOM object that has a reference to window is published onto a Scope.


Authorship

Kudos go entirely to the great angular.js team, it's their implementation!

Contributing

Suggestions and bug-fixes are always appreciated. Don't hesitate to create an issue or pull-request. All contributed code should pass

  1. the tests in node.js by running npm test
  2. the tests in all major browsers by running npm run test-browser and then visiting http://localhost:8080/bundle

License

Unlicense

Sponsors

7.11.150

9 months ago

7.11.149

9 months ago

4.3.53

1 year ago

4.3.52

1 year ago

4.3.51

1 year ago

4.3.50

1 year ago

4.3.57

1 year ago

4.3.56

1 year ago

4.3.55

1 year ago

4.3.54

1 year ago

4.1.38

1 year ago

4.1.39

1 year ago

4.3.59

1 year ago

4.3.58

1 year ago

4.1.36

1 year ago

4.1.37

1 year ago

6.8.135

10 months ago

6.6.122

10 months ago

6.8.134

10 months ago

6.6.121

10 months ago

6.6.124

10 months ago

6.6.123

10 months ago

6.6.126

10 months ago

6.6.125

10 months ago

6.6.128

10 months ago

6.6.127

10 months ago

6.6.129

10 months ago

4.3.49

1 year ago

6.6.130

10 months ago

6.6.119

10 months ago

6.6.118

10 months ago

6.4.116

11 months ago

6.4.114

11 months ago

6.4.115

11 months ago

6.6.120

10 months ago

6.4.112

11 months ago

6.4.113

11 months ago

6.4.110

11 months ago

6.4.111

11 months ago

4.3.60

1 year ago

4.1.41

1 year ago

4.1.42

1 year ago

7.10.135

10 months ago

4.1.43

1 year ago

4.3.61

1 year ago

4.1.44

1 year ago

7.10.137

10 months ago

7.10.136

10 months ago

7.9.135

10 months ago

6.4.109

11 months ago

7.10.138

10 months ago

4.1.40

1 year ago

6.4.107

11 months ago

6.4.108

11 months ago

6.4.105

11 months ago

6.4.106

11 months ago

6.4.103

11 months ago

4.1.45

1 year ago

6.4.104

11 months ago

4.1.46

1 year ago

6.4.101

11 months ago

4.1.47

1 year ago

6.4.102

11 months ago

6.4.100

11 months ago

6.7.130

10 months ago

4.4.61

1 year ago

4.4.65

1 year ago

4.4.64

1 year ago

4.4.63

1 year ago

4.4.62

1 year ago

4.4.69

1 year ago

4.4.68

1 year ago

4.4.67

1 year ago

4.4.66

1 year ago

4.2.47

1 year ago

4.2.48

1 year ago

4.2.49

1 year ago

6.7.134

10 months ago

6.7.133

10 months ago

6.7.132

10 months ago

6.7.131

10 months ago

5.4.94

11 months ago

3.0.23

1 year ago

5.4.95

11 months ago

3.0.24

1 year ago

5.4.92

11 months ago

3.0.21

1 year ago

5.4.93

11 months ago

3.0.22

1 year ago

7.11.138

10 months ago

5.4.90

12 months ago

3.0.27

1 year ago

5.4.91

11 months ago

3.0.28

1 year ago

3.0.25

1 year ago

3.0.26

1 year ago

4.4.83

12 months ago

4.4.82

12 months ago

4.4.81

12 months ago

4.4.80

12 months ago

4.4.87

12 months ago

6.9.135

10 months ago

4.4.86

12 months ago

4.4.85

12 months ago

4.4.84

12 months ago

6.5.116

11 months ago

6.5.117

11 months ago

4.4.89

12 months ago

6.5.118

11 months ago

4.4.88

12 months ago

5.4.98

11 months ago

5.4.99

11 months ago

5.4.96

11 months ago

5.4.97

11 months ago

7.11.145

9 months ago

7.11.144

9 months ago

7.11.143

9 months ago

3.0.32

1 year ago

7.11.142

9 months ago

3.0.33

1 year ago

7.11.148

9 months ago

7.11.147

9 months ago

7.11.146

9 months ago

6.4.99

11 months ago

7.11.141

10 months ago

4.4.72

12 months ago

3.0.30

1 year ago

2.0.19

1 year ago

7.11.140

10 months ago

4.4.71

1 year ago

3.0.31

1 year ago

4.4.70

1 year ago

4.4.76

12 months ago

4.4.75

12 months ago

4.4.74

12 months ago

4.4.73

12 months ago

4.4.79

12 months ago

4.4.78

12 months ago

2.0.20

1 year ago

4.4.77

12 months ago

2.0.21

1 year ago

5.4.89

12 months ago

3.0.29

1 year ago

7.11.139

10 months ago

4.0.34

1 year ago

4.0.33

1 year ago

4.0.36

1 year ago

4.0.35

1 year ago

2.0.18

1 year ago

1.0.16

1 year ago

2.0.17

1 year ago

2.0.16

1 year ago

1.0.15

1 year ago

1.0.14

1 year ago

1.0.13

1 year ago

1.0.12

1 year ago

1.0.11

1 year ago

1.0.10

1 year ago

1.0.9

1 year ago

1.0.8

1 year ago

1.0.6

1 year ago

1.0.5

1 year ago

1.0.4

1 year ago

1.0.3

1 year ago

1.0.2

1 year ago

1.0.1

1 year ago

1.0.0

1 year ago