From f132436af3c90cff8dcef852bd836546311036f3 Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 7 May 2020 21:48:26 +0000 Subject: composer updates 2 --- .../jquery-file-upload/.github/workflows/test.yml | 10 +- vendor/blueimp/jquery-file-upload/README.md | 2 +- vendor/blueimp/jquery-file-upload/SECURITY.md | 2 +- .../blueimp/jquery-file-upload/VULNERABILITIES.md | 6 +- .../jquery-file-upload/cors/postmessage.html | 10 +- vendor/blueimp/jquery-file-upload/index.html | 78 +- .../js/cors/jquery.postmessage-transport.js | 22 +- .../js/cors/jquery.xdr-transport.js | 16 +- vendor/blueimp/jquery-file-upload/js/demo.js | 10 +- .../js/jquery.fileupload-audio.js | 8 +- .../js/jquery.fileupload-image.js | 80 +- .../js/jquery.fileupload-process.js | 48 +- .../jquery-file-upload/js/jquery.fileupload-ui.js | 202 +- .../js/jquery.fileupload-validate.js | 6 +- .../js/jquery.fileupload-video.js | 8 +- .../jquery-file-upload/js/jquery.fileupload.js | 294 +- .../js/jquery.iframe-transport.js | 66 +- .../js/vendor/jquery.ui.widget.js | 742 ++--- .../blueimp/jquery-file-upload/package-lock.json | 3179 +++++++------------- vendor/blueimp/jquery-file-upload/package.json | 23 +- .../server/php/UploadHandler.php | 141 +- vendor/blueimp/jquery-file-upload/test/unit.js | 297 +- .../jquery-file-upload/test/vendor/mocha.css | 1 - .../jquery-file-upload/test/vendor/mocha.js | 862 +++--- .../blueimp/jquery-file-upload/wdio/.prettierrc.js | 4 +- .../jquery-file-upload/wdio/assets/black-80x60.gif | Bin 108 -> 0 bytes .../jquery-file-upload/wdio/assets/white-1x2.jpg | Bin 713 -> 0 bytes .../jquery-file-upload/wdio/bin/safaridriver.sh | 9 +- vendor/blueimp/jquery-file-upload/wdio/chrome.js | 40 - vendor/blueimp/jquery-file-upload/wdio/firefox.js | 25 - .../blueimp/jquery-file-upload/wdio/hooks/index.js | 9 +- vendor/blueimp/jquery-file-upload/wdio/ie.js | 24 - vendor/blueimp/jquery-file-upload/wdio/safari.js | 24 - .../wdio/test/pages/file-upload.js | 15 +- .../wdio/test/specs/01-file-upload.js | 4 +- .../blueimp/jquery-file-upload/wdio/wdio.conf.js | 5 +- 36 files changed, 2712 insertions(+), 3560 deletions(-) delete mode 100644 vendor/blueimp/jquery-file-upload/wdio/assets/black-80x60.gif delete mode 100644 vendor/blueimp/jquery-file-upload/wdio/assets/white-1x2.jpg delete mode 100644 vendor/blueimp/jquery-file-upload/wdio/chrome.js delete mode 100644 vendor/blueimp/jquery-file-upload/wdio/firefox.js delete mode 100644 vendor/blueimp/jquery-file-upload/wdio/ie.js delete mode 100644 vendor/blueimp/jquery-file-upload/wdio/safari.js (limited to 'vendor/blueimp') diff --git a/vendor/blueimp/jquery-file-upload/.github/workflows/test.yml b/vendor/blueimp/jquery-file-upload/.github/workflows/test.yml index 048a2593e..945286b6e 100644 --- a/vendor/blueimp/jquery-file-upload/.github/workflows/test.yml +++ b/vendor/blueimp/jquery-file-upload/.github/workflows/test.yml @@ -6,7 +6,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v2 - name: Setup Node.js uses: actions/setup-node@v1 with: @@ -23,7 +23,7 @@ jobs: mocha: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v2 - name: chmod run: chmod -R 777 server/php/files - name: docker-compose build @@ -40,7 +40,7 @@ jobs: wdio-chrome: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v2 - name: chmod run: chmod -R 777 server/php/files wdio/reports - name: docker-compose build @@ -63,13 +63,13 @@ jobs: wdio-firefox: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v2 - name: chmod run: chmod -R 777 server/php/files wdio/reports - name: docker-compose build run: docker-compose build example - name: wdio firefox - run: docker-compose run --rm wdio firefox.js + run: docker-compose run --rm wdio conf/firefox.js - name: docker-compose logs if: always() run: docker-compose logs example diff --git a/vendor/blueimp/jquery-file-upload/README.md b/vendor/blueimp/jquery-file-upload/README.md index f3ca43f3c..5a13ef425 100644 --- a/vendor/blueimp/jquery-file-upload/README.md +++ b/vendor/blueimp/jquery-file-upload/README.md @@ -120,7 +120,7 @@ For further information, please refer to the following guides: ### Mandatory requirements -- [jQuery](https://jquery.com/) v1.6+ +- [jQuery](https://jquery.com/) v1.7+ - [jQuery UI widget factory](https://api.jqueryui.com/jQuery.widget/) v1.9+ (included): Required for the basic File Upload plugin, but very lightweight without any other dependencies from the jQuery UI suite. diff --git a/vendor/blueimp/jquery-file-upload/SECURITY.md b/vendor/blueimp/jquery-file-upload/SECURITY.md index 768f2b95e..1778d0205 100644 --- a/vendor/blueimp/jquery-file-upload/SECURITY.md +++ b/vendor/blueimp/jquery-file-upload/SECURITY.md @@ -18,7 +18,7 @@ For an in-depth understanding of the potential security risks of providing file uploads and possible mitigations, please refer to the -[OWASP - Unrestricted File Upload](https://www.owasp.org/index.php/Unrestricted_File_Upload) +[OWASP - Unrestricted File Upload](https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload) documentation. To securely setup the project to serve uploaded files, please refer to the diff --git a/vendor/blueimp/jquery-file-upload/VULNERABILITIES.md b/vendor/blueimp/jquery-file-upload/VULNERABILITIES.md index 5dfd5f315..14f70b81d 100644 --- a/vendor/blueimp/jquery-file-upload/VULNERABILITIES.md +++ b/vendor/blueimp/jquery-file-upload/VULNERABILITIES.md @@ -84,7 +84,7 @@ is disabled by default since Apache `v2.3.9` via [ad4aefd](https://github.com/blueimp/jQuery-File-Upload/commit/ad4aefd96e4056deab6fea2690f0d8cf56bb2d7d) - [Full disclosure post on Hacker News](https://news.ycombinator.com/item?id=18267309). - [CVE-2018-9206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9206) -- [OWASP - Unrestricted File Upload](https://www.owasp.org/index.php/Unrestricted_File_Upload) +- [OWASP - Unrestricted File Upload](https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload) ## Open redirect vulnerability in the GAE components @@ -99,7 +99,7 @@ domain for phishing attacks. - Commit containing the security fix: [f74d2a8](https://github.com/blueimp/jQuery-File-Upload/commit/f74d2a8c3e3b1e8e336678d2899facd5bcdb589f) -- [OWASP - Unvalidated Redirects and Forwards Cheat Sheet](https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet) +- [OWASP - Unvalidated Redirects and Forwards Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) ## Cross-site scripting vulnerability in the Iframe Transport @@ -115,4 +115,4 @@ context of the Webserver. - Commit containing the security fix: [4175032](https://github.com/blueimp/jQuery-File-Upload/commit/41750323a464e848856dc4c5c940663498beb74a) -- [OWASP - Cross-site Scripting (XSS)]() +- [OWASP - Cross-site Scripting (XSS)](https://owasp.org/www-community/attacks/xss/) diff --git a/vendor/blueimp/jquery-file-upload/cors/postmessage.html b/vendor/blueimp/jquery-file-upload/cors/postmessage.html index 5c90743af..536e8b3c6 100644 --- a/vendor/blueimp/jquery-file-upload/cors/postmessage.html +++ b/vendor/blueimp/jquery-file-upload/cors/postmessage.html @@ -26,7 +26,7 @@ 'use strict'; var origin = /^https:\/\/example.org/, target = new RegExp('^(http(s)?:)?\\/\\/' + location.host + '\\/'); - $(window).on('message', function(e) { + $(window).on('message', function (e) { e = e.originalEvent; var s = e.data, xhr = $.ajaxSettings.xhr(), @@ -39,7 +39,7 @@ 'Target "' + e.data.url + '" does not match ' + target ); } - $(xhr.upload).on('progress', function(ev) { + $(xhr.upload).on('progress', function (ev) { ev = ev.originalEvent; e.source.postMessage( { @@ -53,17 +53,17 @@ e.origin ); }); - s.xhr = function() { + s.xhr = function () { return xhr; }; if (!(s.data instanceof Blob)) { f = new FormData(); - $.each(s.data, function(i, v) { + $.each(s.data, function (i, v) { f.append(v.name, v.value); }); s.data = f; } - $.ajax(s).always(function(result, statusText, jqXHR) { + $.ajax(s).always(function (result, statusText, jqXHR) { if (!jqXHR.done) { jqXHR = result; result = null; diff --git a/vendor/blueimp/jquery-file-upload/index.html b/vendor/blueimp/jquery-file-upload/index.html index aa908e745..62033e764 100644 --- a/vendor/blueimp/jquery-file-upload/index.html +++ b/vendor/blueimp/jquery-file-upload/index.html @@ -33,11 +33,12 @@ />