Microsoft/vscode
1
0
Fork 0
mirror of https://github.com/microsoft/vscode.git synced 2026-05-02 06:21:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add More Info link to markdown preview security settings dropdown

Browse Source
This commit is contained in:
Matt Bierner
2017-08-08 14:07:45 -07:00
parent c10abf3a54
commit 3d794e3283
1 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
extensions/markdown/src/security.ts
View File

@@ -73,11 +73,6 @@ export class ExtensionContentSecurityPolicyArbiter implements ContentSecurityPol
}
}
interface PreviewSecurityPickItem extends vscode.QuickPickItem {
level: MarkdownPreviewSecurityLevel;
}
export class PreviewSecuritySelector {
public constructor(
@@ -86,6 +81,10 @@ export class PreviewSecuritySelector {
) { }
public async showSecutitySelectorForResource(resource: vscode.Uri): Promise<void> {
interface PreviewSecurityPickItem extends vscode.QuickPickItem {
type: 'moreinfo' | MarkdownPreviewSecurityLevel;
}
function markActiveWhen(when: boolean): string {
return when ? '• ' : '';
}
@@ -94,18 +93,22 @@ export class PreviewSecuritySelector {
const selection = await vscode.window.showQuickPick<PreviewSecurityPickItem>(
[
{
level: MarkdownPreviewSecurityLevel.Strict,
type: MarkdownPreviewSecurityLevel.Strict,
label: markActiveWhen(currentSecurityLevel === MarkdownPreviewSecurityLevel.Strict) + localize('strict.title', 'Strict'),
description: localize('strict.description', 'Only load secure content'),
}, {
level: MarkdownPreviewSecurityLevel.AllowInsecureContent,
type: MarkdownPreviewSecurityLevel.AllowInsecureContent,
label: markActiveWhen(currentSecurityLevel === MarkdownPreviewSecurityLevel.AllowInsecureContent) + localize('insecureContent.title', 'Allow insecure content'),
description: localize('insecureContent.description', 'Enable loading content over http'),
}, {
level: MarkdownPreviewSecurityLevel.AllowScriptsAndAllContent,
type: MarkdownPreviewSecurityLevel.AllowScriptsAndAllContent,
label: markActiveWhen(currentSecurityLevel === MarkdownPreviewSecurityLevel.AllowScriptsAndAllContent) + localize('disable.title', 'Disable'),
description: localize('disable.description', 'Allow all content and script execution. Not recommended'),
},
}, {
type: 'moreinfo',
label: localize('moreInfo.title', 'More Information'),
description: ''
}
], {
placeHolder: localize(
'preview.showPreviewSecuritySelector.title',
@@ -116,7 +119,12 @@ export class PreviewSecuritySelector {
return;
}
await this.cspArbiter.setSecurityLevelForResource(resource, selection.level);
if (selection.type === 'moreinfo') {
vscode.commands.executeCommand('vscode.open', vscode.Uri.parse('https://go.microsoft.com/fwlink/?linkid=854414'));
return;
}
await this.cspArbiter.setSecurityLevelForResource(resource, selection.type);
const sourceUri = getMarkdownUri(resource);