fixed security issue

iondrimba · Jan 24, 2018 · 4b773c1 · 4b773c1
1 parent e951a42
commit 4b773c1
Show file tree

Hide file tree

Showing 11 changed files with 4,456 additions and 109 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,7 +1,7 @@
 sudo: required
 language: node_js
 node_js:
-- '4.2.2'
+- '6'
 before_script:
   - npm install -g grunt grunt-cli
 script: npm test

diff --git a/ajaxme.js b/ajaxme.js
@@ -1,43 +1,45 @@
-(function(root, factory) {
+/*global define*/
+
+(function (root, factory) {
     if (typeof exports === 'object') {
         // CommonJS
         module.exports = factory();
     } else if (typeof define === 'function' && define.amd) {
         // AMD
-        define([], function() {
+        define([], function () {
             return (root.AjaxMe = factory());
         });
     } else {
         // Global Variables
         root.AjaxMe = factory();
     }
-}(this, function() {
+}(this, function () {
     'use strict';
 
     function addCallBacks(request, options) {
-        request.onload = function(evt) {
+        request.onload = function (evt) {
             if (request.status === 200) {
                 options.success(request);
             } else {
                 request.onerror(evt);
             }
         };
-        request.onerror = function(evt) {
+        request.onerror = function (evt) {
             if (options.error) {
                 options.error(evt);
             }
         };
-        request.onabort = function(evt) {
+        request.onabort = function (evt) {
             if (options.abort) {
                 options.abort(evt);
             }
         };
-        request.onloadstart = function(evt) {
+        request.onloadstart = function (evt) {
             if (options.loadstart) {
                 options.loadstart(evt);
             }
         };
-        request.onprogress = function(evt) {
+        request.onprogress = function (evt) {
             var percentComplete = 0;
             if (options.progress) {
                 if (evt.lengthComputable) {
@@ -47,19 +49,19 @@
                 options.progress(evt);
             }
         };
-    };
+    }
 
     function setupRequest(request, options) {
         request.open('POST', options.url, true);
         request.setRequestHeader('Content-Type', options.contentType + '; charset=UTF-8');
         request.send(options.data);
-    };
+    }
 
     function AjaxMe() {
 
-    };
+    }
 
-    AjaxMe.prototype.post = function(options) {
+    AjaxMe.prototype.post = function (options) {
         var request = new XMLHttpRequest(),
             contentType = 'application/x-www-form-urlencoded';
 
@@ -76,7 +78,7 @@
         return request;
     };
 
-    AjaxMe.prototype.get = function(options) {
+    AjaxMe.prototype.get = function (options) {
         var request = new XMLHttpRequest();
 
         request.open('GET', options.url, true);

diff --git a/appveyor.yml b/appveyor.yml
@@ -2,11 +2,11 @@ init:
   - git config --global core.autocrlf true
 environment:
   matrix:
-    - nodejs_version: "4.2.2"
+    - nodejs_version: "6"
 install:
   - ps: Install-Product node $env:nodejs_version
   - npm install -g npm
-  - npm install -g grunt 
+  - npm install -g grunt
   - npm install -g grunt-cli
   - npm install
 test_script:
@@ -15,4 +15,4 @@ build: off
 matrix:
   fast_finish: true
 cache:
-  - node_modules -> package.json
+  - node_modules -> package.json
diff --git a/bin/coverage/coverage.json b/bin/coverage/coverage.json
@@ -1 +1 @@
-{"ajaxme.js":{"path":"ajaxme.js","s":{"1":1,"2":1,"3":0,"4":1,"5":0,"6":0,"7":1,"8":1,"9":6,"10":5,"11":4,"12":1,"13":6,"14":1,"15":1,"16":6,"17":1,"18":1,"19":6,"20":6,"21":1,"22":6,"23":6,"24":6,"25":1,"26":1,"27":1,"28":1,"29":1,"30":5,"31":5,"32":5,"33":1,"34":1,"35":5,"36":5,"37":1,"38":5,"39":5,"40":5,"41":5,"42":1,"43":1,"44":1,"45":1,"46":1,"47":1,"48":1},"b":{"1":[0,1],"2":[0,1],"3":[1,0],"4":[4,1],"5":[1,0],"6":[1,0],"7":[1,5],"8":[1,5],"9":[1,0],"10":[1,4]},"f":{"1":1,"2":0,"3":1,"4":6,"5":5,"6":1,"7":1,"8":6,"9":6,"10":5,"11":1,"12":5,"13":1},"fnMap":{"1":{"name":"(anonymous_1)","line":1,"loc":{"start":{"line":1,"column":1},"end":{"line":1,"column":25}}},"2":{"name":"(anonymous_2)","line":7,"loc":{"start":{"line":7,"column":19},"end":{"line":7,"column":30}}},"3":{"name":"(anonymous_3)","line":14,"loc":{"start":{"line":14,"column":8},"end":{"line":14,"column":19}}},"4":{"name":"addCallBacks","line":17,"loc":{"start":{"line":17,"column":4},"end":{"line":17,"column":44}}},"5":{"name":"(anonymous_5)","line":18,"loc":{"start":{"line":18,"column":25},"end":{"line":18,"column":39}}},"6":{"name":"(anonymous_6)","line":25,"loc":{"start":{"line":25,"column":26},"end":{"line":25,"column":40}}},"7":{"name":"(anonymous_7)","line":30,"loc":{"start":{"line":30,"column":26},"end":{"line":30,"column":40}}},"8":{"name":"(anonymous_8)","line":35,"loc":{"start":{"line":35,"column":30},"end":{"line":35,"column":44}}},"9":{"name":"(anonymous_9)","line":40,"loc":{"start":{"line":40,"column":29},"end":{"line":40,"column":43}}},"10":{"name":"setupRequest","line":52,"loc":{"start":{"line":52,"column":4},"end":{"line":52,"column":44}}},"11":{"name":"AjaxMe","line":58,"loc":{"start":{"line":58,"column":4},"end":{"line":58,"column":22}}},"12":{"name":"(anonymous_12)","line":62,"loc":{"start":{"line":62,"column":28},"end":{"line":62,"column":46}}},"13":{"name":"(anonymous_13)","line":79,"loc":{"start":{"line":79,"column":27},"end":{"line":79,"column":45}}}},"statementMap":{"1":{"start":{"line":1,"column":0},"end":{"line":92,"column":4}},"2":{"start":{"line":2,"column":4},"end":{"line":13,"column":5}},"3":{"start":{"line":4,"column":8},"end":{"line":4,"column":35}},"4":{"start":{"line":5,"column":11},"end":{"line":13,"column":5}},"5":{"start":{"line":7,"column":8},"end":{"line":9,"column":11}},"6":{"start":{"line":8,"column":12},"end":{"line":8,"column":45}},"7":{"start":{"line":12,"column":8},"end":{"line":12,"column":32}},"8":{"start":{"line":17,"column":4},"end":{"line":50,"column":5}},"9":{"start":{"line":18,"column":8},"end":{"line":24,"column":10}},"10":{"start":{"line":19,"column":12},"end":{"line":23,"column":13}},"11":{"start":{"line":20,"column":16},"end":{"line":20,"column":41}},"12":{"start":{"line":22,"column":16},"end":{"line":22,"column":37}},"13":{"start":{"line":25,"column":8},"end":{"line":29,"column":10}},"14":{"start":{"line":26,"column":12},"end":{"line":28,"column":13}},"15":{"start":{"line":27,"column":16},"end":{"line":27,"column":35}},"16":{"start":{"line":30,"column":8},"end":{"line":34,"column":10}},"17":{"start":{"line":31,"column":12},"end":{"line":33,"column":13}},"18":{"start":{"line":32,"column":16},"end":{"line":32,"column":35}},"19":{"start":{"line":35,"column":8},"end":{"line":39,"column":10}},"20":{"start":{"line":36,"column":12},"end":{"line":38,"column":13}},"21":{"start":{"line":37,"column":16},"end":{"line":37,"column":39}},"22":{"start":{"line":40,"column":8},"end":{"line":49,"column":10}},"23":{"start":{"line":41,"column":12},"end":{"line":41,"column":36}},"24":{"start":{"line":42,"column":12},"end":{"line":48,"column":13}},"25":{"start":{"line":43,"column":16},"end":{"line":45,"column":17}},"26":{"start":{"line":44,"column":20},"end":{"line":44,"column":61}},"27":{"start":{"line":46,"column":16},"end":{"line":46,"column":49}},"28":{"start":{"line":47,"column":16},"end":{"line":47,"column":38}},"29":{"start":{"line":52,"column":4},"end":{"line":56,"column":5}},"30":{"start":{"line":53,"column":8},"end":{"line":53,"column":48}},"31":{"start":{"line":54,"column":8},"end":{"line":54,"column":90}},"32":{"start":{"line":55,"column":8},"end":{"line":55,"column":35}},"33":{"start":{"line":58,"column":4},"end":{"line":60,"column":5}},"34":{"start":{"line":62,"column":4},"end":{"line":77,"column":6}},"35":{"start":{"line":63,"column":8},"end":{"line":64,"column":62}},"36":{"start":{"line":66,"column":8},"end":{"line":68,"column":9}},"37":{"start":{"line":67,"column":12},"end":{"line":67,"column":45}},"38":{"start":{"line":70,"column":8},"end":{"line":70,"column":45}},"39":{"start":{"line":72,"column":8},"end":{"line":72,"column":39}},"40":{"start":{"line":74,"column":8},"end":{"line":74,"column":39}},"41":{"start":{"line":76,"column":8},"end":{"line":76,"column":23}},"42":{"start":{"line":79,"column":4},"end":{"line":89,"column":6}},"43":{"start":{"line":80,"column":8},"end":{"line":80,"column":43}},"44":{"start":{"line":82,"column":8},"end":{"line":82,"column":47}},"45":{"start":{"line":84,"column":8},"end":{"line":84,"column":39}},"46":{"start":{"line":86,"column":8},"end":{"line":86,"column":23}},"47":{"start":{"line":88,"column":8},"end":{"line":88,"column":23}},"48":{"start":{"line":91,"column":4},"end":{"line":91,"column":24}}},"branchMap":{"1":{"line":2,"type":"if","locations":[{"start":{"line":2,"column":4},"end":{"line":2,"column":4}},{"start":{"line":2,"column":4},"end":{"line":2,"column":4}}]},"2":{"line":5,"type":"if","locations":[{"start":{"line":5,"column":11},"end":{"line":5,"column":11}},{"start":{"line":5,"column":11},"end":{"line":5,"column":11}}]},"3":{"line":5,"type":"binary-expr","locations":[{"start":{"line":5,"column":15},"end":{"line":5,"column":43}},{"start":{"line":5,"column":47},"end":{"line":5,"column":57}}]},"4":{"line":19,"type":"if","locations":[{"start":{"line":19,"column":12},"end":{"line":19,"column":12}},{"start":{"line":19,"column":12},"end":{"line":19,"column":12}}]},"5":{"line":26,"type":"if","locations":[{"start":{"line":26,"column":12},"end":{"line":26,"column":12}},{"start":{"line":26,"column":12},"end":{"line":26,"column":12}}]},"6":{"line":31,"type":"if","locations":[{"start":{"line":31,"column":12},"end":{"line":31,"column":12}},{"start":{"line":31,"column":12},"end":{"line":31,"column":12}}]},"7":{"line":36,"type":"if","locations":[{"start":{"line":36,"column":12},"end":{"line":36,"column":12}},{"start":{"line":36,"column":12},"end":{"line":36,"column":12}}]},"8":{"line":42,"type":"if","locations":[{"start":{"line":42,"column":12},"end":{"line":42,"column":12}},{"start":{"line":42,"column":12},"end":{"line":42,"column":12}}]},"9":{"line":43,"type":"if","locations":[{"start":{"line":43,"column":16},"end":{"line":43,"column":16}},{"start":{"line":43,"column":16},"end":{"line":43,"column":16}}]},"10":{"line":66,"type":"if","locations":[{"start":{"line":66,"column":8},"end":{"line":66,"column":8}},{"start":{"line":66,"column":8},"end":{"line":66,"column":8}}]}}}}
+{"ajaxme.js":{"path":"ajaxme.js","s":{"1":1,"2":1,"3":0,"4":1,"5":0,"6":0,"7":1,"8":1,"9":6,"10":5,"11":4,"12":1,"13":6,"14":1,"15":1,"16":6,"17":1,"18":1,"19":6,"20":6,"21":1,"22":6,"23":6,"24":6,"25":1,"26":1,"27":1,"28":1,"29":1,"30":5,"31":5,"32":5,"33":1,"34":1,"35":5,"36":5,"37":1,"38":5,"39":5,"40":5,"41":5,"42":1,"43":1,"44":1,"45":1,"46":1,"47":1,"48":1},"b":{"1":[0,1],"2":[0,1],"3":[1,0],"4":[4,1],"5":[1,0],"6":[1,0],"7":[1,5],"8":[1,5],"9":[1,0],"10":[1,4]},"f":{"1":1,"2":0,"3":1,"4":6,"5":5,"6":1,"7":1,"8":6,"9":6,"10":5,"11":1,"12":5,"13":1},"fnMap":{"1":{"name":"(anonymous_1)","line":3,"loc":{"start":{"line":3,"column":1},"end":{"line":3,"column":26}}},"2":{"name":"(anonymous_2)","line":9,"loc":{"start":{"line":9,"column":19},"end":{"line":9,"column":31}}},"3":{"name":"(anonymous_3)","line":16,"loc":{"start":{"line":16,"column":8},"end":{"line":16,"column":20}}},"4":{"name":"addCallBacks","line":19,"loc":{"start":{"line":19,"column":4},"end":{"line":19,"column":44}}},"5":{"name":"(anonymous_5)","line":20,"loc":{"start":{"line":20,"column":25},"end":{"line":20,"column":40}}},"6":{"name":"(anonymous_6)","line":27,"loc":{"start":{"line":27,"column":26},"end":{"line":27,"column":41}}},"7":{"name":"(anonymous_7)","line":32,"loc":{"start":{"line":32,"column":26},"end":{"line":32,"column":41}}},"8":{"name":"(anonymous_8)","line":37,"loc":{"start":{"line":37,"column":30},"end":{"line":37,"column":45}}},"9":{"name":"(anonymous_9)","line":42,"loc":{"start":{"line":42,"column":29},"end":{"line":42,"column":44}}},"10":{"name":"setupRequest","line":54,"loc":{"start":{"line":54,"column":4},"end":{"line":54,"column":44}}},"11":{"name":"AjaxMe","line":60,"loc":{"start":{"line":60,"column":4},"end":{"line":60,"column":22}}},"12":{"name":"(anonymous_12)","line":64,"loc":{"start":{"line":64,"column":28},"end":{"line":64,"column":47}}},"13":{"name":"(anonymous_13)","line":81,"loc":{"start":{"line":81,"column":27},"end":{"line":81,"column":46}}}},"statementMap":{"1":{"start":{"line":3,"column":0},"end":{"line":94,"column":4}},"2":{"start":{"line":4,"column":4},"end":{"line":15,"column":5}},"3":{"start":{"line":6,"column":8},"end":{"line":6,"column":35}},"4":{"start":{"line":7,"column":11},"end":{"line":15,"column":5}},"5":{"start":{"line":9,"column":8},"end":{"line":11,"column":11}},"6":{"start":{"line":10,"column":12},"end":{"line":10,"column":45}},"7":{"start":{"line":14,"column":8},"end":{"line":14,"column":32}},"8":{"start":{"line":19,"column":4},"end":{"line":52,"column":5}},"9":{"start":{"line":20,"column":8},"end":{"line":26,"column":10}},"10":{"start":{"line":21,"column":12},"end":{"line":25,"column":13}},"11":{"start":{"line":22,"column":16},"end":{"line":22,"column":41}},"12":{"start":{"line":24,"column":16},"end":{"line":24,"column":37}},"13":{"start":{"line":27,"column":8},"end":{"line":31,"column":10}},"14":{"start":{"line":28,"column":12},"end":{"line":30,"column":13}},"15":{"start":{"line":29,"column":16},"end":{"line":29,"column":35}},"16":{"start":{"line":32,"column":8},"end":{"line":36,"column":10}},"17":{"start":{"line":33,"column":12},"end":{"line":35,"column":13}},"18":{"start":{"line":34,"column":16},"end":{"line":34,"column":35}},"19":{"start":{"line":37,"column":8},"end":{"line":41,"column":10}},"20":{"start":{"line":38,"column":12},"end":{"line":40,"column":13}},"21":{"start":{"line":39,"column":16},"end":{"line":39,"column":39}},"22":{"start":{"line":42,"column":8},"end":{"line":51,"column":10}},"23":{"start":{"line":43,"column":12},"end":{"line":43,"column":36}},"24":{"start":{"line":44,"column":12},"end":{"line":50,"column":13}},"25":{"start":{"line":45,"column":16},"end":{"line":47,"column":17}},"26":{"start":{"line":46,"column":20},"end":{"line":46,"column":61}},"27":{"start":{"line":48,"column":16},"end":{"line":48,"column":49}},"28":{"start":{"line":49,"column":16},"end":{"line":49,"column":38}},"29":{"start":{"line":54,"column":4},"end":{"line":58,"column":5}},"30":{"start":{"line":55,"column":8},"end":{"line":55,"column":48}},"31":{"start":{"line":56,"column":8},"end":{"line":56,"column":90}},"32":{"start":{"line":57,"column":8},"end":{"line":57,"column":35}},"33":{"start":{"line":60,"column":4},"end":{"line":62,"column":5}},"34":{"start":{"line":64,"column":4},"end":{"line":79,"column":6}},"35":{"start":{"line":65,"column":8},"end":{"line":66,"column":62}},"36":{"start":{"line":68,"column":8},"end":{"line":70,"column":9}},"37":{"start":{"line":69,"column":12},"end":{"line":69,"column":45}},"38":{"start":{"line":72,"column":8},"end":{"line":72,"column":45}},"39":{"start":{"line":74,"column":8},"end":{"line":74,"column":39}},"40":{"start":{"line":76,"column":8},"end":{"line":76,"column":39}},"41":{"start":{"line":78,"column":8},"end":{"line":78,"column":23}},"42":{"start":{"line":81,"column":4},"end":{"line":91,"column":6}},"43":{"start":{"line":82,"column":8},"end":{"line":82,"column":43}},"44":{"start":{"line":84,"column":8},"end":{"line":84,"column":47}},"45":{"start":{"line":86,"column":8},"end":{"line":86,"column":39}},"46":{"start":{"line":88,"column":8},"end":{"line":88,"column":23}},"47":{"start":{"line":90,"column":8},"end":{"line":90,"column":23}},"48":{"start":{"line":93,"column":4},"end":{"line":93,"column":24}}},"branchMap":{"1":{"line":4,"type":"if","locations":[{"start":{"line":4,"column":4},"end":{"line":4,"column":4}},{"start":{"line":4,"column":4},"end":{"line":4,"column":4}}]},"2":{"line":7,"type":"if","locations":[{"start":{"line":7,"column":11},"end":{"line":7,"column":11}},{"start":{"line":7,"column":11},"end":{"line":7,"column":11}}]},"3":{"line":7,"type":"binary-expr","locations":[{"start":{"line":7,"column":15},"end":{"line":7,"column":43}},{"start":{"line":7,"column":47},"end":{"line":7,"column":57}}]},"4":{"line":21,"type":"if","locations":[{"start":{"line":21,"column":12},"end":{"line":21,"column":12}},{"start":{"line":21,"column":12},"end":{"line":21,"column":12}}]},"5":{"line":28,"type":"if","locations":[{"start":{"line":28,"column":12},"end":{"line":28,"column":12}},{"start":{"line":28,"column":12},"end":{"line":28,"column":12}}]},"6":{"line":33,"type":"if","locations":[{"start":{"line":33,"column":12},"end":{"line":33,"column":12}},{"start":{"line":33,"column":12},"end":{"line":33,"column":12}}]},"7":{"line":38,"type":"if","locations":[{"start":{"line":38,"column":12},"end":{"line":38,"column":12}},{"start":{"line":38,"column":12},"end":{"line":38,"column":12}}]},"8":{"line":44,"type":"if","locations":[{"start":{"line":44,"column":12},"end":{"line":44,"column":12}},{"start":{"line":44,"column":12},"end":{"line":44,"column":12}}]},"9":{"line":45,"type":"if","locations":[{"start":{"line":45,"column":16},"end":{"line":45,"column":16}},{"start":{"line":45,"column":16},"end":{"line":45,"column":16}}]},"10":{"line":68,"type":"if","locations":[{"start":{"line":68,"column":8},"end":{"line":68,"column":8}},{"start":{"line":68,"column":8},"end":{"line":68,"column":8}}]}}}}