hterm: Add HTMLImageElement cast to avoid XSS compilation warnings.

It is a common practice to enable custom Closure compiler conformance
configs to forbid unsafe assignments to the src attribute of arbitrary
Element objects to prevent XSS bugs. Assignment to src of specific
Element subtypes such as HTMLImageElement is considered safe and
generally granted an exception. Closure compiler cannot however infer
the type of createElement('img') and considers it of type Element. This
annotation forces Closure compiler to consider the return type of
createElement('img') as HTMLImageElement even when it couldn't infer it
on its own.

More information about conformance checks:
https://github.com/google/closure-compiler/wiki/JS-Conformance-Framework

Change-Id: I607bd8cc643e7d08aa03deee22504b2872c4b357
Reviewed-on: https://chromium-review.googlesource.com/1199970
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Adrián Pérez-Orozco <adrianpo@google.com>
1 file changed
tree: ea23da8613bd98d7302f2973c586b455ac8c3ded
  1. .clang-format
  2. .eslintrc.js
  3. .gitignore
  4. .pylintrc
  5. HACK.md
  6. LICENSE
  7. README.md
  8. hterm/
  9. libdot/
  10. nassh/
  11. navbar.md
  12. package.json
  13. saltpig/
  14. ssh_client/
  15. wam/
  16. wash/
README.md

Hello

This repository contains the libdot JavaScript library and some web applications that make use of it.

The official copy of this repository is hosted at https://chromium.googlesource.com/apps/libapps.

There is also a mirror on github at https://github.com/libapps/libapps-mirror. A few subprojects are also extracted out into their own git repo and mirrored. Keep in mind that these mirrors may occasionally be behind the official repository.

All changes must go through the Gerrit code review server on https://chromium-review.googlesource.com. Github pull requests cannot be accepted. Please see the HACK.md document in this directory for the details.

Top level directories

  • libdot/ is a small set of JS libraries initially developed as part of hterm, now available as shared code.

  • hterm/ is a JS library that provides a terminal emulator. It is reasonably fast, reasonably correct, and reasonably portable across browsers.

  • nassh/ is the Secure Shell Chrome App (currently a “v1.5” app, soon to become a “v2” or platform app) that combines hterm with a NaCl build of OpenSSH to provide a PuTTY-like app for Chrome users.

  • ssh_client/ is the NaCl port of OpenSSH. It is used by nassh to create the Secure Shell App.

  • wash/ is a library for cross-origin virtual filesystems, similar to the Plan 9 filesystem. This directory also contains a simple bash-like shell environment for exploring these filesystems. The code in this directory is a work-in-progress.