4 years ago · 06ce24527e
--- a/package-lock.json
+++ b/package-lock.json
@@ -2595,9 +2595,9 @@
 
				
				       "integrity": "sha512-QD1PhQk+s31P1ixsX0H0Suoupp3VMXzIVMSwobR3F3MSUO2YCV0B7xqLcUw/Bh8yuvd3LhpyqLQWTNcRmp6IdQ=="
			
 
				
				     },
			
 
				
				     "@hapi/bourne": {
			
 
				
				-      "version": "1.3.2",
			
 
				
				-      "resolved": "https://registry.npmjs.org/@hapi/bourne/-/bourne-1.3.2.tgz",
			
 
				
				-      "integrity": "sha512-1dVNHT76Uu5N3eJNTYcvxee+jzX4Z9lfciqRRHCU27ihbUcYi+iSc2iml5Ke1LXe1SyJCLA0+14Jh4tXJgOppA=="
			
 
				
				+      "version": "2.0.0",
			
 
				
				+      "resolved": "https://registry.npmjs.org/@hapi/bourne/-/bourne-2.0.0.tgz",
			
 
				
				+      "integrity": "sha512-WEezM1FWztfbzqIUbsDzFRVMxSoLy3HugVcux6KDDtTqzPsLE8NDRHfXvev66aH1i2oOKKar3/XDjbvh/OUBdg=="
			
 
				
				     },
			
 
				
				     "@hapi/hoek": {
			
 
				
				       "version": "8.5.1",
			
@@ -2613,6 +2613,13 @@
 
				
				         "@hapi/bourne": "1.x.x",
			
 
				
				         "@hapi/hoek": "8.x.x",
			
 
				
				         "@hapi/topo": "3.x.x"
			
 
				
				+      },
			
 
				
				+      "dependencies": {
			
 
				
				+        "@hapi/bourne": {
			
 
				
				+          "version": "1.3.2",
			
 
				
				+          "resolved": "https://registry.npmjs.org/@hapi/bourne/-/bourne-1.3.2.tgz",
			
 
				
				+          "integrity": "sha512-1dVNHT76Uu5N3eJNTYcvxee+jzX4Z9lfciqRRHCU27ihbUcYi+iSc2iml5Ke1LXe1SyJCLA0+14Jh4tXJgOppA=="
			
 
				
				+        }
			
 
				
				       }
			
 
				
				     },
			
 
				
				     "@hapi/topo": {
			
--- a/package.json
+++ b/package.json
@@ -32,6 +32,7 @@
 
				
				     "@atlaskit/theme": "11.0.2",
			
 
				
				     "@atlaskit/toggle": "12.0.3",
			
 
				
				     "@atlaskit/tooltip": "17.1.2",
			
 
				
				+    "@hapi/bourne": "2.0.0",
			
 
				
				     "@jitsi/js-utils": "1.0.6",
			
 
				
				     "@material-ui/core": "4.11.3",
			
 
				
				     "@microsoft/microsoft-graph-client": "1.1.0",
			
--- a/react/features/base/config/functions.any.js
+++ b/react/features/base/config/functions.any.js
@@ -1,5 +1,6 @@
 
				
				 // @flow
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { jitsiLocalStorage } from '@jitsi/js-utils';
			
 
				
				 import _ from 'lodash';
			
 
				
				 
			
@@ -141,7 +142,7 @@ export function restoreConfig(baseURL: string): ?Object {
 
				
				 
			
 
				
				     if (config) {
			
 
				
				         try {
			
 
				
				-            return JSON.parse(config) || undefined;
			
 
				
				+            return Bourne.parse(config) || undefined;
			
 
				
				         } catch (e) {
			
 
				
				             // Somehow incorrect data ended up in the storage. Clean it up.
			
 
				
				             jitsiLocalStorage.removeItem(key);
			
--- a/react/features/base/jitsi-local-storage/setup.web.js
+++ b/react/features/base/jitsi-local-storage/setup.web.js
@@ -1,5 +1,6 @@
 
				
				 // @flow
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { jitsiLocalStorage } from '@jitsi/js-utils/jitsi-local-storage';
			
 
				
				 
			
 
				
				 import { browser } from '../lib-jitsi-meet';
			
@@ -57,7 +58,7 @@ function setupJitsiLocalStorage() {
 
				
				 
			
 
				
				     if (shouldUseHostPageLocalStorage(urlParams)) {
			
 
				
				         try {
			
 
				
				-            const localStorageContent = JSON.parse(urlParams['appData.localStorageContent']);
			
 
				
				+            const localStorageContent = Bourne.parse(urlParams['appData.localStorageContent']);
			
 
				
				 
			
 
				
				             if (typeof localStorageContent === 'object') {
			
 
				
				                 Object.keys(localStorageContent).forEach(key => {
			
--- a/react/features/base/lib-jitsi-meet/functions.native.js
+++ b/react/features/base/lib-jitsi-meet/functions.native.js
@@ -1,5 +1,6 @@
 
				
				 // @flow
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { NativeModules } from 'react-native';
			
 
				
				 
			
 
				
				 import { loadScript } from '../util';
			
@@ -20,7 +21,7 @@ export async function loadConfig(url: string): Promise<Object> {
 
				
				     try {
			
 
				
				         const configTxt = await loadScript(url, 10 * 1000 /* Timeout in ms */, true /* skipeval */);
			
 
				
				         const configJson = await JavaScriptSandbox.evaluate(`${configTxt}\nJSON.stringify(config);`);
			
 
				
				-        const config = JSON.parse(configJson);
			
 
				
				+        const config = Bourne.parse(configJson);
			
 
				
				 
			
 
				
				         if (typeof config !== 'object') {
			
 
				
				             throw new Error('config is not an object');
			
--- a/react/features/base/redux/PersistenceRegistry.js
+++ b/react/features/base/redux/PersistenceRegistry.js
@@ -1,5 +1,6 @@
 
				
				 // @flow
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { jitsiLocalStorage } from '@jitsi/js-utils';
			
 
				
				 import md5 from 'js-md5';
			
 
				
				 
			
@@ -68,7 +69,7 @@ class PersistenceRegistry {
 
				
				 
			
 
				
				             if (persistedState) {
			
 
				
				                 try {
			
 
				
				-                    persistedState = JSON.parse(persistedState);
			
 
				
				+                    persistedState = Bourne.parse(persistedState);
			
 
				
				                 } catch (error) {
			
 
				
				                     logger.error(
			
 
				
				                         'Error parsing persisted state',
			
@@ -223,7 +224,7 @@ class PersistenceRegistry {
 
				
				 
			
 
				
				         if (persistedSubtree) {
			
 
				
				             try {
			
 
				
				-                persistedSubtree = JSON.parse(persistedSubtree);
			
 
				
				+                persistedSubtree = Bourne.parse(persistedSubtree);
			
 
				
				 
			
 
				
				                 const filteredSubtree
			
 
				
				                     = this._getFilteredSubtree(persistedSubtree, subtreeConfig);
			
--- a/react/features/base/util/parseURLParams.js
+++ b/react/features/base/util/parseURLParams.js
@@ -1,7 +1,15 @@
 
				
				 /* @flow */
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				+
			
 
				
				 import { reportError } from './helpers';
			
 
				
				 
			
 
				
				+/**
			
 
				
				+ * A list if keys to ignore when parsing.
			
 
				
				+ * @type {string[]}
			
 
				
				+ */
			
 
				
				+const blacklist = [ '__proto__', 'constructor', 'prototype' ];
			
 
				
				+
			
 
				
				 /**
			
 
				
				  * Parses the query/search or fragment/hash parameters out of a specific URL and
			
 
				
				  * returns them as a JS object.
			
@@ -34,7 +42,7 @@ export function parseURLParams(
 
				
				         const param = part.split('=');
			
 
				
				         const key = param[0];
			
 
				
				 
			
 
				
				-        if (!key) {
			
 
				
				+        if (!key || blacklist.includes(key.split('.')[0])) {
			
 
				
				             return;
			
 
				
				         }
			
 
				
				 
			
@@ -46,7 +54,7 @@ export function parseURLParams(
 
				
				             if (!dontParse) {
			
 
				
				                 const decoded = decodeURIComponent(value).replace(/\\&/, '&');
			
 
				
				 
			
 
				
				-                value = decoded === 'undefined' ? undefined : JSON.parse(decoded);
			
 
				
				+                value = decoded === 'undefined' ? undefined : Bourne.parse(decoded);
			
 
				
				             }
			
 
				
				         } catch (e) {
			
 
				
				             reportError(
			
--- a/react/features/local-recording/controller/RecordingController.js
+++ b/react/features/local-recording/controller/RecordingController.js
@@ -1,5 +1,7 @@
 
				
				 /* @flow */
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				+
			
 
				
				 import { i18next } from '../../base/i18n';
			
 
				
				 import logger from '../logger';
			
 
				
				 import {
			
@@ -427,7 +429,7 @@ class RecordingController {
 
				
				                     id: member.getId(),
			
 
				
				                     displayName: member.getDisplayName(),
			
 
				
				                     recordingStats:
			
 
				
				-                        JSON.parse(member.getProperty(PROPERTY_STATS) || '{}'),
			
 
				
				+                        Bourne.parse(member.getProperty(PROPERTY_STATS) || '{}'),
			
 
				
				                     isSelf: false
			
 
				
				                 };
			
 
				
				             });
			
--- a/react/features/local-recording/session/SessionManager.js
+++ b/react/features/local-recording/session/SessionManager.js
@@ -1,5 +1,6 @@
 
				
				 /* @flow */
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { jitsiLocalStorage } from '@jitsi/js-utils';
			
 
				
				 
			
 
				
				 import logger from '../logger';
			
@@ -163,7 +164,7 @@ class SessionManager {
 
				
				 
			
 
				
				         if (dataStr !== null) {
			
 
				
				             try {
			
 
				
				-                const dataObject = JSON.parse(dataStr);
			
 
				
				+                const dataObject = Bourne.parse(dataStr);
			
 
				
				 
			
 
				
				                 this._sessionsMetadata = dataObject;
			
 
				
				             } catch (e) {
			
--- a/react/features/recent-list/reducer.js
+++ b/react/features/recent-list/reducer.js
@@ -1,5 +1,6 @@
 
				
				 // @flow
			
 
				
				 
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { jitsiLocalStorage } from '@jitsi/js-utils';
			
 
				
				 
			
 
				
				 import { APP_WILL_MOUNT } from '../base/app';
			
@@ -125,7 +126,7 @@ function _getLegacyRecentRoomList(): Array<Object> {
 
				
				 
			
 
				
				     if (str) {
			
 
				
				         try {
			
 
				
				-            return JSON.parse(str);
			
 
				
				+            return Bourne.parse(str);
			
 
				
				         } catch (error) {
			
 
				
				             logger.warn('Failed to parse legacy recent-room list!');
			
 
				
				         }
			
--- a/react/features/virtual-background/components/VirtualBackgroundDialog.js
+++ b/react/features/virtual-background/components/VirtualBackgroundDialog.js
@@ -1,6 +1,7 @@
 
				
				 // @flow
			
 
				
				 /* eslint-disable react/jsx-no-bind, no-return-assign */
			
 
				
				 import Spinner from '@atlaskit/spinner';
			
 
				
				+import Bourne from '@hapi/bourne';
			
 
				
				 import { jitsiLocalStorage } from '@jitsi/js-utils/jitsi-local-storage';
			
 
				
				 import React, { useState, useEffect } from 'react';
			
 
				
				 import uuid from 'uuid';
			
@@ -90,7 +91,7 @@ type Props = {
 
				
				 function VirtualBackground({ _jitsiTrack, _selectedThumbnail, _virtualSource, dispatch, t }: Props) {
			
 
				
				     const [ options, setOptions ] = useState({});
			
 
				
				     const localImages = jitsiLocalStorage.getItem('virtualBackgrounds');
			
 
				
				-    const [ storedImages, setStoredImages ] = useState((localImages && JSON.parse(localImages)) || []);
			
 
				
				+    const [ storedImages, setStoredImages ] = useState((localImages && Bourne.parse(localImages)) || []);
			
 
				
				     const [ loading, isloading ] = useState(false);
			
 
				
				     const [ activeDesktopVideo ] = useState(_virtualSource?.videoType === VIDEO_TYPE.DESKTOP ? _virtualSource : null);