Load js-url lib using legacy-loader

Doesn't use eval, plus no window object access

Author: literalplus

package.json

@@ -56,6 +56,7 @@
     "js-yaml": "^3.7.0",
     "jsdom-nogyp": "^0.8.3",
     "keymaster": "^1.6.2",
+    "legacy-loader": "0.0.2",
     "list.js": "^1.5.0",
     "lodash": "^4.17.4",
     "lz-string": "1.4.4",

public/js/history.js

@@ -12,14 +12,16 @@ import {
     urlpath
 } from './lib/config'
 
+var jsUrl = require('js-url')
+
 window.migrateHistoryFromTempCallback = null
 
 migrateHistoryFromTemp()
 
 function migrateHistoryFromTemp () {
-  if (window.url('#tempid')) {
+  if (jsUrl('#tempid')) {
     $.get(`${serverurl}/temp`, {
-      tempid: window.url('#tempid')
+      tempid: jsUrl('#tempid')
     })
     .done(data => {
       if (data && data.temp) {

public/js/index.js

@@ -3,6 +3,7 @@
    modeType, Idle, serverurl, key, gapi, Dropbox, FilePicker
    ot, MediaUploader, hex2rgb, num_loaded, Visibility */
 
+
 require('../vendor/showup/showup')
 
 require('../css/index.css')
@@ -21,6 +22,8 @@ import _ from 'lodash'
 
 import List from 'list.js'
 
+var jsUrl = require('js-url')
+
 import {
     checkLoginStateChanged,
     setloginStateChangeEvent
@@ -1474,12 +1477,12 @@ $('#gistImportModalConfirm').click(function () {
   if (!isValidURL(gisturl)) {
     showMessageModal('<i class="fa fa-github"></i> Import from Gist', 'Not a valid URL :(', '', '', false)
   } else {
-    var hostname = window.url('hostname', gisturl)
+    var hostname = jsUrl('hostname', gisturl)
     if (hostname !== 'gist.github.com') {
       showMessageModal('<i class="fa fa-github"></i> Import from Gist', 'Not a valid Gist URL :(', '', '', false)
     } else {
       ui.spinner.show()
-      $.get('https://api.github.com/gists/' + window.url('-1', gisturl))
+      $.get('https://api.github.com/gists/' + jsUrl('-1', gisturl))
                 .done(function (data) {
                   if (data.files) {
                     var contents = ''

webpackBaseConfig.js

@@ -190,7 +190,7 @@ module.exports = {
     index: [
       'babel-polyfill',
       'script!jquery-ui-resizable',
-      'script!js-url',
+      'js-url',
       'expose?filterXSS!xss',
       'script!Idle.Js',
       'expose?LZString!lz-string',
@@ -241,7 +241,7 @@ module.exports = {
       'expose?jsyaml!js-yaml',
       'script!mermaid',
       'expose?moment!moment',
-      'script!js-url',
+      'js-url',
       'script!handlebars',
       'expose?hljs!highlight.js',
       'expose?emojify!emojify.js',
@@ -374,7 +374,8 @@ module.exports = {
       'bootstrap-tooltip': path.join(__dirname, 'public/vendor/bootstrap/tooltip.min.js'),
       'headjs': path.join(__dirname, 'node_modules/reveal.js/lib/js/head.min.js'),
       'reveal-markdown': path.join(__dirname, 'public/js/reveal-markdown.js'),
-      abcjs: path.join(__dirname, 'public/vendor/abcjs_basic_3.1.1-min.js')
+      abcjs: path.join(__dirname, 'public/vendor/abcjs_basic_3.1.1-min.js'),
+      'js-url': path.join(__dirname, 'node_modules/js-url/url.js')
     }
   },
 
@@ -429,6 +430,9 @@ module.exports = {
     }, {
       test: /\.gif(\?v=\d+\.\d+\.\d+)?$/,
       loader: 'url?limit=10000&mimetype=image/gif'
+    }, {
+      test: /\/node_modules\/js-url\/url.js/,
+      loader: 'legacy'
     }]
   },
   node: {