add markdown-language-features to sqlops (#2338)

extensions/markdown-language-features/src/features/previewContentProvider.ts

@@ -0,0 +1,178 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import * as vscode from 'vscode';
+import * as path from 'path';
+import { MarkdownEngine } from '../markdownEngine';
+
+import * as nls from 'vscode-nls';
+const localize = nls.loadMessageBundle();
+
+import { Logger } from '../logger';
+import { ContentSecurityPolicyArbiter, MarkdownPreviewSecurityLevel } from '../security';
+import { MarkdownPreviewConfigurationManager, MarkdownPreviewConfiguration } from './previewConfig';
+import { MarkdownContributions } from '../markdownExtensions';
+
+/**
+ * Strings used inside the markdown preview.
+ *
+ * Stored here and then injected in the preview so that they
+ * can be localized using our normal localization process.
+ */
+const previewStrings = {
+	cspAlertMessageText: localize(
+		'preview.securityMessage.text',
+		'Some content has been disabled in this document'),
+
+	cspAlertMessageTitle: localize(
+		'preview.securityMessage.title',
+		'Potentially unsafe or insecure content has been disabled in the markdown preview. Change the Markdown preview security setting to allow insecure content or enable scripts'),
+
+	cspAlertMessageLabel: localize(
+		'preview.securityMessage.label',
+		'Content Disabled Security Warning')
+};
+
+export class MarkdownContentProvider {
+	constructor(
+		private readonly engine: MarkdownEngine,
+		private readonly context: vscode.ExtensionContext,
+		private readonly cspArbiter: ContentSecurityPolicyArbiter,
+		private readonly contributions: MarkdownContributions,
+		private readonly logger: Logger
+	) { }
+
+	public async provideTextDocumentContent(
+		markdownDocument: vscode.TextDocument,
+		previewConfigurations: MarkdownPreviewConfigurationManager,
+		initialLine: number | undefined = undefined
+	): Promise<string> {
+		const sourceUri = markdownDocument.uri;
+		const config = previewConfigurations.loadAndCacheConfiguration(sourceUri);
+		const initialData = {
+			source: sourceUri.toString(),
+			line: initialLine,
+			lineCount: markdownDocument.lineCount,
+			scrollPreviewWithEditor: config.scrollPreviewWithEditor,
+			scrollEditorWithPreview: config.scrollEditorWithPreview,
+			doubleClickToSwitchToEditor: config.doubleClickToSwitchToEditor,
+			disableSecurityWarnings: this.cspArbiter.shouldDisableSecurityWarnings()
+		};
+
+		this.logger.log('provideTextDocumentContent', initialData);
+
+		// Content Security Policy
+		const nonce = new Date().getTime() + '' + new Date().getMilliseconds();
+		const csp = this.getCspForResource(sourceUri, nonce);
+
+		const body = await this.engine.render(sourceUri, config.previewFrontMatter === 'hide', markdownDocument.getText());
+		return `<!DOCTYPE html>
+			<html>
+			<head>
+				<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
+				${csp}
+				<meta id="vscode-markdown-preview-data" data-settings="${JSON.stringify(initialData).replace(/"/g, '&quot;')}" data-strings="${JSON.stringify(previewStrings).replace(/"/g, '&quot;')}">
+				<script src="${this.extensionResourcePath('pre.js')}" nonce="${nonce}"></script>
+				${this.getStyles(sourceUri, nonce, config)}
+				<base href="${markdownDocument.uri.with({ scheme: 'vscode-resource' }).toString(true)}">
+			</head>
+			<body class="vscode-body ${config.scrollBeyondLastLine ? 'scrollBeyondLastLine' : ''} ${config.wordWrap ? 'wordWrap' : ''} ${config.markEditorSelection ? 'showEditorSelection' : ''}">
+				${body}
+				<div class="code-line" data-line="${markdownDocument.lineCount}"></div>
+				${this.getScripts(nonce)}
+			</body>
+			</html>`;
+	}
+
+	private extensionResourcePath(mediaFile: string): string {
+		return vscode.Uri.file(this.context.asAbsolutePath(path.join('media', mediaFile)))
+			.with({ scheme: 'vscode-resource' })
+			.toString();
+	}
+
+	private fixHref(resource: vscode.Uri, href: string): string {
+		if (!href) {
+			return href;
+		}
+
+		// Use href if it is already an URL
+		const hrefUri = vscode.Uri.parse(href);
+		if (['http', 'https'].indexOf(hrefUri.scheme) >= 0) {
+			return hrefUri.toString();
+		}
+
+		// Use href as file URI if it is absolute
+		if (path.isAbsolute(href) || hrefUri.scheme === 'file') {
+			return vscode.Uri.file(href)
+				.with({ scheme: 'vscode-resource' })
+				.toString();
+		}
+
+		// Use a workspace relative path if there is a workspace
+		let root = vscode.workspace.getWorkspaceFolder(resource);
+		if (root) {
+			return vscode.Uri.file(path.join(root.uri.fsPath, href))
+				.with({ scheme: 'vscode-resource' })
+				.toString();
+		}
+
+		// Otherwise look relative to the markdown file
+		return vscode.Uri.file(path.join(path.dirname(resource.fsPath), href))
+			.with({ scheme: 'vscode-resource' })
+			.toString();
+	}
+
+	private computeCustomStyleSheetIncludes(resource: vscode.Uri, config: MarkdownPreviewConfiguration): string {
+		if (Array.isArray(config.styles)) {
+			return config.styles.map(style => {
+				return `<link rel="stylesheet" class="code-user-style" data-source="${style.replace(/"/g, '&quot;')}" href="${this.fixHref(resource, style)}" type="text/css" media="screen">`;
+			}).join('\n');
+		}
+		return '';
+	}
+
+	private getSettingsOverrideStyles(nonce: string, config: MarkdownPreviewConfiguration): string {
+		return `<style nonce="${nonce}">
+			body {
+				${config.fontFamily ? `font-family: ${config.fontFamily};` : ''}
+				${isNaN(config.fontSize) ? '' : `font-size: ${config.fontSize}px;`}
+				${isNaN(config.lineHeight) ? '' : `line-height: ${config.lineHeight};`}
+			}
+		</style>`;
+	}
+
+	private getStyles(resource: vscode.Uri, nonce: string, config: MarkdownPreviewConfiguration): string {
+		const baseStyles = this.contributions.previewStyles
+			.map(resource => `<link rel="stylesheet" type="text/css" href="${resource.toString()}">`)
+			.join('\n');
+
+		return `${baseStyles}
+			${this.getSettingsOverrideStyles(nonce, config)}
+			${this.computeCustomStyleSheetIncludes(resource, config)}`;
+	}
+
+	private getScripts(nonce: string): string {
+		return this.contributions.previewScripts
+			.map(resource => `<script async src="${resource.toString()}" nonce="${nonce}" charset="UTF-8"></script>`)
+			.join('\n');
+	}
+
+	private getCspForResource(resource: vscode.Uri, nonce: string): string {
+		switch (this.cspArbiter.getSecurityLevelForResource(resource)) {
+			case MarkdownPreviewSecurityLevel.AllowInsecureContent:
+				return `<meta http-equiv="Content-Security-Policy" content="default-src 'none'; img-src vscode-resource: http: https: data:; media-src vscode-resource: http: https: data:; script-src 'nonce-${nonce}'; style-src vscode-resource: 'unsafe-inline' http: https: data:; font-src vscode-resource: http: https: data:;">`;
+
+			case MarkdownPreviewSecurityLevel.AllowInsecureLocalContent:
+				return `<meta http-equiv="Content-Security-Policy" content="default-src 'none'; img-src vscode-resource: https: data: http://localhost:* http://127.0.0.1:*; media-src vscode-resource: https: data: http://localhost:* http://127.0.0.1:*; script-src 'nonce-${nonce}'; style-src vscode-resource: 'unsafe-inline' https: data: http://localhost:* http://127.0.0.1:*; font-src vscode-resource: https: data: http://localhost:* http://127.0.0.1:*;">`;
+
+			case MarkdownPreviewSecurityLevel.AllowScriptsAndAllContent:
+				return '';
+
+			case MarkdownPreviewSecurityLevel.Strict:
+			default:
+				return `<meta http-equiv="Content-Security-Policy" content="default-src 'none'; img-src vscode-resource: https: data:; media-src vscode-resource: https: data:; script-src 'nonce-${nonce}'; style-src vscode-resource: 'unsafe-inline' https: data:; font-src vscode-resource: https: data:;">`;
+		}
+	}
+}