diff --git a/.eslintrc.json b/.eslintrc.json
index efd4b104..37c46986 100644
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -10,7 +10,7 @@
"rules": {
"no-console": "error",
"no-unused-vars": "warn",
- "no-prototype-builtins": "warn",
+ "no-prototype-builtins": "error",
"one-var": ["error", "never"],
"no-duplicate-imports": "error",
"no-use-before-define": "error",
diff --git a/lib/c14n-canonicalization.js b/lib/c14n-canonicalization.js
index 1a4d32d8..cf5ba632 100644
--- a/lib/c14n-canonicalization.js
+++ b/lib/c14n-canonicalization.js
@@ -38,10 +38,8 @@ class C14nCanonicalization {
}
renderAttrs(node, defaultNS) {
- let a;
let i;
let attr;
- const res = [];
const attrListToRender = [];
if (node.nodeType === 8) {
@@ -61,14 +59,9 @@ class C14nCanonicalization {
attrListToRender.sort(this.attrCompare);
- for (a in attrListToRender) {
- if (!attrListToRender.hasOwnProperty(a)) {
- continue;
- }
-
- attr = attrListToRender[a];
- res.push(" ", attr.name, '="', utils.encodeSpecialCharactersInAttribute(attr.value), '"');
- }
+ const res = attrListToRender.map((attr) => {
+ return ` ${attr.name}="${utils.encodeSpecialCharactersInAttribute(attr.value)}"`;
+ });
return res.join("");
}
@@ -86,16 +79,14 @@ class C14nCanonicalization {
* @api private
*/
renderNs(node, prefixesInScope, defaultNs, defaultNsForPrefix, ancestorNamespaces) {
- let a;
let i;
- let p;
let attr;
const res = [];
let newDefaultNs = defaultNs;
const nsListToRender = [];
const currNs = node.namespaceURI || "";
- //handle the namespaceof the node itself
+ //handle the namespace of the node itself
if (node.prefix) {
if (prefixesInScope.indexOf(node.prefix) === -1) {
nsListToRender.push({
@@ -138,22 +129,19 @@ class C14nCanonicalization {
if (Array.isArray(ancestorNamespaces) && ancestorNamespaces.length > 0) {
// Remove namespaces which are already present in nsListToRender
- for (const p1 in ancestorNamespaces) {
- if (!ancestorNamespaces.hasOwnProperty(p1)) {
- continue;
- }
+ for (const ancestorNamespace of ancestorNamespaces) {
let alreadyListed = false;
- for (const p2 in nsListToRender) {
+ for (const nsToRender of nsListToRender) {
if (
- nsListToRender[p2].prefix === ancestorNamespaces[p1].prefix &&
- nsListToRender[p2].namespaceURI === ancestorNamespaces[p1].namespaceURI
+ nsToRender.prefix === ancestorNamespace.prefix &&
+ nsToRender.namespaceURI === ancestorNamespace.namespaceURI
) {
alreadyListed = true;
}
}
if (!alreadyListed) {
- nsListToRender.push(ancestorNamespaces[p1]);
+ nsListToRender.push(ancestorNamespace);
}
}
}
@@ -161,14 +149,7 @@ class C14nCanonicalization {
nsListToRender.sort(this.nsCompare);
//render namespaces
- for (a in nsListToRender) {
- if (!nsListToRender.hasOwnProperty(a)) {
- continue;
- }
-
- p = nsListToRender[a];
- res.push(" xmlns:", p.prefix, '="', p.namespaceURI, '"');
- }
+ res.push(...nsListToRender.map((attr) => ` xmlns:${attr.prefix}="${attr.namespaceURI}"`));
return { rendered: res.join(""), newDefaultNs: newDefaultNs };
}
diff --git a/lib/enveloped-signature.js b/lib/enveloped-signature.js
index 109a2be8..10d7e519 100644
--- a/lib/enveloped-signature.js
+++ b/lib/enveloped-signature.js
@@ -25,11 +25,7 @@ class EnvelopedSignature {
".//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']",
node
);
- for (const h in signatures) {
- if (!signatures.hasOwnProperty(h)) {
- continue;
- }
- const nodeSignature = signatures[h];
+ for (const nodeSignature of signatures) {
const signatureValue = utils.findFirst(
nodeSignature,
".//*[local-name(.)='SignatureValue']/text()"
diff --git a/lib/exclusive-canonicalization.js b/lib/exclusive-canonicalization.js
index cdad671a..b696e652 100644
--- a/lib/exclusive-canonicalization.js
+++ b/lib/exclusive-canonicalization.js
@@ -49,7 +49,6 @@ class ExclusiveCanonicalization {
}
renderAttrs(node, defaultNS) {
- let a;
let i;
let attr;
const res = [];
@@ -72,12 +71,7 @@ class ExclusiveCanonicalization {
attrListToRender.sort(this.attrCompare);
- for (a in attrListToRender) {
- if (!attrListToRender.hasOwnProperty(a)) {
- continue;
- }
-
- attr = attrListToRender[a];
+ for (attr of attrListToRender) {
res.push(" ", attr.name, '="', utils.encodeSpecialCharactersInAttribute(attr.value), '"');
}
@@ -95,9 +89,7 @@ class ExclusiveCanonicalization {
* @api private
*/
renderNs(node, prefixesInScope, defaultNs, defaultNsForPrefix, inclusiveNamespacesPrefixList) {
- let a;
let i;
- let p;
let attr;
const res = [];
let newDefaultNs = defaultNs;
@@ -161,12 +153,7 @@ class ExclusiveCanonicalization {
nsListToRender.sort(this.nsCompare);
//render namespaces
- for (a in nsListToRender) {
- if (!nsListToRender.hasOwnProperty(a)) {
- continue;
- }
-
- p = nsListToRender[a];
+ for (const p of nsListToRender) {
res.push(" xmlns:", p.prefix, '="', p.namespaceURI, '"');
}
diff --git a/lib/signed-xml.js b/lib/signed-xml.js
index d75cce22..9e2ed485 100644
--- a/lib/signed-xml.js
+++ b/lib/signed-xml.js
@@ -249,12 +249,7 @@ class SignedXml {
}
validateReferences(doc) {
- for (const r in this.references) {
- if (!this.references.hasOwnProperty(r)) {
- continue;
- }
-
- const ref = this.references[r];
+ for (const ref of this.references) {
let elemXpath;
const uri = ref.uri[0] === "#" ? ref.uri.substring(1) : ref.uri;
let elem = [];
@@ -266,12 +261,8 @@ class SignedXml {
throw new Error("Cannot validate a uri with quotes inside it");
} else {
let num_elements_for_id = 0;
- for (const index in this.idAttributes) {
- if (!this.idAttributes.hasOwnProperty(index)) {
- continue;
- }
- const tmp_elemXpath =
- "//*[@*[local-name(.)='" + this.idAttributes[index] + "']='" + uri + "']";
+ for (const attr of this.idAttributes) {
+ const tmp_elemXpath = `//*[@*[local-name(.)='${attr}']='${uri}']`;
const tmp_elem = xpath.select(tmp_elemXpath, doc);
num_elements_for_id += tmp_elem.length;
if (tmp_elem.length > 0) {
@@ -352,12 +343,8 @@ class SignedXml {
throw new Error("could not find any Reference elements");
}
- for (const i in references) {
- if (!references.hasOwnProperty(i)) {
- continue;
- }
-
- this.loadReference(references[i]);
+ for (const reference of references) {
+ this.loadReference(reference);
}
this.signatureValue = utils
@@ -400,15 +387,12 @@ class SignedXml {
if (nodes.length !== 0) {
const transformsNode = nodes[0];
const transformsAll = utils.findChilds(transformsNode, "Transform");
- for (const t in transformsAll) {
- if (!transformsAll.hasOwnProperty(t)) {
- continue;
- }
-
- trans = transformsAll[t];
+ for (const t of transformsAll) {
+ trans = t;
transforms.push(utils.findAttr(trans, "Algorithm").value);
}
+ // This is a little strange, we are looking for children of the last child of `transformsNode`
const inclusiveNamespaces = utils.findChilds(trans, "InclusiveNamespaces");
if (inclusiveNamespaces.length > 0) {
//Should really only be one prefix list, but maybe there's some circumstances where more than one to lets handle it
@@ -676,12 +660,7 @@ class SignedXml {
prefix = prefix || "";
prefix = prefix ? prefix + ":" : prefix;
- for (const n in this.references) {
- if (!this.references.hasOwnProperty(n)) {
- continue;
- }
-
- const ref = this.references[n];
+ for (const ref of this.references) {
const nodes = xpath.selectWithResolver(ref.xpath, doc, this.namespaceResolver);
if (nodes.length === 0) {
@@ -690,12 +669,7 @@ class SignedXml {
);
}
- for (const h in nodes) {
- if (!nodes.hasOwnProperty(h)) {
- continue;
- }
-
- const node = nodes[h];
+ for (const node of nodes) {
if (ref.isEmptyUri) {
res += "<" + prefix + 'Reference URI="">';
} else {
@@ -704,12 +678,7 @@ class SignedXml {
res += "<" + prefix + 'Reference URI="#' + id + '">';
}
res += "<" + prefix + "Transforms>";
- for (const t in ref.transforms) {
- if (!ref.transforms.hasOwnProperty(t)) {
- continue;
- }
-
- const trans = ref.transforms[t];
+ for (const trans of ref.transforms) {
const transform = this.findCanonicalizationAlgorithm(trans);
res += "<" + prefix + 'Transform Algorithm="' + transform.getAlgorithmName() + '"';
if (ref.inclusiveNamespacesPrefixList) {
@@ -761,12 +730,8 @@ class SignedXml {
let canonXml = node.cloneNode(true); // Deep clone
- for (const t in transforms) {
- if (!transforms.hasOwnProperty(t)) {
- continue;
- }
-
- const transform = this.findCanonicalizationAlgorithm(transforms[t]);
+ Object.values(transforms).forEach((transformName) => {
+ const transform = this.findCanonicalizationAlgorithm(transformName);
canonXml = transform.process(canonXml, options);
//TODO: currently transform.process may return either Node or String value (enveloped transformation returns Node, exclusive-canonicalization returns String).
//This either needs to be more explicit in the API, or all should return the same.
@@ -775,7 +740,8 @@ class SignedXml {
//enveloped transformation returns Node since if it would return String consider this case:
//
//if only y is the node to sign then a string would be without the definition of the p namespace. probably xmldom toString() should have added it.
- }
+ });
+
return canonXml.toString();
}
@@ -793,16 +759,10 @@ class SignedXml {
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
);
} else {
- for (const index in this.idAttributes) {
- if (!this.idAttributes.hasOwnProperty(index)) {
- continue;
- }
-
- attr = utils.findAttr(node, this.idAttributes[index], null);
- if (attr) {
- break;
- }
- }
+ Object.values(this.idAttributes).some((idAttribute) => {
+ attr = utils.findAttr(node, idAttribute, null);
+ return !!attr; // This will break the loop as soon as a truthy attr is found.
+ });
}
if (attr) {