From cea35da714bd442d88396e2f582b97e65ac49d2e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 6 May 2021 21:39:16 +0000 Subject: [PATCH] deploy: 0a21d741ce06ad3a880efb0971eaf7bb51effb78 --- develop/doc/html/_static/underscore.js | 23 +++++++++++++++---- develop/doc/html/design/basics.html | 2 +- develop/doc/html/design/channel.html | 2 +- develop/doc/html/design/color_base.html | 2 +- develop/doc/html/design/color_space.html | 2 +- develop/doc/html/design/concepts.html | 2 +- develop/doc/html/design/conclusions.html | 2 +- develop/doc/html/design/dynamic_image.html | 2 +- develop/doc/html/design/examples.html | 2 +- develop/doc/html/design/extending.html | 2 +- develop/doc/html/design/image.html | 2 +- develop/doc/html/design/image_view.html | 2 +- develop/doc/html/design/index.html | 2 +- develop/doc/html/design/metafunctions.html | 2 +- develop/doc/html/design/pixel.html | 2 +- develop/doc/html/design/pixel_iterator.html | 2 +- develop/doc/html/design/pixel_locator.html | 2 +- develop/doc/html/design/point.html | 2 +- develop/doc/html/design/technicalities.html | 2 +- develop/doc/html/genindex.html | 2 +- develop/doc/html/histogram/create.html | 2 +- develop/doc/html/histogram/cumulative.html | 2 +- develop/doc/html/histogram/extend.html | 2 +- .../doc/html/histogram/extension/index.html | 2 +- .../html/histogram/extension/overview.html | 2 +- develop/doc/html/histogram/extension/std.html | 2 +- develop/doc/html/histogram/fill.html | 2 +- develop/doc/html/histogram/index.html | 2 +- develop/doc/html/histogram/limitations.html | 2 +- develop/doc/html/histogram/overview.html | 2 +- .../doc/html/histogram/stl_compatibility.html | 2 +- develop/doc/html/histogram/subhistogram.html | 2 +- develop/doc/html/histogram/utilities.html | 2 +- .../affine-region-detectors.html | 2 +- develop/doc/html/image_processing/basics.html | 2 +- .../histogram_equalization.html | 2 +- .../histogram_matching.html | 2 +- .../contrast_enhancement/index.html | 2 +- .../contrast_enhancement/overview.html | 2 +- develop/doc/html/image_processing/index.html | 2 +- .../doc/html/image_processing/overview.html | 2 +- develop/doc/html/index.html | 2 +- develop/doc/html/installation.html | 2 +- develop/doc/html/io.html | 2 +- develop/doc/html/naming.html | 2 +- develop/doc/html/numeric.html | 2 +- develop/doc/html/search.html | 2 +- develop/doc/html/toolbox.html | 2 +- develop/doc/html/tutorial/gradient.html | 2 +- develop/doc/html/tutorial/histogram.html | 2 +- develop/doc/html/tutorial/video.html | 2 +- 51 files changed, 69 insertions(+), 54 deletions(-) diff --git a/develop/doc/html/_static/underscore.js b/develop/doc/html/_static/underscore.js index 8219dc508..709ae8e30 100644 --- a/develop/doc/html/_static/underscore.js +++ b/develop/doc/html/_static/underscore.js @@ -1550,6 +1550,13 @@ return '\\' + escapes[match]; }; + // In order to prevent third-party code injection through + // `_.templateSettings.variable`, we test it against the following regular + // expression. It is intentionally a bit more liberal than just matching valid + // identifiers, but still prevents possible loopholes through defaults or + // destructuring assignment. + var bareIdentifier = /^\s*(\w|\$)+\s*$/; + // JavaScript micro-templating, similar to John Resig's implementation. // Underscore templating handles arbitrary delimiters, preserves whitespace, // and correctly escapes quotes within interpolated code. @@ -1585,8 +1592,17 @@ }); source += "';\n"; - // If a variable is not specified, place data values in local scope. - if (!settings.variable) source = 'with(obj||{}){\n' + source + '}\n'; + var argument = settings.variable; + if (argument) { + // Insure against third-party code injection. + if (!bareIdentifier.test(argument)) throw new Error( + 'variable is not a bare identifier: ' + argument + ); + } else { + // If a variable is not specified, place data values in local scope. + source = 'with(obj||{}){\n' + source + '}\n'; + argument = 'obj'; + } source = "var __t,__p='',__j=Array.prototype.join," + "print=function(){__p+=__j.call(arguments,'');};\n" + @@ -1594,7 +1610,7 @@ var render; try { - render = new Function(settings.variable || 'obj', '_', source); + render = new Function(argument, '_', source); } catch (e) { e.source = source; throw e; @@ -1605,7 +1621,6 @@ }; // Provide the compiled source as a convenience for precompilation. - var argument = settings.variable || 'obj'; template.source = 'function(' + argument + '){\n' + source + '}'; return template; diff --git a/develop/doc/html/design/basics.html b/develop/doc/html/design/basics.html index aa259ae95..e3c829f27 100644 --- a/develop/doc/html/design/basics.html +++ b/develop/doc/html/design/basics.html @@ -114,7 +114,7 @@ read the sections in order.

diff --git a/develop/doc/html/design/channel.html b/develop/doc/html/design/channel.html index bef609783..8cce20f11 100644 --- a/develop/doc/html/design/channel.html +++ b/develop/doc/html/design/channel.html @@ -263,7 +263,7 @@ channel-level algorithms that GIL provides:

diff --git a/develop/doc/html/design/color_base.html b/develop/doc/html/design/color_base.html index 2978fa9a3..e306b5814 100644 --- a/develop/doc/html/design/color_base.html +++ b/develop/doc/html/design/color_base.html @@ -310,7 +310,7 @@ color base require that they all have the same color space.

diff --git a/develop/doc/html/design/color_space.html b/develop/doc/html/design/color_space.html index 41985a0c5..1bd6b3748 100644 --- a/develop/doc/html/design/color_space.html +++ b/develop/doc/html/design/color_space.html @@ -162,7 +162,7 @@ A color space and its associated mapping are often used together.

diff --git a/develop/doc/html/design/concepts.html b/develop/doc/html/design/concepts.html index d1c902d34..df228d460 100644 --- a/develop/doc/html/design/concepts.html +++ b/develop/doc/html/design/concepts.html @@ -143,7 +143,7 @@ Most of them are defined at the diff --git a/develop/doc/html/design/conclusions.html b/develop/doc/html/design/conclusions.html index 375cb8b1a..d5d88348a 100644 --- a/develop/doc/html/design/conclusions.html +++ b/develop/doc/html/design/conclusions.html @@ -121,7 +121,7 @@ raw pixel data from another image library.

diff --git a/develop/doc/html/design/dynamic_image.html b/develop/doc/html/design/dynamic_image.html index 12508938c..6b89c179d 100644 --- a/develop/doc/html/design/dynamic_image.html +++ b/develop/doc/html/design/dynamic_image.html @@ -274,7 +274,7 @@ uniformly as a collection and store them in the same container.

diff --git a/develop/doc/html/design/examples.html b/develop/doc/html/design/examples.html index 0c08ddda7..4a27866ec 100644 --- a/develop/doc/html/design/examples.html +++ b/develop/doc/html/design/examples.html @@ -264,7 +264,7 @@ channel depth. They could be either planar or interleaved.

diff --git a/develop/doc/html/design/extending.html b/develop/doc/html/design/extending.html index cda7d39bf..b36ee9d0d 100644 --- a/develop/doc/html/design/extending.html +++ b/develop/doc/html/design/extending.html @@ -234,7 +234,7 @@ defines the Mandelbrot set.

diff --git a/develop/doc/html/design/image.html b/develop/doc/html/design/image.html index 7e5edd085..b83ccec2d 100644 --- a/develop/doc/html/design/image.html +++ b/develop/doc/html/design/image.html @@ -175,7 +175,7 @@ there are no padding bits at the end of rows of packed images.

diff --git a/develop/doc/html/design/image_view.html b/develop/doc/html/design/image_view.html index 6dad6208d..bf46e5258 100644 --- a/develop/doc/html/design/image_view.html +++ b/develop/doc/html/design/image_view.html @@ -486,7 +486,7 @@ development and is not optimized for speed

diff --git a/develop/doc/html/design/index.html b/develop/doc/html/design/index.html index adc981c02..a4bd910af 100644 --- a/develop/doc/html/design/index.html +++ b/develop/doc/html/design/index.html @@ -102,7 +102,7 @@ structure and basic elements of the Generic Image Library (GIL).

diff --git a/develop/doc/html/design/metafunctions.html b/develop/doc/html/design/metafunctions.html index 6733cf612..4f5ee59ea 100644 --- a/develop/doc/html/design/metafunctions.html +++ b/develop/doc/html/design/metafunctions.html @@ -302,7 +302,7 @@ is basic, but a color converted view or a virtual view is not.

diff --git a/develop/doc/html/design/pixel.html b/develop/doc/html/design/pixel.html index 9f33b62aa..cea42ef86 100644 --- a/develop/doc/html/design/pixel.html +++ b/develop/doc/html/design/pixel.html @@ -348,7 +348,7 @@ different color spaces and channel types:

diff --git a/develop/doc/html/design/pixel_iterator.html b/develop/doc/html/design/pixel_iterator.html index 7d41e21c6..86ba409b5 100644 --- a/develop/doc/html/design/pixel_iterator.html +++ b/develop/doc/html/design/pixel_iterator.html @@ -368,7 +368,7 @@ but not MemoryBased diff --git a/develop/doc/html/design/pixel_locator.html b/develop/doc/html/design/pixel_locator.html index 184360695..771c40c29 100644 --- a/develop/doc/html/design/pixel_locator.html +++ b/develop/doc/html/design/pixel_locator.html @@ -358,7 +358,7 @@ using the x-iterators directly.

diff --git a/develop/doc/html/design/point.html b/develop/doc/html/design/point.html index 54f6b81a8..67143ea63 100644 --- a/develop/doc/html/design/point.html +++ b/develop/doc/html/design/point.html @@ -134,7 +134,7 @@ coordinate type.

diff --git a/develop/doc/html/design/technicalities.html b/develop/doc/html/design/technicalities.html index 27f9b0b0f..6fe388d73 100644 --- a/develop/doc/html/design/technicalities.html +++ b/develop/doc/html/design/technicalities.html @@ -159,7 +159,7 @@ suggesting the above solution.

diff --git a/develop/doc/html/genindex.html b/develop/doc/html/genindex.html index 0bef0c91b..e90ccc99f 100644 --- a/develop/doc/html/genindex.html +++ b/develop/doc/html/genindex.html @@ -76,7 +76,7 @@ diff --git a/develop/doc/html/histogram/create.html b/develop/doc/html/histogram/create.html index 25a7b603b..3525af616 100644 --- a/develop/doc/html/histogram/create.html +++ b/develop/doc/html/histogram/create.html @@ -105,7 +105,7 @@ to match the GIL image.

diff --git a/develop/doc/html/histogram/cumulative.html b/develop/doc/html/histogram/cumulative.html index 022d353f3..f3c84fb17 100644 --- a/develop/doc/html/histogram/cumulative.html +++ b/develop/doc/html/histogram/cumulative.html @@ -102,7 +102,7 @@ and then call the function.

diff --git a/develop/doc/html/histogram/extend.html b/develop/doc/html/histogram/extend.html index 537c905b0..a452f0c36 100644 --- a/develop/doc/html/histogram/extend.html +++ b/develop/doc/html/histogram/extend.html @@ -138,7 +138,7 @@ the key.

diff --git a/develop/doc/html/histogram/extension/index.html b/develop/doc/html/histogram/extension/index.html index 54ece1475..926de70a3 100644 --- a/develop/doc/html/histogram/extension/index.html +++ b/develop/doc/html/histogram/extension/index.html @@ -90,7 +90,7 @@ usage of external containers as histograms for GIL images.

diff --git a/develop/doc/html/histogram/extension/overview.html b/develop/doc/html/histogram/extension/overview.html index f559bca01..4b81d9197 100644 --- a/develop/doc/html/histogram/extension/overview.html +++ b/develop/doc/html/histogram/extension/overview.html @@ -121,7 +121,7 @@ are provided as extensions.

diff --git a/develop/doc/html/histogram/extension/std.html b/develop/doc/html/histogram/extension/std.html index d007e16fb..112d455ff 100644 --- a/develop/doc/html/histogram/extension/std.html +++ b/develop/doc/html/histogram/extension/std.html @@ -120,7 +120,7 @@ diff --git a/develop/doc/html/histogram/fill.html b/develop/doc/html/histogram/fill.html index 474322d1a..f74f5af0e 100644 --- a/develop/doc/html/histogram/fill.html +++ b/develop/doc/html/histogram/fill.html @@ -182,7 +182,7 @@ which is of std::tu diff --git a/develop/doc/html/histogram/index.html b/develop/doc/html/histogram/index.html index a2c5f573e..dc47d66d5 100644 --- a/develop/doc/html/histogram/index.html +++ b/develop/doc/html/histogram/index.html @@ -95,7 +95,7 @@ histogram class and functions used in many image processing algorithms.

diff --git a/develop/doc/html/histogram/limitations.html b/develop/doc/html/histogram/limitations.html index f94e7409d..55ce35ad8 100644 --- a/develop/doc/html/histogram/limitations.html +++ b/develop/doc/html/histogram/limitations.html @@ -82,7 +82,7 @@ diff --git a/develop/doc/html/histogram/overview.html b/develop/doc/html/histogram/overview.html index 0c10375b2..63fa97cbb 100644 --- a/develop/doc/html/histogram/overview.html +++ b/develop/doc/html/histogram/overview.html @@ -114,7 +114,7 @@ key are shipped with the class itself.

diff --git a/develop/doc/html/histogram/stl_compatibility.html b/develop/doc/html/histogram/stl_compatibility.html index 513bffc8f..b5809fcdd 100644 --- a/develop/doc/html/histogram/stl_compatibility.html +++ b/develop/doc/html/histogram/stl_compatibility.html @@ -82,7 +82,7 @@ diff --git a/develop/doc/html/histogram/subhistogram.html b/develop/doc/html/histogram/subhistogram.html index 02d3f3e52..c8c9c8f7a 100644 --- a/develop/doc/html/histogram/subhistogram.html +++ b/develop/doc/html/histogram/subhistogram.html @@ -137,7 +137,7 @@ and blue color lie between 2 - 10

diff --git a/develop/doc/html/histogram/utilities.html b/develop/doc/html/histogram/utilities.html index d85769e28..cd12db571 100644 --- a/develop/doc/html/histogram/utilities.html +++ b/develop/doc/html/histogram/utilities.html @@ -82,7 +82,7 @@ diff --git a/develop/doc/html/image_processing/affine-region-detectors.html b/develop/doc/html/image_processing/affine-region-detectors.html index 4b7f60fa3..b0eac3523 100644 --- a/develop/doc/html/image_processing/affine-region-detectors.html +++ b/develop/doc/html/image_processing/affine-region-detectors.html @@ -162,7 +162,7 @@ detector.” In Alvey vision conference, vol. 15, no. 50, pp. 10-5244. diff --git a/develop/doc/html/image_processing/basics.html b/develop/doc/html/image_processing/basics.html index 171f730d6..1d7467b88 100644 --- a/develop/doc/html/image_processing/basics.html +++ b/develop/doc/html/image_processing/basics.html @@ -123,7 +123,7 @@ gets sharper depending on it’s sigma value.

diff --git a/develop/doc/html/image_processing/contrast_enhancement/histogram_equalization.html b/develop/doc/html/image_processing/contrast_enhancement/histogram_equalization.html index d1d7f4ff4..8816d90b5 100644 --- a/develop/doc/html/image_processing/contrast_enhancement/histogram_equalization.html +++ b/develop/doc/html/image_processing/contrast_enhancement/histogram_equalization.html @@ -145,7 +145,7 @@ before trying the histogram equalization algorithm.

diff --git a/develop/doc/html/image_processing/contrast_enhancement/histogram_matching.html b/develop/doc/html/image_processing/contrast_enhancement/histogram_matching.html index 58698487f..5c360af1d 100644 --- a/develop/doc/html/image_processing/contrast_enhancement/histogram_matching.html +++ b/develop/doc/html/image_processing/contrast_enhancement/histogram_matching.html @@ -138,7 +138,7 @@ before trying the histogram matching algorithm.

diff --git a/develop/doc/html/image_processing/contrast_enhancement/index.html b/develop/doc/html/image_processing/contrast_enhancement/index.html index 01b47feef..c5a98fc98 100644 --- a/develop/doc/html/image_processing/contrast_enhancement/index.html +++ b/develop/doc/html/image_processing/contrast_enhancement/index.html @@ -89,7 +89,7 @@ processing algorithms used for contrast enhancement.

diff --git a/develop/doc/html/image_processing/contrast_enhancement/overview.html b/develop/doc/html/image_processing/contrast_enhancement/overview.html index b1b77ce4a..8ca36f65e 100644 --- a/develop/doc/html/image_processing/contrast_enhancement/overview.html +++ b/develop/doc/html/image_processing/contrast_enhancement/overview.html @@ -95,7 +95,7 @@ These include :

diff --git a/develop/doc/html/image_processing/index.html b/develop/doc/html/image_processing/index.html index c5f947508..92a6fc848 100644 --- a/develop/doc/html/image_processing/index.html +++ b/develop/doc/html/image_processing/index.html @@ -103,7 +103,7 @@ features, structures and algorithms, for image processing and analysis.

diff --git a/develop/doc/html/image_processing/overview.html b/develop/doc/html/image_processing/overview.html index 9a4075099..389fa64f3 100644 --- a/develop/doc/html/image_processing/overview.html +++ b/develop/doc/html/image_processing/overview.html @@ -88,7 +88,7 @@ projects run in frame of the Google Summer of Code 2019:

diff --git a/develop/doc/html/index.html b/develop/doc/html/index.html index 753475a70..86c93c5ca 100644 --- a/develop/doc/html/index.html +++ b/develop/doc/html/index.html @@ -197,7 +197,7 @@ Blurring images (requires the optional Numeric extension) diff --git a/develop/doc/html/installation.html b/develop/doc/html/installation.html index 368cdd538..fb67640fd 100644 --- a/develop/doc/html/installation.html +++ b/develop/doc/html/installation.html @@ -105,7 +105,7 @@ of the library repository.

diff --git a/develop/doc/html/io.html b/develop/doc/html/io.html index 090fbdaff..a9fa7fe87 100644 --- a/develop/doc/html/io.html +++ b/develop/doc/html/io.html @@ -747,7 +747,7 @@ to enable the tests:

diff --git a/develop/doc/html/naming.html b/develop/doc/html/naming.html index 74c4f4a75..6131af724 100644 --- a/develop/doc/html/naming.html +++ b/develop/doc/html/naming.html @@ -114,7 +114,7 @@ pixel. diff --git a/develop/doc/html/numeric.html b/develop/doc/html/numeric.html index 289d681fc..14dd516fb 100644 --- a/develop/doc/html/numeric.html +++ b/develop/doc/html/numeric.html @@ -79,7 +79,7 @@ diff --git a/develop/doc/html/search.html b/develop/doc/html/search.html index 2f8d931e2..90af0d2b3 100644 --- a/develop/doc/html/search.html +++ b/develop/doc/html/search.html @@ -89,7 +89,7 @@ diff --git a/develop/doc/html/toolbox.html b/develop/doc/html/toolbox.html index fcf610af2..3bba20731 100644 --- a/develop/doc/html/toolbox.html +++ b/develop/doc/html/toolbox.html @@ -126,7 +126,7 @@ made suggestions for improvements.

diff --git a/develop/doc/html/tutorial/gradient.html b/develop/doc/html/tutorial/gradient.html index d4f3b269d..b19d6e5ca 100644 --- a/develop/doc/html/tutorial/gradient.html +++ b/develop/doc/html/tutorial/gradient.html @@ -953,7 +953,7 @@ code with different compilers.

diff --git a/develop/doc/html/tutorial/histogram.html b/develop/doc/html/tutorial/histogram.html index bc7ae168e..65a8f76e9 100644 --- a/develop/doc/html/tutorial/histogram.html +++ b/develop/doc/html/tutorial/histogram.html @@ -171,7 +171,7 @@ memory is allocated and no images are copied.

diff --git a/develop/doc/html/tutorial/video.html b/develop/doc/html/tutorial/video.html index 312f6308b..4f1c0b96a 100644 --- a/develop/doc/html/tutorial/video.html +++ b/develop/doc/html/tutorial/video.html @@ -82,7 +82,7 @@