Revert "fix: logs for testing"

This reverts commit 7247ee7.

Author: MiroslavDionisiev

packages/scratch-svg-renderer/src/sanitize-svg.js

@@ -8,17 +8,15 @@ const DOMPurify = require('isomorphic-dompurify');
 
 const sanitizeSvg = {};
 
-const isInternalRef = ref => ref.startsWith('#') || ref.startsWith('data:');
-
 DOMPurify.addHook(
     'beforeSanitizeAttributes',
     currentNode => {
 
         if (currentNode && currentNode.href && currentNode.href.baseVal) {
             const href = currentNode.href.baseVal.replace(/\s/g, '');
             // "data:" and "#" are valid hrefs
-            if (!isInternalRef(href)) {
-                // TODO: Those can be in different namespaces than `xlink:`
+            if ((href.slice(0, 5) !== 'data:') && (href.slice(0, 1) !== '#')) {
+
                 if (currentNode.attributes.getNamedItem('xlink:href')) {
                     currentNode.attributes.removeNamedItem('xlink:href');
                     delete currentNode['xlink:href'];
@@ -29,24 +27,6 @@ DOMPurify.addHook(
                 }
             }
         }
-
-        // Remove url(...) usages with external references
-        if (currentNode && currentNode.attributes) {
-            for (let i = currentNode.attributes.length - 1; i >= 0; i--) {
-                const attr = currentNode.attributes[i];
-                const rawValue = attr.value || '';
-                const value = rawValue.toLowerCase().replace(/\s/g, '');
-        
-                const urlMatch = value.match(/url\((.+?)\)/);
-                if (urlMatch) {
-                    const ref = urlMatch[1].replace(/['"]/g, '');
-                    if (!isInternalRef(ref)) {
-                        currentNode.removeAttribute(attr.name);
-                    }
-                }
-            }
-        }
-    
         return currentNode;
     }
 );
@@ -57,34 +37,13 @@ DOMPurify.addHook(
         if (data.tagName === 'style') {
             const ast = parse(node.textContent);
             let isModified = false;
-
+            // Remove any @import rules as it could leak HTTP requests
             walk(ast, (astNode, item, list) => {
-                // @import rules
-                if (astNode.type === 'Atrule' && astNode.name.toLowerCase() === 'import') {
+                if (astNode.type === 'Atrule' && astNode.name === 'import') {
                     list.remove(item);
                     isModified = true;
                 }
-                
-                // Elements using url(...) for external resources
-                if (astNode.type === 'Declaration' && astNode.value) {
-                    let shouldRemove = false;
-                    walk(astNode.value, valueNode => {
-                        if (valueNode.type === 'Url') {
-                            const urlValue = (valueNode.value.value || '').trim().replace(/['"]/g, '');
-    
-                            if (!isInternalRef(urlValue)) {
-                                shouldRemove = true;
-                            }
-                        }
-                    });
-
-                    if (shouldRemove) {
-                        list.remove(item);
-                        isModified = true;
-                    }
-                }
             });
-
             if (isModified) {
                 node.textContent = generate(ast);
             }

packages/scratch-vm/src/import/load-costume.js

@@ -356,8 +356,6 @@ const loadCostumeFromAsset = function (costume, runtime, optVersion) {
  * @returns {?Promise} - a promise which will resolve after skinId is set, or null on error.
  */
 const loadCostume = function (md5ext, costume, runtime, optVersion) {
-    console.log('CCCCCCCCCCCCCCCCCCCCCCCCCCCC');
-    console.log(md5ext);
     const idParts = StringUtil.splitFirst(md5ext, '.');
     const md5 = idParts[0];
     const ext = idParts[1].toLowerCase();
@@ -396,8 +394,6 @@ const loadCostume = function (md5ext, costume, runtime, optVersion) {
             if (assetArray[0]) {
                 costume.asset = assetArray[0];
             } else {
-                console.log('BBBBBBBBBBBBBBBBBBBBBBBBBBB');
-                console.log(md5ext);
                 return handleCostumeLoadError(costume, runtime);
             }
 
@@ -409,8 +405,6 @@ const loadCostume = function (md5ext, costume, runtime, optVersion) {
         .catch(error => {
             // Handle case where storage.load rejects with errors
             // instead of resolving null
-            console.log('AAAAAAAAAAAAAAAAAAAAAAAA');
-            console.log(md5ext);
             log.warn('Error loading costume: ', error);
             return handleCostumeLoadError(costume, runtime);
         });

packages/scratch-vm/src/serialization/sb2.js

@@ -452,10 +452,6 @@ const parseScratchAssets = function (object, runtime, topLevel, zip) {
             if (costumeSource.textLayerMD5) {
                 costume.textLayerMD5 = StringUtil.splitFirst(costumeSource.textLayerMD5, '.')[0];
             }
-            console.log('////////////////////////////');
-            console.log('sb2: old md5');
-            console.log(costume.md5);
-            console.log('////////////////////////////');
             // If there is no internet connection, or if the asset is not in storage
             // for some reason, and we are doing a local .sb2 import, (e.g. zip is provided)
             // the file name of the costume should be the baseLayerID followed by the file ext

packages/scratch-vm/src/serialization/sb3.js

@@ -894,17 +894,13 @@ const parseScratchAssets = function (object, runtime, zip) {
             costumeSource.md5ext : `${costumeSource.assetId}.${dataFormat}`;
         costume.md5 = costumeMd5Ext;
         costume.dataFormat = dataFormat;
-        console.log('////////////////////////////');
-        console.log('sb3: old md5');
-        console.log(costumeMd5Ext);
-        console.log('////////////////////////////');
         // deserializeCostume should be called on the costume object we're
         // creating above instead of the source costume object, because this way
         // we're always loading the 'sb3' representation of the costume
         // any translation that needs to happen will happen in the process
         // of building up the costume object into an sb3 format
         return deserializeCostume(costume, runtime, zip)
-            .then(() => loadCostume(costume.md5, costume, runtime));
+            .then(() => loadCostume(costumeMd5Ext, costume, runtime));
         // Only attempt to load the costume after the deserialization
         // process has been completed
     });