header.js: Fixed XSS and reduced complexity#690
Open
helms-charity wants to merge 1 commit intomainfrom
Open
Conversation
|
Hello, I'm the AEM Code Sync Bot and I will run some actions to deploy your branch and validate page speed.
Commits
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cognitive complexity that was fixed:
Summary of the refactor for Cognitive Complexity:
decorate (target function around line 126)
Logo – getLogoFromFragment(fragment) and buildNavBrand(navBrand, logo) now handle logo parsing and brand markup.
Nav sections – buildNavSectionsFromFragment(fragment) returns the wrapper and ul; decorate only appends them.
Nav tools – getToolsData(sections) and buildNavToolsDOM(navToolsWrapper, toolsData) parse tools and build the DOM; decorate just calls them and appends.
Dropdowns – createDropdown moved to module scope. setupCustomerServiceDropdown(navTools), setupSearchDropdown(navToolsWrapper, navTools), and setupLoginDropdown(navToolsWrapper) handle all dropdown setup.
Odometer – startOdometerAnimation(navTools) is module-level. Desktop odometer is started with setTimeout(() => startOdometerAnimation(navTools), 100).
Mobile odometer – buildMobileOdometerContainer(odometerItemTexts) and wireMobileOdometer(nav, container, csDropdownOpen) build and wire the mobile odometer; startMobileOdometerAnimation(container) is module-level and uses a WeakSet so it runs once per container.
Nav section behavior – initNavSectionBehaviors(domCache, setupDesktopNavigation, setupTabletNavigation, setupMobileNavigation) runs the per-section setup so the forEach and viewport branching live in one helper.
loadNavFragmentContent (was 22, needed ≤15)
buildFragmentSectionsUl(fragmentContent) – Builds the accordion ul from fragment sections (category-nav or standard).
decorateFragmentBlocks(ul) – Decorates non–category-nav blocks (e.g. Cards) via cached dynamic imports.
loadNavFragmentContent – Now only coordinates: guard clauses, load fragment, build ul, append, decorate, attach accordion behavior, and catch.
ALSO,
I learned we shouldn't use "service" in a CSS class or {query} in a variable because they are causing false positives with 'hardcoded API' and GraphQL something something.... :-D
Fix #689
Test URLs:
There should be no functional difference in the header.