← Back to branch summary

~canonical-sysadmins/wordpress/4.7.4

« back to all changes in this revision

Viewing changes to wp-admin/js/password-strength-meter.js

  • Committer: Jacek Nykis
  • Date: 2015-01-05 16:17:05 UTC
  • Revision ID: jacek.nykis@canonical.com-20150105161705-w544l1h5mcg7u4w9
Initial commit

Show diffs side-by-side

added added

removed removed

Lines of Context:
wp-admin/js/password-strength-meter.js
 
1
/* global zxcvbn */
 
2
window.wp = window.wp || {};
 
3
 
 
4
var passwordStrength;
 
5
(function($){
 
6
        wp.passwordStrength = {
 
7
                /**
 
8
                 * Determine the strength of a given password
 
9
                 *
 
10
                 * @param string password1 The password
 
11
                 * @param array blacklist An array of words that will lower the entropy of the password
 
12
                 * @param string password2 The confirmed password
 
13
                 */
 
14
                meter : function( password1, blacklist, password2 ) {
 
15
                        if ( ! $.isArray( blacklist ) )
 
16
                                blacklist = [ blacklist.toString() ];
 
17
 
 
18
                        if (password1 != password2 && password2 && password2.length > 0)
 
19
                                return 5;
 
20
 
 
21
                        var result = zxcvbn( password1, blacklist );
 
22
                        return result.score;
 
23
                },
 
24
 
 
25
                /**
 
26
                 * Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used
 
27
                 *
 
28
                 * @return array The array of data to be blacklisted
 
29
                 */
 
30
                userInputBlacklist : function() {
 
31
                        var i, userInputFieldsLength, rawValuesLength, currentField,
 
32
                                rawValues       = [],
 
33
                                blacklist       = [],
 
34
                                userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ];
 
35
 
 
36
                        // Collect all the strings we want to blacklist
 
37
                        rawValues.push( document.title );
 
38
                        rawValues.push( document.URL );
 
39
 
 
40
                        userInputFieldsLength = userInputFields.length;
 
41
                        for ( i = 0; i < userInputFieldsLength; i++ ) {
 
42
                                currentField = $( '#' + userInputFields[ i ] );
 
43
 
 
44
                                if ( 0 === currentField.length ) {
 
45
                                        continue;
 
46
                                }
 
47
 
 
48
                                rawValues.push( currentField[0].defaultValue );
 
49
                                rawValues.push( currentField.val() );
 
50
                        }
 
51
 
 
52
                        // Strip out non-alphanumeric characters and convert each word to an individual entry
 
53
                        rawValuesLength = rawValues.length;
 
54
                        for ( i = 0; i < rawValuesLength; i++ ) {
 
55
                                if ( rawValues[ i ] ) {
 
56
                                        blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) );
 
57
                                }
 
58
                        }
 
59
 
 
60
                        // Remove empty values, short words, and duplicates. Short words are likely to cause many false positives.
 
61
                        blacklist = $.grep( blacklist, function( value, key ) {
 
62
                                if ( '' === value || 4 > value.length ) {
 
63
                                        return false;
 
64
                                }
 
65
 
 
66
                                return $.inArray( value, blacklist ) === key;
 
67
                        });
 
68
 
 
69
                        return blacklist;
 
70
                }
 
71
        };
 
72
 
 
73
        // Backwards compatibility.
 
74
        passwordStrength = wp.passwordStrength.meter;
 
75
})(jQuery);
 
 
b'\\ No newline at end of file'