removed all usages of "eval()" for better CSP header support

src/teavm/java/net/lax1dude/eaglercraft/Client.java

@@ -106,36 +106,36 @@ public class Client {
 			//str.append("eaglercraft.username = \"").append(EaglerProfile.username).append("\"\n");
 			//str.append("eaglercraft.channel = \"").append(EaglerProfile.myChannel).append("\"\n");
 			str.append('\n');
-			addArray(str, "window.minecraftOpts");
+			shortenMinecraftOpts();
+			addArray(str, "minecraftOpts");
 			str.append('\n');
-			addDebug(str, "window.navigator.userAgent");
-			addDebug(str, "window.navigator.vendor");
-			addDebug(str, "window.navigator.language");
-			addDebug(str, "window.navigator.hardwareConcurrency");
-			addDebug(str, "window.navigator.deviceMemory");
-			addDebug(str, "window.navigator.platform");
-			addDebug(str, "window.navigator.product");
+			addDebugNav(str, "userAgent");
+			addDebugNav(str, "vendor");
+			addDebugNav(str, "language");
+			addDebugNav(str, "hardwareConcurrency");
+			addDebugNav(str, "deviceMemory");
+			addDebugNav(str, "platform");
+			addDebugNav(str, "product");
 			str.append('\n');
 			str.append("rootElement.clientWidth = ").append(rootElement.getClientWidth()).append('\n');
 			str.append("rootElement.clientHeight = ").append(rootElement.getClientHeight()).append('\n');
-			addDebug(str, "window.innerWidth");
-			addDebug(str, "window.innerHeight");
-			addDebug(str, "window.outerWidth");
-			addDebug(str, "window.outerHeight");
-			addDebug(str, "window.devicePixelRatio");
-			addDebug(str, "window.screen.availWidth");
-			addDebug(str, "window.screen.availHeight");
-			addDebug(str, "window.screen.colorDepth");
-			addDebug(str, "window.screen.pixelDepth");
+			addDebug(str, "innerWidth");
+			addDebug(str, "innerHeight");
+			addDebug(str, "outerWidth");
+			addDebug(str, "outerHeight");
+			addDebug(str, "devicePixelRatio");
+			addDebugScreen(str, "availWidth");
+			addDebugScreen(str, "availHeight");
+			addDebugScreen(str, "colorDepth");
+			addDebugScreen(str, "pixelDepth");
 			str.append('\n');
-			addDebug(str, "window.currentContext");
+			addDebug(str, "currentContext");
 			str.append('\n');
-			addDebug(str, "window.location.href");
-			addArray(str, "window.location.ancestorOrigins");
+			addDebugLocation(str, "href");
 			str.append("\n----- Begin Minecraft Config -----\n");
 			str.append(LocalStorageManager.dumpConfiguration());
 			str.append("\n----- End Minecraft Config -----\n\n");
-			addDebug(str, "window.minecraftServer");
+			addDebug(str, "minecraftServer");
 			
 			String s = rootElement.getAttribute("style");
 			rootElement.setAttribute("style", (s == null ? "" : s) + "position:relative;");
@@ -166,18 +166,42 @@ public class Client {
 		div.appendChild(doc.createTextNode(msg));
 	}
 	
-	@JSBody(params = { "v" }, script = "try { return \"\"+window.eval(v); } catch(e) { return \"<error>\"; }")
+	@JSBody(params = { "v" }, script = "try { return \"\"+window[v]; } catch(e) { return \"<error>\"; }")
 	private static native String getString(String var);
+	
+	@JSBody(params = { "v" }, script = "try { return \"\"+window.navigator[v]; } catch(e) { return \"<error>\"; }")
+	private static native String getStringNav(String var);
+
+	@JSBody(params = { "v" }, script = "try { return \"\"+window.screen[v]; } catch(e) { return \"<error>\"; }")
+	private static native String getStringScreen(String var);
+
+	@JSBody(params = { "v" }, script = "try { return \"\"+window.location[v]; } catch(e) { return \"<error>\"; }")
+	private static native String getStringLocation(String var);
+	
+	@JSBody(params = { }, script = "for(var i = 0; i < window.minecraftOpts.length; ++i) { if(window.minecraftOpts[i].length > 2048) window.minecraftOpts[i] = \"[\" + Math.floor(window.minecraftOpts[i].length * 0.001) + \"k characters]\"; }")
+	private static native void shortenMinecraftOpts();
 
 	private static void addDebug(StringBuilder str, String var) {
-		str.append(var).append(" = ").append(getString(var)).append('\n');
+		str.append("window.").append(var).append(" = ").append(getString(var)).append('\n');
+	}
+	
+	private static void addDebugNav(StringBuilder str, String var) {
+		str.append("window.navigator.").append(var).append(" = ").append(getStringNav(var)).append('\n');
+	}
+	
+	private static void addDebugScreen(StringBuilder str, String var) {
+		str.append("window.screen.").append(var).append(" = ").append(getStringScreen(var)).append('\n');
+	}
+	
+	private static void addDebugLocation(StringBuilder str, String var) {
+		str.append("window.location.").append(var).append(" = ").append(getStringLocation(var)).append('\n');
 	}
 	
 	private static void addArray(StringBuilder str, String var) {
-		str.append(var).append(" = ").append(getArray(var)).append('\n');
+		str.append("window.").append(var).append(" = ").append(getArray(var)).append('\n');
 	}
 	
-	@JSBody(params = { "v" }, script = "try { return JSON.stringify(window.eval(v)); } catch(e) { return \"[\\\"<error>\\\"]\"; }")
+	@JSBody(params = { "v" }, script = "try { return (typeof window[v] !== \"undefined\") ? JSON.stringify(window[v]) : \"[\\\"<error>\\\"]\"; } catch(e) { return \"[\\\"<error>\\\"]\"; }")
 	private static native String getArray(String var);
 	
 }

src/teavm/java/net/lax1dude/eaglercraft/adapter/EaglerAdapterImpl2.java

@@ -180,8 +180,11 @@ public class EaglerAdapterImpl2 {
 		return identifier;
 	}
 
-	@JSBody(params = { "v" }, script = "try { return \"\"+window.eval(v); } catch(e) { return \"<error>\"; }")
-	private static native String getString(String var);
+	@JSBody(params = { }, script = "return window.navigator.userAgent;")
+	private static native String getUA();
+	
+	@JSBody(params = { }, script = "return window.navigator.platform;")
+	private static native String getPlaf();
 	
 	public static void onWindowUnload() {
 		LocalStorageManager.saveStorageG();
@@ -216,7 +219,7 @@ public class EaglerAdapterImpl2 {
 		canvasBack.setHeight(height);
 		webgl = (WebGL2RenderingContext) canvasBack.getContext("webgl2", youEagler());
 		if(webgl == null) {
-			throw new RuntimeException("WebGL 2.0 is not supported in your browser ("+getString("window.navigator.userAgent")+")");
+			throw new RuntimeException("WebGL 2.0 is not supported in your browser ("+getUA()+")");
 		}
 		setContextVar(webgl);
 		
@@ -315,31 +318,7 @@ public class EaglerAdapterImpl2 {
 			}
 		});
 		onBeforeCloseRegister();
-		execute("window.eagsFileChooser = {\r\n" + 
-				"inputElement: null,\r\n" + 
-				"openFileChooser: function(ext, mime){\r\n" + 
-				"el = window.eagsFileChooser.inputElement = document.createElement(\"input\");\r\n" + 
-				"el.type = \"file\";\r\n" + 
-				"el.multiple = false;\r\n" + 
-				"el.addEventListener(\"change\", function(evt){\r\n" + 
-				"var f = window.eagsFileChooser.inputElement.files;\r\n" + 
-				"if(f.length == 0){\r\n" + 
-				"window.eagsFileChooser.getFileChooserResult = null;\r\n" + 
-				"}else{\r\n" + 
-				"(async function(){\r\n" + 
-				"window.eagsFileChooser.getFileChooserResult = await f[0].arrayBuffer();\r\n" + 
-				"window.eagsFileChooser.getFileChooserResultName = f[0].name;\r\n" + 
-				"})();\r\n" + 
-				"}\r\n" + 
-				"});\r\n" + 
-				"window.eagsFileChooser.getFileChooserResult = null;\r\n" + 
-				"window.eagsFileChooser.getFileChooserResultName = null;\r\n" + 
-				"el.accept = mime;\r\n" + 
-				"el.click();\r\n" + 
-				"},\r\n" + 
-				"getFileChooserResult: null,\r\n" + 
-				"getFileChooserResultName: null\r\n" + 
-				"};");
+		initFileChooser();
 		
 		EarlyLoadScreen.paintScreen();
 		
@@ -379,6 +358,34 @@ public class EaglerAdapterImpl2 {
 		keyEvents.clear();
 	}
 	
+	@JSBody(params = { }, script = 
+			"window.eagsFileChooser = {\r\n" + 
+			"inputElement: null,\r\n" + 
+			"openFileChooser: function(ext, mime){\r\n" + 
+			"var el = window.eagsFileChooser.inputElement = document.createElement(\"input\");\r\n" + 
+			"el.type = \"file\";\r\n" + 
+			"el.multiple = false;\r\n" + 
+			"el.addEventListener(\"change\", function(evt){\r\n" + 
+			"var f = window.eagsFileChooser.inputElement.files;\r\n" + 
+			"if(f.length == 0){\r\n" + 
+			"window.eagsFileChooser.getFileChooserResult = null;\r\n" + 
+			"}else{\r\n" + 
+			"(async function(){\r\n" + 
+			"window.eagsFileChooser.getFileChooserResult = await f[0].arrayBuffer();\r\n" + 
+			"window.eagsFileChooser.getFileChooserResultName = f[0].name;\r\n" + 
+			"})();\r\n" + 
+			"}\r\n" + 
+			"});\r\n" + 
+			"window.eagsFileChooser.getFileChooserResult = null;\r\n" + 
+			"window.eagsFileChooser.getFileChooserResultName = null;\r\n" + 
+			"el.accept = mime;\r\n" + 
+			"el.click();\r\n" + 
+			"},\r\n" + 
+			"getFileChooserResult: null,\r\n" + 
+			"getFileChooserResultName: null\r\n" + 
+			"};")
+	private static native void initFileChooser();
+	
 	public static final void destroyContext() {
 		
 	}
@@ -894,7 +901,7 @@ public class EaglerAdapterImpl2 {
 		return __wglGetTexParameterf(webgl, p1);
 	}
 	public static final boolean isWindows() {
-		return getString("window.navigator.platform").toLowerCase().contains("win");
+		return getPlaf().toLowerCase().contains("win");
 	}
 	private static HTMLCanvasElement imageLoadCanvas = null;
 	private static CanvasRenderingContext2D imageLoadContext = null;
@@ -1372,9 +1379,6 @@ public class EaglerAdapterImpl2 {
 	public static final void redirectTo(String url) {
 		Window.current().getLocation().setFullURL(url);
 	}
-
-	@JSBody(params = { "str" }, script = "window.eval(str);")
-	private static native void execute(String str);
 	
 	@JSBody(params = { }, script = "window.onbeforeunload = function(){javaMethods.get('net.lax1dude.eaglercraft.adapter.EaglerAdapterImpl2.onWindowUnload()V').invoke();return false;};")
 	private static native void onBeforeCloseRegister();