Webatrice websocket refactor (#4435)

* add unit tests for websocket events

* add unit tests for KeepAliveService, clean up keepAlive termination flow

* put keepAlive command in protobuf service and expose thru webClient

* secure wss

* rename files tsx to ts

* add localhost support for ws/wss connection

Co-authored-by: Jeremy Letto <jeremy.letto@datasite.com>

webclient/src/websocket/utils/sanitizeHtml.util.ts

@@ -0,0 +1,51 @@
+import $ from "jquery";
+
+export function sanitizeHtml(msg: string): string {
+  const $div = $("<div>").html(msg);
+  const whitelist = {
+    tags: "br,a,img,center,b,font",
+    attrs: ["href","color"],
+    href: ["http://","https://","ftp://","//"]
+  };
+
+  // remove all tags, attributes, and href protocols except some
+  enforceTagWhitelist($div, whitelist.tags);
+  enforceAttrWhitelist($div, whitelist.attrs);
+  enforceHrefWhitelist($div, whitelist.href);
+
+  return $div.html();
+}
+
+function enforceTagWhitelist($el: JQuery<HTMLElement>, tags: string): void {
+  $el.find("*").not(tags).each(function() {
+    $(this).replaceWith(this.innerHTML);
+  });
+}
+
+function enforceAttrWhitelist($el: JQuery<HTMLElement>, attrs: string[]): void {
+  $el.find("*").each(function() {
+    var attributes = this.attributes;
+    var i = attributes.length;
+    while( i-- ) {
+      var attr = attributes[i];
+      if( $.inArray(attr.name,attrs) === -1 )
+        this.removeAttributeNode(attr);
+    }
+  });
+}
+
+function enforceHrefWhitelist($el: JQuery<HTMLElement>, hrefs: string[]): void {
+  $el.find("[href]").each(function() {
+    const $_el = $(this);
+    const  attributeValue = $_el.attr("href");
+
+    for (let protocol in hrefs) {
+        if (attributeValue.indexOf(hrefs[protocol]) === 0) {
+            $_el.attr("target", "_blank");
+            return;
+        }
+    }
+
+    $_el.removeAttr("href");        
+  });
+}