Replaced white/black list terminology

refs 92986b77e3

- I thought we did this a while ago, but uses in comments and elsewhere in the codebase were missed

core/frontend/apps/amp/lib/helpers/amp_content.js

@@ -187,9 +187,8 @@ function ampContent() {
         // Use cheerio to traverse through HTML and make little clean-ups
         $ = cheerio.load(ampHTML);
 
-        // We have to remove source children in video, as source
+        // We have to remove source children in video, as source is allowed for audio,
-        // is whitelisted for audio, but causes validation
+        // but causes validation errors in video, because video will be stripped out.
-        // errors in video, because video will be stripped out.
         // @TODO: remove this, when Amperize support video transform
         $('video').children('source').remove();
         $('video').children('track').remove();

core/frontend/web/middleware/static-theme.js

@@ -4,18 +4,18 @@ const constants = require('@tryghost/constants');
 const themeEngine = require('../../services/theme-engine');
 const express = require('../../../shared/express');
 
-function isBlackListedFileType(file) {
+function isDeniedFile(file) {
-    const blackListedFileTypes = ['.hbs', '.md', '.json'];
+    const deniedFileTypes = ['.hbs', '.md', '.json'];
     const ext = path.extname(file);
 
-    return blackListedFileTypes.includes(ext);
+    return deniedFileTypes.includes(ext);
 }
 
-function isWhiteListedFile(file) {
+function isAllowedFile(file) {
-    const whiteListedFiles = ['manifest.json'];
+    const allowedFiles = ['manifest.json'];
     const base = path.basename(file);
 
-    return whiteListedFiles.includes(base);
+    return allowedFiles.includes(base);
 }
 
 function forwardToExpressStatic(req, res, next) {
@@ -31,8 +31,8 @@ function forwardToExpressStatic(req, res, next) {
 }
 
 function staticTheme() {
-    return function blackListStatic(req, res, next) {
+    return function denyStatic(req, res, next) {
-        if (!isWhiteListedFile(req.path) && isBlackListedFileType(req.path)) {
+        if (!isAllowedFile(req.path) && isDeniedFile(req.path)) {
             return next();
         }
 

core/server/data/importer/importers/data/settings.js

@@ -80,9 +80,6 @@ class SettingsImporter extends BaseImporter {
         };
     }
 
-    /**
-     * - 'core' and 'theme' are blacklisted
-     */
     beforeImport() {
         debug('beforeImport');
 

core/server/models/label.js

@@ -92,7 +92,7 @@ Label = ghostBookshelf.Model.extend({
     permittedOptions: function permittedOptions(methodName) {
         let options = ghostBookshelf.Model.permittedOptions.call(this, methodName);
 
-        // whitelists for the `options` hash argument on methods, by method name.
+        // allowlists for the `options` hash argument on methods, by method name.
         // these are the only options that can be passed to Bookshelf / Knex.
         const validOptions = {
             findAll: ['columns'],

core/server/models/post.js

@@ -1019,7 +1019,7 @@ Post = ghostBookshelf.Model.extend({
     permittedOptions: function permittedOptions(methodName) {
         let options = ghostBookshelf.Model.permittedOptions.call(this, methodName);
 
-        // whitelists for the `options` hash argument on methods, by method name.
+        // allowlists for the `options` hash argument on methods, by method name.
         // these are the only options that can be passed to Bookshelf / Knex.
         const validOptions = {
             findOne: ['columns', 'importing', 'withRelated', 'require', 'filter'],

core/server/models/role.js

@@ -42,7 +42,7 @@ Role = ghostBookshelf.Model.extend({
     permittedOptions: function permittedOptions(methodName) {
         let options = ghostBookshelf.Model.permittedOptions.call(this, methodName);
 
-        // whitelists for the `options` hash argument on methods, by method name.
+        // allowlists for the `options` hash argument on methods, by method name.
         // these are the only options that can be passed to Bookshelf / Knex.
         const validOptions = {
             findOne: ['withRelated'],

core/server/models/tag.js

@@ -163,7 +163,7 @@ Tag = ghostBookshelf.Model.extend({
     permittedOptions: function permittedOptions(methodName) {
         let options = ghostBookshelf.Model.permittedOptions.call(this, methodName);
 
-        // whitelists for the `options` hash argument on methods, by method name.
+        // allowlists for the `options` hash argument on methods, by method name.
         // these are the only options that can be passed to Bookshelf / Knex.
         const validOptions = {
             findAll: ['columns'],

core/server/models/user.js

@@ -392,7 +392,7 @@ User = ghostBookshelf.Model.extend({
     permittedOptions: function permittedOptions(methodName, options) {
         let permittedOptionsToReturn = ghostBookshelf.Model.permittedOptions.call(this, methodName);
 
-        // whitelists for the `options` hash argument on methods, by method name.
+        // allowlists for the `options` hash argument on methods, by method name.
         // these are the only options that can be passed to Bookshelf / Knex.
         const validOptions = {
             findOne: ['withRelated', 'status'],

core/server/web/api/middleware/cors.js

@@ -72,7 +72,7 @@ function handleCORS(req, cb) {
         return cb(null, DISABLE_CORS);
     }
 
-    // Origin matches whitelist
+    // Origin matches allowlist
     if (getAllowlist().indexOf(url.parse(origin).hostname) > -1) {
         return cb(null, ENABLE_CORS);
     }

core/shared/settings-cache/public.js

@@ -3,7 +3,7 @@
  * This has been misused - unsplash and slack are incorrectly stored there
  * https://github.com/TryGhost/Ghost/issues/10318
  *
- * This file acts as a new whitelist for "public" settings
+ * This file acts as an allowlist for "public" settings
  */
 
 module.exports = {

test/integration/settings/settings.test.js

@@ -6,7 +6,7 @@ const testUtils = require('../../utils');
  *
  * If this test fails for you, you have modified the default settings.
  * When you make a change or add new setting, please ensure that:
- * - If a new `core` setting is added/removed/renamed, update the below whitelist
+ * - If a new `core` setting is added/removed/renamed, update the allowlist below
  * - If a new non-`core` setting is added, it includes corresponding migration to populate its `group` and `flags`
  */
 

test/unit/frontend/web/middleware/static-theme.test.js

@@ -107,7 +107,7 @@ describe('staticTheme', function () {
         });
     });
 
-    it('should NOT skip if file is on whitelist', function (done) {
+    it('should NOT skip if file is allowed', function (done) {
         req.path = 'manifest.json';
 
         staticTheme()(req, res, function next() {

test/unit/server/data/exporter/index.test.js

@@ -166,7 +166,7 @@ describe('Exporter', function () {
         });
     });
 
-    describe('Export table whitelists', function () {
+    describe('Export table allowlists', function () {
         it('should be fixed when db schema introduces new tables', function () {
             const {
                 BACKUP_TABLES,

test/unit/server/web/api/middleware/cors.test.js

@@ -77,7 +77,7 @@ describe('cors', function () {
         done();
     });
 
-    it('should not be enabled the if origin is not whitelisted', function (done) {
+    it('should not be enabled the if origin is not allowed', function (done) {
         const origin = 'http://not-trusted.com';
 
         req.get = sinon.stub().withArgs('origin').returns(origin);