From 78970bbbe1f6e292c1314fafc5fc49d1ace22c2e Mon Sep 17 00:00:00 2001
From: Wojciech Maj <kontakt@wojtekmaj.pl>
Date: Mon, 29 Jun 2020 17:15:14 +0200
Subject: [PATCH] Replace non-inclusive "whitelist" term with "allowlist"

---
 extensions/chromium/contentscript.js    | 2 +-
 extensions/chromium/extension-router.js | 2 +-
 src/shared/util.js                      | 2 +-
 test/unit/util_spec.js                  | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/extensions/chromium/contentscript.js b/extensions/chromium/contentscript.js
index 5680a5b3a..a29963e78 100644
--- a/extensions/chromium/contentscript.js
+++ b/extensions/chromium/contentscript.js
@@ -150,7 +150,7 @@ function updateObjectElement(elem) {
   //   attribute reloads the content (provided that the type was correctly set).
   // - When <object type=text/html data="chrome-extension://..."> is used
   //   (tested with a data-URL, data:text/html,<object...>, the extension's
-  //   origin whitelist is not set up, so the viewer can't load the PDF file.
+  //   origin allowlist is not set up, so the viewer can't load the PDF file.
   // - The content of the <object> tag may be affected by <param> tags.
   //
   // To make sure that our solution works for all cases, we will insert a frame
diff --git a/extensions/chromium/extension-router.js b/extensions/chromium/extension-router.js
index c0ca26f1e..b1ee148d5 100644
--- a/extensions/chromium/extension-router.js
+++ b/extensions/chromium/extension-router.js
@@ -40,7 +40,7 @@ limitations under the License.
    */
   function parseExtensionURL(url) {
     url = url.substring(CRX_BASE_URL.length);
-    // Find the (url-encoded) colon and verify that the scheme is whitelisted.
+    // Find the (url-encoded) colon and verify that the scheme is allowed.
     var schemeIndex = url.search(/:|%3A/i);
     if (schemeIndex === -1) {
       return undefined;
diff --git a/src/shared/util.js b/src/shared/util.js
index 64b07f526..c077f4957 100644
--- a/src/shared/util.js
+++ b/src/shared/util.js
@@ -363,7 +363,7 @@ function isSameOrigin(baseUrl, otherUrl) {
   return base.origin === other.origin;
 }
 
-// Checks if URLs use one of the whitelisted protocols, e.g. to avoid XSS.
+// Checks if URLs use one of the allowed protocols, e.g. to avoid XSS.
 function _isValidProtocol(url) {
   if (!url) {
     return false;
diff --git a/test/unit/util_spec.js b/test/unit/util_spec.js
index 8d5a76968..e6e8e7549 100644
--- a/test/unit/util_spec.js
+++ b/test/unit/util_spec.js
@@ -239,11 +239,11 @@ describe("util", function () {
       expect(createValidAbsoluteUrl("/foo", "/bar")).toEqual(null);
     });
 
-    it("handles URLs that do not use a whitelisted protocol", function () {
+    it("handles URLs that do not use an allowed protocol", function () {
       expect(createValidAbsoluteUrl("magnet:?foo", null)).toEqual(null);
     });
 
-    it("correctly creates a valid URL for whitelisted protocols", function () {
+    it("correctly creates a valid URL for allowed protocols", function () {
       // `http` protocol
       expect(
         createValidAbsoluteUrl("http://www.mozilla.org/foo", null)