infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

simplify dropdown content sanitization

Browse Source
pull/1/head
ansuz 3 years ago
parent fe7531c137
commit e65d93efdf
4 changed files with 104 additions and 45 deletions
Show Stats Download Patch File Download Diff File

88
www/common/common-ui-elements.js
Unescape Escape View File

@ -1420,9 +1420,20 @@ define([
} }
// Button // Button
var $button = $('<button>', { var $button;
'class': config.buttonCls || ''
}).append($('<span>', {'class': 'cp-dropdown-button-title'}).html(config.text || "")); if (config.buttonContent) {
$button = $(h('button', {
class: config.buttonCls || '',
}, [
h('span.cp-dropdown-button-title', config.buttonContent),
]));
} else {
$button = $('<button>', {
'class': config.buttonCls || ''
}).append($('<span>', {'class': 'cp-dropdown-button-title'}).text(config.text || ""));
}
if (config.caretDown) { if (config.caretDown) {
$('<span>', { $('<span>', {
'class': 'fa fa-caret-down', 'class': 'fa fa-caret-down',
@ -1445,8 +1456,24 @@ define([
var setOptions = function (options) { var setOptions = function (options) {
options.forEach(function (o) { options.forEach(function (o) {
if (!isValidOption(o)) { return; } if (!isValidOption(o)) { return; }
if (isElement(o)) { return $innerblock.append($(o)); } if (isElement(o)) { return $innerblock.append(o); }
var $el = $('<' + o.tag + '>', o.attributes || {}).html(o.content || ''); var $el = $('<' + o.tag + '>', o.attributes || {});
if (typeof(o.content) === 'string' || (o.content instanceof Element)) {
o.content = [o.content];
}
if (Array.isArray(o.content)) {
o.content.forEach(function (item) {
if (item instanceof Element) {
return void $el.append(item);
}
if (typeof(item) === 'string') {
$el[0].appendChild(document.createTextNode(item));
}
});
// array of elements or text nodes
}
$el.appendTo($innerblock); $el.appendTo($innerblock);
if (typeof(o.action) === 'function') { if (typeof(o.action) === 'function') {
$el.click(function (e) { $el.click(function (e) {
@ -1533,8 +1560,8 @@ define([
$container.on('click', 'a', function () { $container.on('click', 'a', function () {
value = $(this).data('value'); value = $(this).data('value');
var $val = $(this); var $val = $(this);
var textValue = $val.html() || value; var textValue = $val.text() || value;
$button.find('.cp-dropdown-button-title').html(textValue); $button.find('.cp-dropdown-button-title').text(textValue);
$container.onChange.fire(textValue, value); $container.onChange.fire(textValue, value);
}); });
$container.keydown(function (e) { $container.keydown(function (e) {
@ -1594,14 +1621,13 @@ define([
$container.setValue = function (val, name, sync) { $container.setValue = function (val, name, sync) {
value = val; value = val;
var $val = $innerblock.find('[data-value="'+val+'"]'); var $val = $innerblock.find('[data-value="'+val+'"]');
var textValue = name || $val.html() || val; var textValue = name || $val.text() || val;
if (sync) { var f = function () {
$button.find('.cp-dropdown-button-title').html(textValue); $button.find('.cp-dropdown-button-title').text(textValue);
return; };
}
setTimeout(function () { if (sync) { return void f(); }
$button.find('.cp-dropdown-button-title').html(textValue); setTimeout(f);
});
}; };
$container.getValue = function () { $container.getValue = function () {
return typeof(value) === "undefined" ? '' : value; return typeof(value) === "undefined" ? '' : value;
@ -1676,33 +1702,37 @@ define([
var metadataMgr = Common.getMetadataMgr(); var metadataMgr = Common.getMetadataMgr();
var displayNameCls = config.displayNameCls || 'cp-toolbar-user-name'; var displayNameCls = config.displayNameCls || 'cp-toolbar-user-name';
var $displayedName = $('<span>', {'class': displayNameCls});
var priv = metadataMgr.getPrivateData(); var priv = metadataMgr.getPrivateData();
var accountName = Util.fixHTML(priv.accountName); var accountName = Util.fixHTML(priv.accountName);
var origin = priv.origin; var origin = priv.origin;
var padType = metadataMgr.getMetadata().type; var padType = metadataMgr.getMetadata().type;
var $userName = $('<span>');
var options = []; var options = [];
if (config.displayNameCls) { if (config.displayNameCls) {
var $userAdminContent = $('<p>'); var userAdminContent = [];
if (accountName) { if (accountName) {
var $userAccount = $('<span>').append(Messages.user_accountName + ': '); userAdminContent.push(h('span', [
Messages.user_accountName,
$userAdminContent.append($userAccount).append(accountName); ': ',
$userAdminContent.append($('<br>')); h('span', accountName),
]));
userAdminContent.push(h('br'));
} }
if (config.displayName && !AppConfig.disableProfile) { if (config.displayName && !AppConfig.disableProfile) {
// Hide "Display name:" in read only mode // Hide "Display name:" in read only mode
$userName.append(Messages.user_displayName + ': '); userAdminContent.push(h('span', [
$userName.append($displayedName); Messages.user_displayName,
': ',
h('span', {
class: displayNameCls,
}),
]));
} }
$userAdminContent.append($userName);
options.push({ options.push({
tag: 'p', tag: 'p',
attributes: {'class': 'cp-toolbar-account'}, attributes: {'class': 'cp-toolbar-account'},
content: $userAdminContent.html() content: userAdminContent,
}); });
} }
@ -1964,7 +1994,7 @@ define([
$userbig.append($('<span>', {'class': 'account-name'}).text(accountName)); $userbig.append($('<span>', {'class': 'account-name'}).text(accountName));
}*/ }*/
var dropdownConfigUser = { var dropdownConfigUser = {
text: $userButton.html(), // Button initial text buttonContent: $userButton[0],
options: options, // Entries displayed in the menu options: options, // Entries displayed in the menu
left: true, // Open to the left of the button left: true, // Open to the left of the button
container: config.$initBlock, // optional container: config.$initBlock, // optional
@ -2066,7 +2096,9 @@ define([
'data-value': l, 'data-value': l,
'href': '#', 'href': '#',
}, },
content: languages[l] // Pretty name of the language value content: [ // supplying content as an array ensures it's a text node, not parsed HTML
languages[l] // Pretty name of the language value
],
}); });
}); });
var dropdownConfig = { var dropdownConfig = {

55
www/common/drive-ui.js
Unescape Escape View File

@ -2935,34 +2935,49 @@ define([
if (isInRoot) { if (isInRoot) {
options.push({ options.push({
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-new-folder'}, attributes: {'class': 'cp-app-drive-new-folder pewpew'},
content: $('<div>').append($folderIcon.clone()).html() + Messages.fm_folder content: [
$folderIcon.clone()[0],
Messages.fm_folder,
],
}); });
if (!APP.disableSF && !manager.isInSharedFolder(currentPath)) { if (!APP.disableSF && !manager.isInSharedFolder(currentPath)) {
options.push({ options.push({
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-new-shared-folder'}, attributes: {'class': 'cp-app-drive-new-shared-folder'},
content: $('<div>').append($sharedFolderIcon.clone()).html() + Messages.fm_sharedFolder content: [
$sharedFolderIcon.clone()[0],
Messages.fm_sharedFolder,
],
}); });
} }
options.push({tag: 'hr'}); options.push({tag: 'hr'});
options.push({ options.push({
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-new-fileupload'}, attributes: {'class': 'cp-app-drive-new-fileupload'},
content: $('<div>').append(getIcon('fileupload')).html() + Messages.uploadButton content: [
getIcon('fileupload')[0],
Messages.uploadButton,
],
}); });
if (APP.allowFolderUpload) { if (APP.allowFolderUpload) {
options.push({ options.push({
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-new-folderupload'}, attributes: {'class': 'cp-app-drive-new-folderupload'},
content: $('<div>').append(getIcon('folderupload')).html() + Messages.uploadFolderButton content: [
getIcon('folderupload')[0],
Messages.uploadFolderButton,
],
}); });
} }
options.push({tag: 'hr'}); options.push({tag: 'hr'});
options.push({ options.push({
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-new-link'}, attributes: {'class': 'cp-app-drive-new-link'},
content: $('<div>').append(getIcon('link')).html() + Messages.fm_link_new content: [
getIcon('link')[0],
Messages.fm_link_new,
],
}); });
options.push({tag: 'hr'}); options.push({tag: 'hr'});
} }
@ -2983,14 +2998,17 @@ define([
options.push({ options.push({
tag: 'a', tag: 'a',
attributes: attributes, attributes: attributes,
content: $('<div>').append(getIcon(type)).html() + Messages.type[type] content: [
getIcon(type)[0],
Messages.type[type],
],
}); });
}); });
var $plusIcon = $('<div>').append($('<span>', {'class': 'fa fa-plus'}));
var dropdownConfig = { var dropdownConfig = {
text: $plusIcon.html() + '<span>'+Messages.fm_newButton+'</span>', buttonContent: [
h('span.fa.fa-plus'),
h('span', Messages.fm_newButton),
],
options: options, options: options,
feedback: 'DRIVE_NEWPAD_LOCALFOLDER', feedback: 'DRIVE_NEWPAD_LOCALFOLDER',
common: common common: common
@ -3071,15 +3089,24 @@ define([
var options = [{ var options = [{
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-element-type'}, attributes: {'class': 'cp-app-drive-element-type'},
content: '<i class="fa fa-minus"></i>' + Messages.fm_type content: [
h('i.fa.fa-minus'),
Messages.fm_type,
],
},{ },{
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-element-atime'}, attributes: {'class': 'cp-app-drive-element-atime'},
content: '<i class="fa fa-minus"></i>' + Messages.fm_lastAccess content: [
h('i.fa.fa-minus'),
Messages.fm_lastAccess,
],
},{ },{
tag: 'a', tag: 'a',
attributes: {'class': 'cp-app-drive-element-ctime'}, attributes: {'class': 'cp-app-drive-element-ctime'},
content: '<i class="fa fa-minus"></i>' + Messages.fm_creation content: [
h('i.fa.fa-minus'),
Messages.fm_creation,
],
}]; }];
var dropdownConfig = { var dropdownConfig = {
text: '', // Button initial text text: '', // Button initial text

2
www/common/sframe-app-framework.js
Unescape Escape View File

@ -663,7 +663,7 @@ define([
'data-value': '', 'data-value': '',
'href': '#' 'href': '#'
}, },
content: '&nbsp;' content: ' ',
}); });
var dropdownConfig = { var dropdownConfig = {
text: ext, // Button initial text text: ext, // Button initial text

4
www/common/sframe-common-codemirror.js
Unescape Escape View File

@ -343,7 +343,7 @@ define([
'data-value': l.mode, 'data-value': l.mode,
'href': '#', 'href': '#',
}, },
content: l.language // Pretty name of the language value content: [l.language] // Pretty name of the language value
}); });
}); });
var dropdownConfig = { var dropdownConfig = {
@ -395,7 +395,7 @@ define([
'data-value': l.name, 'data-value': l.name,
'href': '#', 'href': '#',
}, },
content: l.name // Pretty name of the language value content: [l.name] // Pretty name of the language value
}); });
}); });
var dropdownConfig = { var dropdownConfig = {

Write Preview
Loading…
Cancel
Save