decentral1se/pandora
1
0
Fork 0
forked from 0x2620/pandora
Code Issues Pull requests Projects Releases Wiki Activity

escape find values in url

Browse source
This commit is contained in:
j 2017-11-16 17:25:52 +01:00
parent 959ffaba25
commit 8c25aceb67
6 changed files with 13 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
static/js/embedDialog.js
View file

@ -290,10 +290,7 @@ pandora.ui.embedDialog = function(/*[url, ]callback*/) {
? '%' + char.charCodeAt(0).toString(16).toUpperCase() ? '%' + char.charCodeAt(0).toString(16).toUpperCase()
: char; : char;
}); });
return ret.replace(/_/g, '%09') return pandora.escapeQueryValue(ret);
.replace(/\s/g, '_')
.replace(/</g, '%0E')
.replace(/>/g, '%0F');
} }
function getForm() { function getForm() {

2
static/js/infoView.0xdb.js
View file

@ -781,7 +781,7 @@ pandora.ui.infoView = function(data) {
function formatValue(value, key) { function formatValue(value, key) {
return (Ox.isArray(value) ? value : [value]).map(function(value) { return (Ox.isArray(value) ? value : [value]).map(function(value) {
return key ? return key ?
'<a href="/' + key + '=' + value + '">' + value + '</a>' '<a href="/' + key + '=' + pandora.escapeQueryValue(value) + '">' + value + '</a>'
: value; : value;
}).join(', '); }).join(', ');
} }

2
static/js/infoView.indiancinema.js
View file

@ -694,7 +694,7 @@ pandora.ui.infoView = function(data) {
return key return key
? '<a href="/' + ( ? '<a href="/' + (
key == 'alternativeTitles' ? 'title' : key key == 'alternativeTitles' ? 'title' : key
) + '=' + value + '">' + value + '</a>' ) + '=' + pandora.escapeQueryValue(value) + '">' + value + '</a>'
: value; : value;
}).join(Ox.contains(specialListKeys, key) ? '; ' : ', '); }).join(Ox.contains(specialListKeys, key) ? '; ' : ', ');
} }

2
static/js/infoView.padma.js
View file

@ -586,7 +586,7 @@ pandora.ui.infoView = function(data) {
function formatLink(key, value, linkValue) { function formatLink(key, value, linkValue) {
return (Ox.isArray(value) ? value : [value]).map(function(value) { return (Ox.isArray(value) ? value : [value]).map(function(value) {
return key return key
? '<a href="/' + key + '=' + (linkValue ? linkValue : value) + '">' + value + '</a>' ? '<a href="/' + key + '=' + pandora.escapeQueryValue(linkValue ? linkValue : value) + '">' + value + '</a>'
: value; : value;
}).join(', '); }).join(', ');
} }

5
static/js/insertEmbedDialog.js
View file

@ -442,7 +442,7 @@ pandora.ui.insertEmbedDialog = function(/*[url, ]callback*/) {
var data = Ox.map($input, function($element) { var data = Ox.map($input, function($element) {
return $element.options('value'); return $element.options('value');
}), }),
options = Ox.serialize({ options = pandora.escapeQueryValue(Ox.serialize({
title: data.title || void 0, title: data.title || void 0,
showTimeline: data.showTimeline || void 0, showTimeline: data.showTimeline || void 0,
timeline: data.timeline && data.timeline != 'default' timeline: data.timeline && data.timeline != 'default'
@ -451,8 +451,7 @@ pandora.ui.insertEmbedDialog = function(/*[url, ]callback*/) {
showLayers: data.showAnnotations && data.showLayers showLayers: data.showAnnotations && data.showLayers
? data.showLayers : void 0, ? data.showLayers : void 0,
//matchRatio: true //matchRatio: true
}, true) }, true))
.replace(/_/g, '%09').replace(/\s/g, '_')
.replace(/"/g, '&quot;'); .replace(/"/g, '&quot;');
url = data.protocol + '://' url = data.protocol + '://'
+ data.site + '/' + data.site + '/'

7
static/js/utils.js
View file

@ -1046,6 +1046,13 @@ pandora.enableDragAndDrop = function($list, canMove, section, getItems) {
}; };
pandora.escapeQueryValue = function(value) {
return value.replace(/_/g, '%09')
.replace(/\s/g, '_')
.replace(/</g, '%0E')
.replace(/>/g, '%0F');
};
pandora.enterFullscreen = function() { pandora.enterFullscreen = function() {
pandora.$ui.appPanel.size(0, 0); pandora.$ui.appPanel.size(0, 0);
if (pandora.user.ui.showSidebar) { if (pandora.user.ui.showSidebar) {