fixing urlshortening regression caused by CSP introduction, resolves #10

2016-08-18 15:09:58 +02:00 · 2016-08-18 15:09:58 +02:00 · 47646e056b
commit 47646e056b
parent cd02c6e916
7 changed files with 33 additions and 11 deletions
--- a/js/privatebin.js
+++ b/js/privatebin.js
@ -536,6 +536,16 @@ $(function() {
         */
        headers: {'X-Requested-With': 'JSONHttpRequest'},

+        /**
+         * URL shortners create address
+         */
+        shortenerUrl: '',
+
+        /**
+         * URL of newly created paste
+         */
+        createdPasteUrl: '',
+
        /**
         * Get the current script location (without search or hash part of the URL).
         * eg. http://server.com/zero/?aaaa#bbbb --> http://server.com/zero/
@ -1077,6 +1087,10 @@ $(function() {
                                url, url
                            ) + privatebin.shortenUrl(url)
                        );
+                        var shortenButton = $('#shortenbutton');
+                        if (shortenButton) {
+                            shortenButton.click($.proxy(privatebin.sendToShortener, privatebin));
+                        }
                        $('#deletelink').html('<a href="' + deleteUrl + '">' + i18n._('Delete data') + '</a>');
                        privatebin.pasteResult.removeClass('hidden');
                        // We pre-select the link so that the user only has to [Ctrl]+[c] the link.
@ -1110,11 +1124,8 @@ $(function() {
        {
            var shortenerHtml = $('#shortenbutton');
            if (shortenerHtml) {
-                var shortener = shortenerHtml.data('shortener');
-                shortenerHtml.attr(
-                    'onclick',
-                    "window.location.href = '" + shortener + encodeURIComponent(url) + "';"
-                );
+                this.shortenerUrl = shortenerHtml.data('shortener');
+                this.createdPasteUrl = url;
                return ' ' + $('<div />').append(shortenerHtml.clone()).html();
            }
            return '';
@ -1219,6 +1230,17 @@ $(function() {
            }
        },

+        /**
+         * Forward to URL shortener.
+         *
+         * @param Event event
+         */
+        sendToShortener: function(event)
+        {
+            event.preventDefault();
+            window.location.href = this.shortenerUrl + encodeURIComponent(this.createdPasteUrl);
+        },
+
        /**
         * Reload the page.
         *
--- a/tpl/bootstrap-compact.php
+++ b/tpl/bootstrap-compact.php
@ -51,7 +51,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ogLT+1peHLQkW145PU7Ko0OOSphQo7ZUAGesPH8KHI37tKRMXgTOmYyFYhyWozeufTZuadqtuJz7eOSoPDqveg==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/bootstrap-dark-page.php
+++ b/tpl/bootstrap-dark-page.php
@ -51,7 +51,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ogLT+1peHLQkW145PU7Ko0OOSphQo7ZUAGesPH8KHI37tKRMXgTOmYyFYhyWozeufTZuadqtuJz7eOSoPDqveg==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/bootstrap-dark.php
+++ b/tpl/bootstrap-dark.php
@ -51,7 +51,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ogLT+1peHLQkW145PU7Ko0OOSphQo7ZUAGesPH8KHI37tKRMXgTOmYyFYhyWozeufTZuadqtuJz7eOSoPDqveg==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/bootstrap-page.php
+++ b/tpl/bootstrap-page.php
@ -51,7 +51,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ogLT+1peHLQkW145PU7Ko0OOSphQo7ZUAGesPH8KHI37tKRMXgTOmYyFYhyWozeufTZuadqtuJz7eOSoPDqveg==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@ -51,7 +51,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ogLT+1peHLQkW145PU7Ko0OOSphQo7ZUAGesPH8KHI37tKRMXgTOmYyFYhyWozeufTZuadqtuJz7eOSoPDqveg==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/page.php
+++ b/tpl/page.php
@ -46,7 +46,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ogLT+1peHLQkW145PU7Ko0OOSphQo7ZUAGesPH8KHI37tKRMXgTOmYyFYhyWozeufTZuadqtuJz7eOSoPDqveg==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->