]> git.mxchange.org Git - friendica.git/commitdiff
projects / friendica.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ea21843)
Fix hovercard vanish
authorPhilipp Holzer <admin+github@philipp.info>
Sun, 26 May 2019 19:42:49 +0000 (21:42 +0200)
committerPhilipp Holzer <admin+github@philipp.info>
Sun, 26 May 2019 19:42:49 +0000 (21:42 +0200)
composer.json patch | blob | history
composer.lock patch | blob | history
view/templates/head.tpl patch | blob | history
view/theme/frio/js/hovercard.js patch | blob | history
view/theme/frio/js/mod_events.js patch | blob | history
view/theme/frio/js/theme.js patch | blob | history
view/theme/frio/templates/head.tpl patch | blob | history

diff --git a/composer.json b/composer.json
index c1366c6771d205a1f93f57c6b8d902e68724913b..c4aa34e4beffcdef4e6c3dc14e72d93cc0f5700d 100644 (file)
--- a/composer.json
+++ b/composer.json
@@ -56,7 +56,8 @@
                "npm-asset/fullcalendar": "^3.0.1",
                "npm-asset/cropperjs": "1.2.2",
                "npm-asset/imagesloaded": "4.1.4",
-               "pear/console_table": "^1.3"
+               "pear/console_table": "^1.3",
+               "bower-asset/dompurify": "^1.0"
        },
        "repositories": [
                {
diff --git a/composer.lock b/composer.lock
index 2fe210f5df67d8ec6cc7229693a4312e2d3cfddc..de76b4589a3e8e290afeb6fee21eb890596b82fb 100644 (file)
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "d7302553201de079b72871c0b2922ce7",
+    "content-hash": "350fdeacf9fcc039538e00a9a943f6d6",
     "packages": [
         {
             "name": "asika/simple-console",
@@ -148,6 +148,51 @@
             "description": "Base64 encoding and decoding",
             "time": "2017-03-25T21:16:21+00:00"
         },
+        {
+            "name": "bower-asset/dompurify",
+            "version": "1.0.10",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/cure53/DOMPurify.git",
+                "reference": "b537cab466329b1b077e0e5e3c14edad2b7142f7"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/cure53/DOMPurify/zipball/b537cab466329b1b077e0e5e3c14edad2b7142f7",
+                "reference": "b537cab466329b1b077e0e5e3c14edad2b7142f7",
+                "shasum": ""
+            },
+            "type": "bower-asset-library",
+            "extra": {
+                "bower-asset-main": "src/purify.js",
+                "bower-asset-ignore": [
+                    "**/.*",
+                    "demos",
+                    "scripts",
+                    "test",
+                    "website"
+                ]
+            },
+            "license": [
+                "MPL-2.0",
+                "Apache-2.0"
+            ],
+            "description": "A DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG",
+            "keywords": [
+                "cross site scripting",
+                "dom",
+                "filter",
+                "html",
+                "mathml",
+                "sanitize",
+                "sanitizer",
+                "secure",
+                "security",
+                "svg",
+                "xss"
+            ],
+            "time": "2019-02-19T13:27:01+00:00"
+        },
         {
             "name": "bower-asset/perfect-scrollbar",
             "version": "0.6.16",
@@ -1175,6 +1220,22 @@
             "require": {
                 "npm-asset/ev-emitter": ">=1.0.0,<2.0.0"
             },
+            "require-dev": {
+                "npm-asset/chalk": ">=1.1.1,<2.0.0",
+                "npm-asset/cheerio": ">=0.19.0,<0.20.0",
+                "npm-asset/gulp": ">=3.9.0,<4.0.0",
+                "npm-asset/gulp-jshint": ">=1.11.2,<2.0.0",
+                "npm-asset/gulp-json-lint": ">=0.1.0,<0.2.0",
+                "npm-asset/gulp-rename": ">=1.2.2,<2.0.0",
+                "npm-asset/gulp-replace": ">=0.5.4,<0.6.0",
+                "npm-asset/gulp-requirejs-optimize": "dev-github:metafizzy/gulp-requirejs-optimize",
+                "npm-asset/gulp-uglify": ">=1.4.2,<2.0.0",
+                "npm-asset/gulp-util": ">=3.0.7,<4.0.0",
+                "npm-asset/highlight.js": ">=8.9.1,<9.0.0",
+                "npm-asset/marked": ">=0.3.5,<0.4.0",
+                "npm-asset/minimist": ">=1.2.0,<2.0.0",
+                "npm-asset/transfob": ">=1.0.0,<2.0.0"
+            },
             "type": "npm-asset-library",
             "extra": {
                 "npm-asset-bugs": {
@@ -1220,6 +1281,14 @@
                 "reference": null,
                 "shasum": "2736e332aaee73ccf0a14a5f0066391a0a13f4a3"
             },
+            "require-dev": {
+                "npm-asset/grunt": "~0.4.2",
+                "npm-asset/grunt-contrib-cssmin": "~0.9.0",
+                "npm-asset/grunt-contrib-jshint": "~0.6.3",
+                "npm-asset/grunt-contrib-less": "~0.11.0",
+                "npm-asset/grunt-contrib-uglify": "~0.4.0",
+                "npm-asset/grunt-contrib-watch": "~0.6.1"
+            },
             "type": "npm-asset-library",
             "extra": {
                 "npm-asset-bugs": {
@@ -1253,6 +1322,32 @@
                 "reference": null,
                 "shasum": "2c89d6889b5eac522a7eea32c14521559c6cbf02"
             },
+            "require-dev": {
+                "npm-asset/commitplease": "2.0.0",
+                "npm-asset/core-js": "0.9.17",
+                "npm-asset/grunt": "0.4.5",
+                "npm-asset/grunt-babel": "5.0.1",
+                "npm-asset/grunt-cli": "0.1.13",
+                "npm-asset/grunt-compare-size": "0.4.0",
+                "npm-asset/grunt-contrib-jshint": "0.11.2",
+                "npm-asset/grunt-contrib-uglify": "0.9.2",
+                "npm-asset/grunt-contrib-watch": "0.6.1",
+                "npm-asset/grunt-git-authors": "2.0.1",
+                "npm-asset/grunt-jscs": "2.1.0",
+                "npm-asset/grunt-jsonlint": "1.0.4",
+                "npm-asset/grunt-npmcopy": "0.1.0",
+                "npm-asset/gzip-js": "0.3.2",
+                "npm-asset/jsdom": "5.6.1",
+                "npm-asset/load-grunt-tasks": "1.0.0",
+                "npm-asset/qunit-assert-step": "1.0.3",
+                "npm-asset/qunitjs": "1.17.1",
+                "npm-asset/requirejs": "2.1.17",
+                "npm-asset/sinon": "1.10.3",
+                "npm-asset/sizzle": "2.2.1",
+                "npm-asset/strip-json-comments": "1.0.3",
+                "npm-asset/testswarm": "1.1.0",
+                "npm-asset/win-spawn": "2.0.0"
+            },
             "type": "npm-asset-library",
             "extra": {
                 "npm-asset-bugs": {
@@ -1403,6 +1498,12 @@
                 "reference": null,
                 "shasum": "06f0335f16e353a695e7206bf50503cb523a6ee5"
             },
+            "require-dev": {
+                "npm-asset/grunt": "~0.4.1",
+                "npm-asset/grunt-contrib-connect": "~0.5.0",
+                "npm-asset/grunt-contrib-jshint": "~0.7.1",
+                "npm-asset/grunt-contrib-uglify": "~0.2.7"
+            },
             "type": "npm-asset-library",
             "extra": {
                 "npm-asset-bugs": {
@@ -3600,7 +3701,7 @@
                 }
             ],
             "description": "Provides the functionality to compare PHP values for equality",
-            "homepage": "http://www.github.com/sebastianbergmann/comparator",
+            "homepage": "https://github.com/sebastianbergmann/comparator",
             "keywords": [
                 "comparator",
                 "compare",
@@ -3702,7 +3803,7 @@
                 }
             ],
             "description": "Provides functionality to handle HHVM/PHP environments",
-            "homepage": "http://www.github.com/sebastianbergmann/environment",
+            "homepage": "https://github.com/sebastianbergmann/environment",
             "keywords": [
                 "Xdebug",
                 "environment",
@@ -3770,7 +3871,7 @@
                 }
             ],
             "description": "Provides the functionality to export PHP variables for visualization",
-            "homepage": "http://www.github.com/sebastianbergmann/exporter",
+            "homepage": "https://github.com/sebastianbergmann/exporter",
             "keywords": [
                 "export",
                 "exporter"
@@ -3822,7 +3923,7 @@
                 }
             ],
             "description": "Snapshotting of global state",
-            "homepage": "http://www.github.com/sebastianbergmann/global-state",
+            "homepage": "https://github.com/sebastianbergmann/global-state",
             "keywords": [
                 "global state"
             ],
@@ -3924,7 +4025,7 @@
                 }
             ],
             "description": "Provides functionality to recursively process PHP variables",
-            "homepage": "http://www.github.com/sebastianbergmann/recursion-context",
+            "homepage": "https://github.com/sebastianbergmann/recursion-context",
             "time": "2016-11-19T07:33:16+00:00"
         },
         {
diff --git a/view/templates/head.tpl b/view/templates/head.tpl
index e02e4e4da2ede06fccbf8b67c0ab7c10b258c0f6..3d11f1ab8634b9550ef346fd0f72d110f46dc1bd 100644 (file)
--- a/view/templates/head.tpl
+++ b/view/templates/head.tpl
@@ -44,6 +44,7 @@
 <script type="text/javascript" src="view/asset/imagesloaded/imagesloaded.pkgd.min.js"></script>
 <script type="text/javascript" src="view/js/acl.js" ></script>
 <script type="text/javascript" src="view/asset/base64/base64.min.js" ></script>
+<script type="text/javascript" src="view/asset/dompurify/dist/purify.min.js"></script>
 <script type="text/javascript" src="view/js/main.js" ></script>
 <script>
 
diff --git a/view/theme/frio/js/hovercard.js b/view/theme/frio/js/hovercard.js
index c3396b7626aecc4eb2923d76d067008132066f48..4e6cc8f7bb56d45281f3427435e7f0dbd4e81f21 100644 (file)
--- a/view/theme/frio/js/hovercard.js
+++ b/view/theme/frio/js/hovercard.js
@@ -55,7 +55,7 @@ $(document).ready(function(){
                                        var hctrigger = 'manual';
                        };
 
-                       // Timeoute until the hover-card does appear
+                       // Timeout until the hover-card does appear
                        setTimeout(function(){
                                if(targetElement.is(":hover") && parseInt(targetElement.attr('data-awaiting-hover-card'),10) == timeNow) {
                                        if($('.hovercard').length == 0) {       // no card if there already is one open
@@ -81,6 +81,9 @@ $(document).ready(function(){
                                                                        template: '<div class="popover hovercard" data-card-created="' + timeNow + '"><div class="arrow"></div><div class="popover-content hovercard-content"></div></div>',
                                                                        content: data,
                                                                        container: "body",
+                                                                       sanitizeFn: function (content) {
+                                                                               return DOMPurify.sanitize(content)
+                                                                       },
                                                                }).popover('show');
                                                        }
                                                });
diff --git a/view/theme/frio/js/mod_events.js b/view/theme/frio/js/mod_events.js
index 9d10bbb8e7e25d16fb4a059c38c4e9f01f3df7d2..658987bdea236e28e80196ba36faff971768fc5b 100644 (file)
--- a/view/theme/frio/js/mod_events.js
+++ b/view/theme/frio/js/mod_events.js
@@ -82,6 +82,9 @@ $(document).ready(function() {
                                trigger: "hover",
                                placement: "auto",
                                template: '<div class="popover hovercard event-card"><div class="arrow"></div><div class="popover-content hovercard-content"></div></div>',
+                               sanitizeFn: function (content) {
+                                       return DOMPurify.sanitize(content)
+                               },
                        });
 
                }
diff --git a/view/theme/frio/js/theme.js b/view/theme/frio/js/theme.js
index d058cc4aa264e88812f48161b0fb6ff099f57a8f..594fa256346a96db8063cc5b5869c289a2020a2e 100644 (file)
--- a/view/theme/frio/js/theme.js
+++ b/view/theme/frio/js/theme.js
@@ -106,7 +106,10 @@ $(document).ready(function(){
                delay: {
                        show: 500,
                        hide: 100
-               }
+               },
+               sanitizeFn: function (content) {
+                       return DOMPurify.sanitize(content)
+               },
        });
 
        // initialize the bootstrap-select
diff --git a/view/theme/frio/templates/head.tpl b/view/theme/frio/templates/head.tpl
index b3c632b3d15ae6a3e02629dbc42842257a59bc13..97b150c1bdebe659b25754607ac918b5f53ec2ef 100644 (file)
--- a/view/theme/frio/templates/head.tpl
+++ b/view/theme/frio/templates/head.tpl
@@ -65,6 +65,7 @@
 <script type="text/javascript" src="view/asset/imagesloaded/imagesloaded.pkgd.min.js"></script>
 <script type="text/javascript" src="view/js/acl.js"></script>
 <script type="text/javascript" src="view/asset/base64/base64.min.js"></script>
+<script type="text/javascript" src="view/asset/dompurify/dist/purify.min.js"></script>
 <script type="text/javascript" src="view/js/main.js"></script>
 
 <script type="text/javascript" src="view/theme/frio/frameworks/bootstrap/js/bootstrap.min.js"></script>
Unnamed repository; edit this file 'description' to name the repository.