diff options
| author | John Christopher Anderson <jchris@apache.org> | 2010-06-24 16:53:43 +0000 |
|---|---|---|
| committer | John Christopher Anderson <jchris@apache.org> | 2010-06-24 16:53:43 +0000 |
| commit | ead517e9c72a264e048f086999b16d4cfd801da2 (patch) | |
| tree | ae17131d082edd5b4d58c5fb8fe3d29be3301037 /share/www | |
| parent | 9a8c496a787bdef6eb0af2ded243d2bb209503d5 (diff) | |
proper docid escaping in Futon view display, thanks Paul Bonser. Closes COUCHDB-748
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@957622 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'share/www')
| -rw-r--r-- | share/www/script/futon.browse.js | 8 | ||||
| -rw-r--r-- | share/www/script/futon.format.js | 17 |
2 files changed, 12 insertions, 13 deletions
diff --git a/share/www/script/futon.browse.js b/share/www/script/futon.browse.js index 83f29033..354a6a60 100644 --- a/share/www/script/futon.browse.js +++ b/share/www/script/futon.browse.js @@ -152,7 +152,7 @@ page.viewName.indexOf("/_view")); db.compactView(groupname, {success: function(resp) { callback() }}); break; - case "view_cleanup": + case "view_cleanup": db.viewCleanup({success: function(resp) { callback() }}); break; } @@ -178,7 +178,7 @@ } }); } - + this.databaseSecurity = function() { $.showDialog("dialog/_database_security.html", { load : function(d) { @@ -672,7 +672,7 @@ if (row.id) { $("<td class='key'><a href='document.html?" + encodeURIComponent(db.name) + "/" + $.couch.encodeDocId(row.id) + "'><strong></strong><br>" + - "<span class='docid'>ID: " + row.id + "</span></a></td>") + "<span class='docid'>ID: " + $.futon.escape(row.id) + "</span></a></td>") .find("strong").text(key).end() .appendTo(tr); } else { @@ -851,7 +851,7 @@ return true; } catch (err) { var msg = err.message; - if (msg == "parseJSON" || msg == "JSON.parse") { + if (msg == "parseJSON" || msg == "JSON.parse") { msg = "There is a syntax error in the document."; } $("<div class='error'></div>").text(msg).appendTo(this); diff --git a/share/www/script/futon.format.js b/share/www/script/futon.format.js index e2eb0593..0d536e36 100644 --- a/share/www/script/futon.format.js +++ b/share/www/script/futon.format.js @@ -13,6 +13,11 @@ (function($) { $.futon = $.futon || {}; $.extend($.futon, { + escape: function(string) { + return string.replace(/&/g, "&") + .replace(/</g, "<") + .replace(/>/g, ">"); + }, // JSON pretty printing formatJSON: function(val, options) { @@ -24,12 +29,6 @@ }, options || {}); var itemsep = options.linesep.length ? "," + options.linesep : ", "; - function escape(string) { - return string.replace(/&/g, "&") - .replace(/</g, "<") - .replace(/>/g, ">"); - } - function format(val, depth) { var tab = []; for (var i = 0; i < options.indent * depth; i++) tab.push(""); @@ -45,7 +44,7 @@ retval = indentLines(retval.replace(/\r\n/g, "\n"), tab.substr(options.indent)); } else { if (options.html) { - retval = escape(JSON.stringify(val)); + retval = $.futon.escape(JSON.stringify(val)); } else { retval = JSON.stringify(val); } @@ -92,7 +91,7 @@ if (options.quoteKeys) { keyDisplay = keyDisplay.substr(1, keyDisplay.length - 2); } - keyDisplay = "<code class='key'>" + escape(keyDisplay) + "</code>"; + keyDisplay = "<code class='key'>" + $.futon.escape(keyDisplay) + "</code>"; if (options.quoteKeys) { keyDisplay = '"' + keyDisplay + '"'; } @@ -118,7 +117,7 @@ function indentLines(text, tab) { var lines = text.split("\n"); for (var i in lines) { - lines[i] = (i > 0 ? tab : "") + escape(lines[i]); + lines[i] = (i > 0 ? tab : "") + $.futon.escape(lines[i]); } return lines.join("<br>"); } |