kallithea Changeset - 763dc7a96bae

Changeset - 763dc7a96bae

Parent rev.

Child rev.

[Not reviewed]

stable

0 1 0

Mads Kiilerich - 10 years ago 2015-07-20 15:07:23
madski@unity3d.com

gists: pass CSRF token when editing gists

check_revision was failing.

1 file changed with 1 insertions and 1 deletions:

kallithea/templates/admin/gists/edit.html

0 comments (0 inline, 0 general)

kallithea/templates/admin/gists/edit.html

➞

Show inline comments

@@ @@ -60,115 +60,115 @@ @@
                      %if c.gist.gist_expires == -1:
                       ${_('Expires')}: ${_('never')}
                      %else:
                       ${_('Expires')}: ${h.age(h.time_to_datetime(c.gist.gist_expires))}
                      %endif
                    </span>
                 </div>
             </div>
             % for cnt, file in enumerate(c.files):
                 <div id="body" class="codeblock" style="margin-bottom: 4px">
                     <div style="padding: 10px 10px 10px 26px;color:#666666">
                         <input type="hidden" value="${file.path}" name="org_files">
                         <input id="filename_${h.FID('f',file.path)}" name="files" size="30" type="text" value="${file.path}">
                         <select id="mimetype_${h.FID('f',file.path)}" name="mimetypes"/>
                     </div>
                     <div class="editor_container">
                         <pre id="editor_pre"></pre>
                         <textarea id="editor_${h.FID('f',file.path)}" name="contents" style="display:none">${file.content}</textarea>
                     </div>
                 </div>
                 ## dynamic edit box.
                 <script type="text/javascript">
                 var myCodeMirror = initCodeMirror("editor_${h.FID('f',file.path)}", '');
                 //inject new modes
                 var $modes_select = $('#mimetype_${h.FID('f',file.path)}');
                 $modes_select.each(function(){
                     var modes_select = this;
                     var index = 1;
                     for(var i=0;i<CodeMirror.modeInfo.length;i++) {
                         var m = CodeMirror.modeInfo[i];
                         var opt = new Option(m.name, m.mime);
                         $(opt).attr('mode', m.mode);
                         if (m.mime == 'text/plain') {
                             // default plain text
                             $(opt).attr('selected', 'selected');
                             modes_select.options[0] = opt;
                         } else {
                             modes_select.options[index++] = opt;
+                        }
+                    }
                 });
                 var $filename = $('#filename_${h.FID('f',file.path)}');
                 // on select change set new mode
                 $modes_select.change(function(e){
                     var selected = e.currentTarget;
                     var node = selected.options[selected.selectedIndex];
                     var detected_mode = CodeMirror.findModeByMIME(node.value);
                     setCodeMirrorMode(myCodeMirror, detected_mode);
                     var proposed_ext = CodeMirror.findExtensionByMode(detected_mode);
                     var file_data = CodeMirror.getFilenameAndExt($filename.val());
                     var filename = file_data['filename'] || 'filename1';
                     $filename.val(filename + '.' + proposed_ext);
                 });
                 // on type the new filename set mode
                 $filename.keyup(function(e){
                     var file_data = CodeMirror.getFilenameAndExt(this.value);
                     if(file_data['ext'] != null){
                         var detected_mode = CodeMirror.findModeByExtension(file_data['ext']) || CodeMirror.findModeByMIME('text/plain');
                         if (detected_mode){
                             setCodeMirrorMode(myCodeMirror, detected_mode);
                             $modes_select.val(detected_mode.mime);
+                        }
+                    }
                 });
                 // set mode on page load
                 var detected_mode = CodeMirror.findModeByExtension("${file.extension}");
                 if (detected_mode){
                     setCodeMirrorMode(myCodeMirror, detected_mode);
                     $modes_select.val(detected_mode.mime);
+                }
                 </script>
             %endfor
             <div style="padding-top: 5px">
             ${h.submit('update',_('Update Gist'),class_="btn btn-mini btn-success")}
             <a class="btn btn-mini" href="${h.url('gist', gist_id=c.gist.gist_access_id)}">${_('Cancel')}</a>
             </div>
           ${h.end_form()}
           <script>
               $('#update').on('click', function(e){
                   e.preventDefault();
                   // check for newer version.
                   $.ajax({
                     url: "${h.url('edit_gist_check_revision', gist_id=c.gist.gist_access_id)}",
                     data: {'revision': '${c.file_changeset.raw_id}'},
+                    data: {'revision': '${c.file_changeset.raw_id}', '_authentication_token': _authentication_token},
                     dataType: 'json',
                     type: 'POST',
                     success: function(data) {
                       if(data.success == false){
                           $('#edit_error').show();
+                      }
                       else{
                         $('#eform').submit();
+                      }
+                    }
                   })
               });
           </script>
         </div>
     </div>
 </div>
 </%def>

0 comments (0 inline, 0 general)