Changeset - dac0bff4d2a3
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Ross Thomas - 6 years ago 2020-02-07 22:55:27
ross@lns-nevasoft.com
follow: Fix args for $.post() call in toggleFollowingRepo()

Before, the resulting query string was _literally_ like:

?follows_repository_id=xxx&_session_csrf_secret_token=yyy

The server side stack ended up parsing it as:

>>> urllib.parse.parse_qsl("follows_repository_id=xxx&_session_csrf_secret_token=yyy", keep_blank_values=True)
[('follows_repository_id', 'xxx'), ('amp', ''), ('_session_csrf_secret_token', 'yyy')]

because the HTML encoding of & isn't relevant here and it thus looks like a
"matrix URL" (as drafted on https://www.w3.org/DesignIssues/MatrixURIs.html )
with the following values:

param: follows_repository_id = xxx
param: amp =
matrix: _session_csrf_secret_token = yyy

It thus ended up with the right values (if ignoring 'amp') and it thus worked
anyway.

Instead, clean it up and just pass a dict to jQuery.post as intended.
1 file changed with 4 insertions and 2 deletions:
kallithea/public/js/base.js
4
2
0 comments (0 inline, 0 general)
kallithea/public/js/base.js
Show inline comments
 
@@ -448,26 +448,28 @@ var _onSuccessFollow = function(target){
 
        }
 
    } else {
 
        $target.removeClass('following').addClass('follow');
 
        $target.prop('title', _TM['Start following this repository']);
 
        if ($f_cnt.html()) {
 
            var cnt = Number($f_cnt.html())-1;
 
            $f_cnt.html(cnt);
 
        }
 
    }
 
}
 

			




	
	
	
		
 
var toggleFollowingRepo = function(target, follows_repository_id){

			




	
	
	
		
 
    var args = 'follows_repository_id=' + follows_repository_id;

			




	
	
	
		
 
    args += '&_session_csrf_secret_token=' + _session_csrf_secret_token;

			




	
	
	
		
 
    var args = {

			




	
	
	
		
 
        'follows_repository_id': follows_repository_id,

			




	
	
	
		
 
        '_session_csrf_secret_token': _session_csrf_secret_token

			




	
	
	
		
 
    }

			




	
	
	
		
 
    $.post(TOGGLE_FOLLOW_URL, args, function(data){

			




	
	
	
		
 
            _onSuccessFollow(target);

			




	
	
	
		
 
        });

			




	
	
	
		
 
    return false;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var showRepoSize = function(target, repo_name){

			




	
	
	
		
 
    var args = '_session_csrf_secret_token=' + _session_csrf_secret_token;

			




	
	
	
		
 

			




	
	
	
		
 
    if(!$("#" + target).hasClass('loaded')){

			




	
	
	
		
 
        $("#" + target).html(_TM['Loading ...']);

			




	
	
	
		
 
        var url = pyroutes.url('repo_size', {"repo_name":repo_name});

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.