Changeset - dac0bff4d2a3
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Ross Thomas - 6 years ago 2020-02-07 22:55:27
ross@lns-nevasoft.com
follow: Fix args for $.post() call in toggleFollowingRepo()

Before, the resulting query string was _literally_ like:

?follows_repository_id=xxx&_session_csrf_secret_token=yyy

The server side stack ended up parsing it as:

>>> urllib.parse.parse_qsl("follows_repository_id=xxx&_session_csrf_secret_token=yyy", keep_blank_values=True)
[('follows_repository_id', 'xxx'), ('amp', ''), ('_session_csrf_secret_token', 'yyy')]

because the HTML encoding of & isn't relevant here and it thus looks like a
"matrix URL" (as drafted on https://www.w3.org/DesignIssues/MatrixURIs.html )
with the following values:

param: follows_repository_id = xxx
param: amp =
matrix: _session_csrf_secret_token = yyy

It thus ended up with the right values (if ignoring 'amp') and it thus worked
anyway.

Instead, clean it up and just pass a dict to jQuery.post as intended.
1 file changed with 4 insertions and 2 deletions:
kallithea/public/js/base.js
4
2
0 comments (0 inline, 0 general)
kallithea/public/js/base.js
Show inline comments
 
@@ -268,386 +268,388 @@ var pyroutes = (function() {
 
                    if (arg_names === 3) {
 
                        throw('[sprintf] mixing positional and named placeholders is not (yet) supported');
 
                    }
 
                    parse_tree.push(match);
 
                }
 
                else {
 
                    throw('[sprintf] huh?');
 
                }
 
                _fmt = _fmt.substring(match[0].length);
 
            }
 
            return parse_tree;
 
        };
 

			




	
	
	
		
 
        return str_format;

			




	
	
	
		
 
    })();

			




	
	
	
		
 

			




	
	
	
		
 
    var vsprintf = function(fmt, argv) {

			




	
	
	
		
 
        argv.unshift(fmt);

			




	
	
	
		
 
        return sprintf.apply(null, argv);

			




	
	
	
		
 
    };

			




	
	
	
		
 
    return {

			




	
	
	
		
 
        'url': function(route_name, params) {

			




	
	
	
		
 
            var result = route_name;

			




	
	
	
		
 
            if (typeof(params) != 'object'){

			




	
	
	
		
 
                params = {};

			




	
	
	
		
 
            }

			




	
	
	
		
 
            if (matchlist.hasOwnProperty(route_name)) {

			




	
	
	
		
 
                var route = matchlist[route_name];

			




	
	
	
		
 
                // param substitution

			




	
	
	
		
 
                for(var i=0; i < route[1].length; i++) {

			




	
	
	
		
 
                   if (!params.hasOwnProperty(route[1][i]))

			




	
	
	
		
 
                        throw new Error(route[1][i] + ' missing in "' + route_name + '" route generation');

			




	
	
	
		
 
                }

			




	
	
	
		
 
                result = sprintf(route[0], params);

			




	
	
	
		
 

			




	
	
	
		
 
                var ret = [];

			




	
	
	
		
 
                //extra params => GET

			




	
	
	
		
 
                for(var param in params){

			




	
	
	
		
 
                    if (route[1].indexOf(param) == -1){

			




	
	
	
		
 
                        ret.push(encodeURIComponent(param) + "=" + encodeURIComponent(params[param]));

			




	
	
	
		
 
                    }

			




	
	
	
		
 
                }

			




	
	
	
		
 
                var _parts = ret.join("&");

			




	
	
	
		
 
                if(_parts){

			




	
	
	
		
 
                    result = result +'?'+ _parts

			




	
	
	
		
 
                }

			




	
	
	
		
 
            }

			




	
	
	
		
 

			




	
	
	
		
 
            return result;

			




	
	
	
		
 
        },

			




	
	
	
		
 
        'register': function(route_name, route_tmpl, req_params) {

			




	
	
	
		
 
            if (typeof(req_params) != 'object') {

			




	
	
	
		
 
                req_params = [];

			




	
	
	
		
 
            }

			




	
	
	
		
 
            var keys = [];

			




	
	
	
		
 
            for (var i=0; i < req_params.length; i++) {

			




	
	
	
		
 
                keys.push(req_params[i]);

			




	
	
	
		
 
            }

			




	
	
	
		
 
            matchlist[route_name] = [

			




	
	
	
		
 
                unescape(route_tmpl),

			




	
	
	
		
 
                keys

			




	
	
	
		
 
            ]

			




	
	
	
		
 
        },

			




	
	
	
		
 
        '_routes': function(){

			




	
	
	
		
 
            return matchlist;

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
})();

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
/* Invoke all functions in callbacks */

			




	
	
	
		
 
var _run_callbacks = function(callbacks){

			




	
	
	
		
 
    if (callbacks !== undefined){

			




	
	
	
		
 
        var _l = callbacks.length;

			




	
	
	
		
 
        for (var i=0;i<_l;i++){

			




	
	
	
		
 
            var func = callbacks[i];

			




	
	
	
		
 
            if(typeof(func)=='function'){

			




	
	
	
		
 
                try{

			




	
	
	
		
 
                    func();

			




	
	
	
		
 
                }catch (err){};

			




	
	
	
		
 
            }

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * turns objects into GET query string

			




	
	
	
		
 
 */

			




	
	
	
		
 
var _toQueryString = function(o) {

			




	
	
	
		
 
    if(typeof o !== 'object') {

			




	
	
	
		
 
        return false;

			




	
	
	
		
 
    }

			




	
	
	
		
 
    var _p, _qs = [];

			




	
	
	
		
 
    for(_p in o) {

			




	
	
	
		
 
        _qs.push(encodeURIComponent(_p) + '=' + encodeURIComponent(o[_p]));

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return _qs.join('&');

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * Load HTML into DOM using Ajax

			




	
	
	
		
 
 *

			




	
	
	
		
 
 * @param $target: load html async and place it (or an error message) here

			




	
	
	
		
 
 * @param success: success callback function

			




	
	
	
		
 
 * @param args: query parameters to pass to url

			




	
	
	
		
 
 */

			




	
	
	
		
 
function asynchtml(url, $target, success, args){

			




	
	
	
		
 
    if(args===undefined){

			




	
	
	
		
 
        args=null;

			




	
	
	
		
 
    }

			




	
	
	
		
 
    $target.html(_TM['Loading ...']).css('opacity','0.3');

			




	
	
	
		
 

			




	
	
	
		
 
    return $.ajax({url: url, data: args, headers: {'X-PARTIAL-XHR': '1'}, cache: false, dataType: 'html'})

			




	
	
	
		
 
        .done(function(html) {

			




	
	
	
		
 
                $target.html(html);

			




	
	
	
		
 
                $target.css('opacity','1.0');

			




	
	
	
		
 
                //execute the given original callback

			




	
	
	
		
 
                if (success !== undefined && success) {

			




	
	
	
		
 
                    success();

			




	
	
	
		
 
                }

			




	
	
	
		
 
            })

			




	
	
	
		
 
        .fail(function(jqXHR, textStatus, errorThrown) {

			




	
	
	
		
 
                if (textStatus == "abort")

			




	
	
	
		
 
                    return;

			




	
	
	
		
 
                $target.html('<span class="bg-danger">ERROR: {0}</span>'.format(textStatus));

			




	
	
	
		
 
                $target.css('opacity','1.0');

			




	
	
	
		
 
            })

			




	
	
	
		
 
        ;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var ajaxGET = function(url, success, failure) {

			




	
	
	
		
 
    if(failure === undefined) {

			




	
	
	
		
 
        failure = function(jqXHR, textStatus, errorThrown) {

			




	
	
	
		
 
                if (textStatus != "abort")

			




	
	
	
		
 
                    alert("Ajax GET error: " + textStatus);

			




	
	
	
		
 
            };

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return $.ajax({url: url, headers: {'X-PARTIAL-XHR': '1'}, cache: false})

			




	
	
	
		
 
        .done(success)

			




	
	
	
		
 
        .fail(failure);

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var ajaxPOST = function(url, postData, success, failure) {

			




	
	
	
		
 
    postData['_session_csrf_secret_token'] = _session_csrf_secret_token;

			




	
	
	
		
 
    var postData = _toQueryString(postData);

			




	
	
	
		
 
    if(failure === undefined) {

			




	
	
	
		
 
        failure = function(jqXHR, textStatus, errorThrown) {

			




	
	
	
		
 
                if (textStatus != "abort")

			




	
	
	
		
 
                    alert("Error posting to server: " + textStatus);

			




	
	
	
		
 
            };

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return $.ajax({url: url, data: postData, type: 'POST', headers: {'X-PARTIAL-XHR': '1'}, cache: false})

			




	
	
	
		
 
        .done(success)

			




	
	
	
		
 
        .fail(failure);

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * activate .show_more links

			




	
	
	
		
 
 * the .show_more must have an id that is the the id of an element to hide prefixed with _

			




	
	
	
		
 
 * the parentnode will be displayed

			




	
	
	
		
 
 */

			




	
	
	
		
 
var show_more_event = function(){

			




	
	
	
		
 
    $('.show_more').click(function(e){

			




	
	
	
		
 
        var el = e.currentTarget;

			




	
	
	
		
 
        $('#' + el.id.substring(1)).hide();

			




	
	
	
		
 
        $(el.parentNode).show();

			




	
	
	
		
 
    });

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
var _onSuccessFollow = function(target){

			




	
	
	
		
 
    var $target = $(target);

			




	
	
	
		
 
    var $f_cnt = $('#current_followers_count');

			




	
	
	
		
 
    if ($target.hasClass('follow')) {

			




	
	
	
		
 
        $target.removeClass('follow').addClass('following');

			




	
	
	
		
 
        $target.prop('title', _TM['Stop following this repository']);

			




	
	
	
		
 
        if ($f_cnt.html()) {

			




	
	
	
		
 
            var cnt = Number($f_cnt.html())+1;

			




	
	
	
		
 
            $f_cnt.html(cnt);

			




	
	
	
		
 
        }

			




	
	
	
		
 
    } else {

			




	
	
	
		
 
        $target.removeClass('following').addClass('follow');

			




	
	
	
		
 
        $target.prop('title', _TM['Start following this repository']);

			




	
	
	
		
 
        if ($f_cnt.html()) {

			




	
	
	
		
 
            var cnt = Number($f_cnt.html())-1;

			




	
	
	
		
 
            $f_cnt.html(cnt);

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
var toggleFollowingRepo = function(target, follows_repository_id){

			




	
	
	
		
 
    var args = 'follows_repository_id=' + follows_repository_id;

			




	
	
	
		
 
    args += '&amp;_session_csrf_secret_token=' + _session_csrf_secret_token;

			




	
	
	
		
 
    var args = {

			




	
	
	
		
 
        'follows_repository_id': follows_repository_id,

			




	
	
	
		
 
        '_session_csrf_secret_token': _session_csrf_secret_token

			




	
	
	
		
 
    }

			




	
	
	
		
 
    $.post(TOGGLE_FOLLOW_URL, args, function(data){

			




	
	
	
		
 
            _onSuccessFollow(target);

			




	
	
	
		
 
        });

			




	
	
	
		
 
    return false;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var showRepoSize = function(target, repo_name){

			




	
	
	
		
 
    var args = '_session_csrf_secret_token=' + _session_csrf_secret_token;

			




	
	
	
		
 

			




	
	
	
		
 
    if(!$("#" + target).hasClass('loaded')){

			




	
	
	
		
 
        $("#" + target).html(_TM['Loading ...']);

			




	
	
	
		
 
        var url = pyroutes.url('repo_size', {"repo_name":repo_name});

			




	
	
	
		
 
        $.post(url, args, function(data) {

			




	
	
	
		
 
            $("#" + target).html(data);

			




	
	
	
		
 
            $("#" + target).addClass('loaded');

			




	
	
	
		
 
        });

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return false;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * load tooltips dynamically based on data attributes, used for .lazy-cs changeset links

			




	
	
	
		
 
 */

			




	
	
	
		
 
var get_changeset_tooltip = function() {

			




	
	
	
		
 
    var $target = $(this);

			




	
	
	
		
 
    var tooltip = $target.data('tooltip');

			




	
	
	
		
 
    if (!tooltip) {

			




	
	
	
		
 
        var raw_id = $target.data('raw_id');

			




	
	
	
		
 
        var repo_name = $target.data('repo_name');

			




	
	
	
		
 
        var url = pyroutes.url('changeset_info', {"repo_name": repo_name, "revision": raw_id});

			




	
	
	
		
 

			




	
	
	
		
 
        $.ajax(url, {

			




	
	
	
		
 
            async: false,

			




	
	
	
		
 
            success: function(data) {

			




	
	
	
		
 
                tooltip = data["message"];

			




	
	
	
		
 
            }

			




	
	
	
		
 
        });

			




	
	
	
		
 
        $target.data('tooltip', tooltip);

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return tooltip;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * activate tooltips and popups

			




	
	
	
		
 
 */

			




	
	
	
		
 
var tooltip_activate = function(){

			




	
	
	
		
 
    function placement(p, e){

			




	
	
	
		
 
        if(e.getBoundingClientRect().top > 2*$(window).height()/3){

			




	
	
	
		
 
            return 'top';

			




	
	
	
		
 
        }else{

			




	
	
	
		
 
            return 'bottom';

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
    $(document).ready(function(){

			




	
	
	
		
 
        $('[data-toggle="tooltip"]').tooltip({

			




	
	
	
		
 
            container: 'body',

			




	
	
	
		
 
            placement: placement

			




	
	
	
		
 
        });

			




	
	
	
		
 
        $('[data-toggle="popover"]').popover({

			




	
	
	
		
 
            html: true,

			




	
	
	
		
 
            container: 'body',

			




	
	
	
		
 
            placement: placement,

			




	
	
	
		
 
            trigger: 'hover',

			




	
	
	
		
 
            template: '<div class="popover cs-popover" role="tooltip"><div class="arrow"></div><h3 class="popover-title"></h3><div class="popover-content"></div></div>'

			




	
	
	
		
 
        });

			




	
	
	
		
 
        $('.lazy-cs').tooltip({

			




	
	
	
		
 
            title: get_changeset_tooltip,

			




	
	
	
		
 
            placement: placement

			




	
	
	
		
 
        });

			




	
	
	
		
 
    });

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * Quick filter widget

			




	
	
	
		
 
 *

			




	
	
	
		
 
 * @param target: filter input target

			




	
	
	
		
 
 * @param nodes: list of nodes in html we want to filter.

			




	
	
	
		
 
 * @param display_element function that takes current node from nodes and

			




	
	
	
		
 
 *    does hide or show based on the node

			




	
	
	
		
 
 */

			




	
	
	
		
 
var q_filter = (function() {

			




	
	
	
		
 
    var _namespace = {};

			




	
	
	
		
 
    var namespace = function (target) {

			




	
	
	
		
 
        if (!(target in _namespace)) {

			




	
	
	
		
 
            _namespace[target] = {};

			




	
	
	
		
 
        }

			




	
	
	
		
 
        return _namespace[target];

			




	
	
	
		
 
    };

			




	
	
	
		
 
    return function (target, $nodes, display_element) {

			




	
	
	
		
 
        var $nodes = $nodes;

			




	
	
	
		
 
        var $q_filter_field = $('#' + target);

			




	
	
	
		
 
        var F = namespace(target);

			




	
	
	
		
 

			




	
	
	
		
 
        $q_filter_field.keyup(function (e) {

			




	
	
	
		
 
            clearTimeout(F.filterTimeout);

			




	
	
	
		
 
            F.filterTimeout = setTimeout(F.updateFilter, 600);

			




	
	
	
		
 
        });

			




	
	
	
		
 

			




	
	
	
		
 
        F.filterTimeout = null;

			




	
	
	
		
 

			




	
	
	
		
 
        F.updateFilter = function () {

			




	
	
	
		
 
            // Reset timeout

			




	
	
	
		
 
            F.filterTimeout = null;

			




	
	
	
		
 

			




	
	
	
		
 
            var obsolete = [];

			




	
	
	
		
 

			




	
	
	
		
 
            var req = $q_filter_field.val().toLowerCase();

			




	
	
	
		
 

			




	
	
	
		
 
            var showing = 0;

			




	
	
	
		
 
            $nodes.each(function () {

			




	
	
	
		
 
                var n = this;

			




	
	
	
		
 
                var target_element = display_element(n);

			




	
	
	
		
 
                if (req && n.innerHTML.toLowerCase().indexOf(req) == -1) {

			




	
	
	
		
 
                    $(target_element).hide();

			




	
	
	
		
 
                }

			




	
	
	
		
 
                else {

			




	
	
	
		
 
                    $(target_element).show();

			




	
	
	
		
 
                    showing += 1;

			




	
	
	
		
 
                }

			




	
	
	
		
 
            });

			




	
	
	
		
 

			




	
	
	
		
 
            $('#repo_count').html(showing);

			




	
	
	
		
 
            /* FIXME: don't hardcode */

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
})();

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * Comment handling

			




	
	
	
		
 
 */

			




	
	
	
		
 

			




	
	
	
		
 
// move comments to their right location, inside new trs

			




	
	
	
		
 
function move_comments($anchorcomments) {

			




	
	
	
		
 
    $anchorcomments.each(function(i, anchorcomment) {

			




	
	
	
		
 
        var $anchorcomment = $(anchorcomment);

			




	
	
	
		
 
        var target_id = $anchorcomment.data('target-id');

			




	
	
	
		
 
        var $comment_div = _get_add_comment_div(target_id);

			




	
	
	
		
 
        var f_path = $anchorcomment.data('f_path');

			




	
	
	
		
 
        var line_no = $anchorcomment.data('line_no');

			




	
	
	
		
 
        if ($comment_div[0]) {

			




	
	
	
		
 
            $comment_div.append($anchorcomment.children());

			




	
	
	
		
 
            if (f_path && line_no) {

			




	
	
	
		
 
                _comment_div_append_add($comment_div, f_path, line_no);

			




	
	
	
		
 
            } else {

			




	
	
	
		
 
                _comment_div_append_form($comment_div, f_path, line_no);

			




	
	
	
		
 
            }

			




	
	
	
		
 
        } else {

			




	
	
	
		
 
            $anchorcomment.before("<span class='bg-warning'>Comment to {0} line {1} which is outside the diff context:</span>".format(f_path || '?', line_no || '?'));

			




	
	
	
		
 
        }

			




	
	
	
		
 
    });

			




	
	
	
		
 
    linkInlineComments($('.firstlink'), $('.comment:first-child'));

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
// comment bubble was clicked - insert new tr and show form

			




	
	
	
		
 
function show_comment_form($bubble) {

			




	
	
	
		
 
    var children = $bubble.closest('tr.line').children('[id]');

			




	
	
	
		
 
    var line_td_id = children[children.length - 1].id;

			




	
	
	
		
 
    var $comment_div = _get_add_comment_div(line_td_id);

			




	
	
	
		
 
    var f_path = $bubble.closest('[data-f_path]').data('f_path');

			




	
	
	
		
 
    var parts = line_td_id.split('_');

			




	
	
	
		
 
    var line_no = parts[parts.length-1];

			




	
	
	
		
 
    comment_div_state($comment_div, f_path, line_no, true);

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
// return comment div for target_id - add it if it doesn't exist yet

			




	
	
	
		
 
function _get_add_comment_div(target_id) {

			




	
	
	
		
 
    var comments_box_id = 'comments-' + target_id;

			




	
	
	
		
 
    var $comments_box = $('#' + comments_box_id);

			




	
	
	
		
 
    if (!$comments_box.length) {

			




	
	
	
		
 
        var html = '<tr><td id="{0}" colspan="3" class="inline-comments"></td></tr>'.format(comments_box_id);

			




	
	
	
		
 
        $('#' + target_id).closest('tr').after(html);

			




	
	
	
		
 
        $comments_box = $('#' + comments_box_id);

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return $comments_box;

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
// Set $comment_div state - showing or not showing form and Add button.

			




	
	
	
		
 
// An Add button is shown on non-empty forms when no form is shown.

			




	
	
	
		
 
// The form is controlled by show_form_opt - if undefined, form is only shown for general comments.

			




	
	
	
		
 
function comment_div_state($comment_div, f_path, line_no, show_form_opt) {

			




	
	
	
		
 
    var show_form = show_form_opt !== undefined ? show_form_opt : !f_path && !line_no;

			




	
	
	
		
 
    var $forms = $comment_div.children('.comment-inline-form');

			




	
	
	
		
 
    var $buttonrow = $comment_div.children('.add-button-row');

			




	
	
	
		
 
    var $comments = $comment_div.children('.comment:not(.submitting)');

			




	
	
	
		
 
    $forms.remove();

			




	
	
	
		
 
    $buttonrow.remove();

			




	
	
	
		
 
    if (show_form) {

			




	
	
	
		
 
        _comment_div_append_form($comment_div, f_path, line_no);

			




	
	
	
		
 
    } else if ($comments.length) {

			




	
	
	
		
 
        _comment_div_append_add($comment_div, f_path, line_no);

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.