mirror of
https://github.com/joomla-extensions/patchtester.git
synced 2024-12-22 19:09:00 +00:00
Merge pull request #364 from dgrammatiko/patch-1
Drop jQuery, fix a number of XSS
This commit is contained in:
commit
6501996b6d
@ -10,14 +10,18 @@
|
|||||||
use Joomla\CMS\Factory;
|
use Joomla\CMS\Factory;
|
||||||
use Joomla\CMS\HTML\HTMLHelper;
|
use Joomla\CMS\HTML\HTMLHelper;
|
||||||
use Joomla\CMS\Language\Text;
|
use Joomla\CMS\Language\Text;
|
||||||
|
use Joomla\CMS\WebAsset\WebAssetManager;
|
||||||
|
|
||||||
// phpcs:disable PSR1.Files.SideEffects
|
// phpcs:disable PSR1.Files.SideEffects
|
||||||
\defined('_JEXEC') or die;
|
\defined('_JEXEC') or die;
|
||||||
// phpcs:enable PSR1.Files.SideEffects
|
// phpcs:enable PSR1.Files.SideEffects
|
||||||
|
|
||||||
HTMLHelper::_('jquery.framework');
|
/** @var WebAssetManager $wa */
|
||||||
|
$wa = $this->document->getWebAssetManager();
|
||||||
|
$wa->useScript('com_patchtester.admin-fetcher-modal');
|
||||||
|
|
||||||
HTMLHelper::_('behavior.core');
|
HTMLHelper::_('behavior.core');
|
||||||
HTMLHelper::_('script', 'com_patchtester/fetcher.js', ['version' => 'auto', 'relative' => true]);
|
//HTMLHelper::_('script', 'com_patchtester/fetcher.js', ['version' => 'auto', 'relative' => true]);
|
||||||
Text::script('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED');
|
Text::script('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED');
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
@ -11,15 +11,17 @@ use Joomla\CMS\HTML\HTMLHelper;
|
|||||||
use Joomla\CMS\Language\Text;
|
use Joomla\CMS\Language\Text;
|
||||||
use Joomla\CMS\Layout\LayoutHelper;
|
use Joomla\CMS\Layout\LayoutHelper;
|
||||||
use Joomla\CMS\Router\Route;
|
use Joomla\CMS\Router\Route;
|
||||||
|
use Joomla\CMS\WebAsset\WebAssetManager;
|
||||||
|
|
||||||
// phpcs:disable PSR1.Files.SideEffects
|
// phpcs:disable PSR1.Files.SideEffects
|
||||||
\defined('_JEXEC') or die;
|
\defined('_JEXEC') or die;
|
||||||
// phpcs:enable PSR1.Files.SideEffects
|
// phpcs:enable PSR1.Files.SideEffects
|
||||||
|
|
||||||
/** @var \Joomla\Component\Patchtester\Administrator\View\Pulls\PullsHtmlView $this */
|
/** @var \Joomla\Component\Patchtester\Administrator\View\Pulls\HtmlView $this */
|
||||||
|
|
||||||
HTMLHelper::_('stylesheet', 'com_patchtester/octicons.css', ['version' => '3.5.0', 'relative' => true]);
|
/** @var WebAssetManager $wa */
|
||||||
HTMLHelper::_('script', 'com_patchtester/patchtester.js', ['version' => 'auto', 'relative' => true]);
|
$wa = $this->document->getWebAssetManager();
|
||||||
|
$wa->usePreset('com_patchtester.patchtester');
|
||||||
|
|
||||||
$listOrder = $this->escape($this->state->get('list.ordering'));
|
$listOrder = $this->escape($this->state->get('list.ordering'));
|
||||||
$listDirn = $this->escape($this->state->get('list.direction'));
|
$listDirn = $this->escape($this->state->get('list.direction'));
|
||||||
|
40
media/com_patchtester/joomla.asset.json
Normal file
40
media/com_patchtester/joomla.asset.json
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{
|
||||||
|
"$schema": "https://developer.joomla.org/schemas/json-schema/web_assets.json",
|
||||||
|
"name": "com_patchtester",
|
||||||
|
"version": "4.3.2",
|
||||||
|
"description": "Joomla CMS",
|
||||||
|
"license": "GPL-2.0-or-later",
|
||||||
|
"assets": [
|
||||||
|
{
|
||||||
|
"name": "com_patchtester.admin-fetcher-modal",
|
||||||
|
"type": "script",
|
||||||
|
"uri": "com_patchtester/fetcher.js",
|
||||||
|
"attributes": {
|
||||||
|
"type": "module",
|
||||||
|
"defer": true
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "com_patchtester.patchtester",
|
||||||
|
"type": "script",
|
||||||
|
"uri": "com_patchtester/patchtester.js",
|
||||||
|
"attributes": {
|
||||||
|
"type": "module",
|
||||||
|
"defer": true
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "com_patchtester.octicons",
|
||||||
|
"type": "style",
|
||||||
|
"uri": "com_patchtester/octicons.css"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "com_patchtester.patchtester",
|
||||||
|
"type": "preset",
|
||||||
|
"dependencies": [
|
||||||
|
"com_patchtester.patchtester#script",
|
||||||
|
"com_patchtester.octicons#style"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
@ -1,134 +1,110 @@
|
|||||||
/**
|
/**
|
||||||
* Patch testing component for the Joomla! CMS
|
* Patch testing component for the Joomla! CMS
|
||||||
*
|
*
|
||||||
* @copyright Copyright (C) 2011 - 2012 Ian MacLennan, Copyright (C) 2013 - 2018 Open Source Matters, Inc. All rights reserved.
|
* @copyright Copyright (C) 2023 Open Source Matters, Inc. All rights reserved.
|
||||||
* @license GNU General Public License version 2 or later
|
* @license GNU General Public License version 2 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (typeof jQuery === 'undefined') {
|
|
||||||
throw new Error('PatchFetcher JavaScript requires jQuery')
|
|
||||||
}
|
|
||||||
|
|
||||||
if (typeof Joomla === 'undefined') {
|
if (typeof Joomla === 'undefined') {
|
||||||
throw new Error('PatchFetcher JavaScript requires the Joomla core JavaScript API')
|
throw new Error('PatchFetcher JavaScript requires the Joomla core JavaScript API')
|
||||||
}
|
}
|
||||||
|
|
||||||
!function (jQuery, Joomla, window) {
|
const defaultSettings = {
|
||||||
'use strict';
|
progress: null,
|
||||||
|
lastPage: null,
|
||||||
|
baseURL: `${Joomla.getOptions('system.paths').baseFull}index.php?option=com_patchtester&tmpl=component&format=json`,
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
class PatchFetcher {
|
||||||
* Initialize the PatchFetcher object
|
constructor(settings = defaultSettings) {
|
||||||
*
|
this.url = new URL(settings.baseURL);
|
||||||
* @constructor
|
this.progress = settings.progress;
|
||||||
*/
|
this.lastPage = settings.lastPage;
|
||||||
var PatchFetcher = function () {
|
|
||||||
var offset = null,
|
|
||||||
progress = null,
|
|
||||||
path = 'index.php?option=com_patchtester&tmpl=component&format=json',
|
|
||||||
lastPage = null,
|
|
||||||
progressBar = jQuery('#progress-bar');
|
|
||||||
|
|
||||||
var initialize = function () {
|
this.progressBar = document.getElementById('progress-bar');
|
||||||
offset = 0;
|
this.url.searchParams.append(document.getElementById('patchtester-token').getAttribute('name'), 1);
|
||||||
progress = 0;
|
|
||||||
path = path + '&' + jQuery('#patchtester-token').attr('name') + '=1';
|
|
||||||
|
|
||||||
getRequest('startfetch');
|
this.request('startfetch');
|
||||||
};
|
}
|
||||||
|
|
||||||
var getRequest = function (task) {
|
request(task) {
|
||||||
jQuery.ajax({
|
this.url.searchParams.append('task', `${task}.${task}`);
|
||||||
type: 'GET',
|
|
||||||
url: path,
|
Joomla.request({
|
||||||
data: `task=${task}.${task}`,
|
url: this.url.toString(),
|
||||||
dataType: 'json',
|
method: 'GET',
|
||||||
success: function (response, textStatus, xhr) {
|
headers: { 'Content-Type': 'application/json' },
|
||||||
|
perform: true,
|
||||||
|
onSuccess: (response) => {
|
||||||
|
response = JSON.parse(response)
|
||||||
try {
|
try {
|
||||||
if (response === null) {
|
if (response === null || response.error || response.success === false) {
|
||||||
throw textStatus;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (response.error) {
|
|
||||||
throw response;
|
throw response;
|
||||||
}
|
}
|
||||||
|
// {"success":true,"message":"Processing page 1 of GitHub data","messages":null,"data":{"complete":false,"header":"Processing data from GitHub"}}
|
||||||
if (response.success === false) {
|
|
||||||
throw response;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Store the last page if it is part of this request and not a boolean false
|
// Store the last page if it is part of this request and not a boolean false
|
||||||
if (typeof response.data.lastPage !== 'undefined' && response.data.lastPage !== false) {
|
if (typeof response.data.lastPage !== 'undefined' && response.data.lastPage !== false) {
|
||||||
lastPage = response.data.lastPage;
|
this.lastPage = response.data.lastPage;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Update the progress bar if we have the data to do so
|
// Update the progress bar if we have the data to do so
|
||||||
if (typeof response.data.page !== 'undefined') {
|
if (typeof response.data.page !== 'undefined') {
|
||||||
progress = (response.data.page / lastPage) * 100;
|
this.progress = (response.data.page / this.lastPage) * 100;
|
||||||
|
|
||||||
if (progress < 100) {
|
if (this.progress < 100) {
|
||||||
progressBar.css('width', progress + '%').attr('aria-valuenow', progress);
|
this.progressBar.style.width = `${this.progress}%`;
|
||||||
|
this.progressBar.setAttribute('aria-valuenow', this.progress);
|
||||||
} else {
|
} else {
|
||||||
// Both BS2 and BS4 classes are targeted to keep this script simple
|
// Both BS2 and BS4 classes are targeted to keep this script simple
|
||||||
progressBar
|
this.progressBar.classList.remove(['bar-success', 'bg-success']);
|
||||||
.removeClass('bar-success bg-success')
|
this.progressBar.classList.remove(['bar-warning', 'bg-warning']);
|
||||||
.addClass('bar-warning bg-warning')
|
this.progressBar.style.width = `${this.progress}%`;
|
||||||
.css('width', progress + '%')
|
this.progressBar.setAttribute('aria-valuemin', 100);
|
||||||
.attr('aria-valuemin', 100)
|
this.progressBar.setAttribute('aria-valuemax', 200);
|
||||||
.attr('aria-valuemax', 200)
|
this.progressBar.setAttribute('aria-valuenow', this.progress);
|
||||||
.attr('aria-valuenow', progress);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
jQuery('#patchtester-progress-message').html(response.message);
|
document.getElementById('patchtester-progress-message').innerHTML = Joomla.sanitizeHtml(response.message);
|
||||||
|
|
||||||
if (response.data.header) {
|
if (response.data.header) {
|
||||||
jQuery('#patchtester-progress-header').html(response.data.header);
|
document.getElementById('patchtester-progress-header').innerHTML = Joomla.sanitizeHtml(response.data.header);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!response.data.complete) {
|
if (!response.data.complete) {
|
||||||
// Send another request
|
this.url.searchParams.append(document.querySelector('#patchtester-token').getAttribute('name'), 1);
|
||||||
getRequest('fetch');
|
this.url.searchParams.append('task', `${task}.${task}`);
|
||||||
|
this.request('fetch');
|
||||||
} else {
|
} else {
|
||||||
jQuery('#progress').remove();
|
document.getElementById('progress').remove();
|
||||||
jQuery('#modal-sync button.btn-close', window.parent.document).trigger('click');
|
window.parent.document.querySelector('#modal-sync button.btn-close').click();
|
||||||
}
|
}
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
try {
|
try {
|
||||||
if (response.error || response.success === false) {
|
if (response.error || response.success === false) {
|
||||||
jQuery('#patchtester-progress-header').text(Joomla.JText._('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED'));
|
document.getElementById('patchtester-progress-header').innerText(Joomla.JText._('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED'));
|
||||||
jQuery('#patchtester-progress-message').html(response.message);
|
document.getElementById('patchtester-progress-message').innerHTML = Joomla.sanitizeHtml(response.message);
|
||||||
}
|
}
|
||||||
} catch (ignore) {
|
} catch (ignore) {
|
||||||
if (error === '') {
|
if (error === '') {
|
||||||
error = Joomla.JText._('COM_PATCHTESTER_NO_ERROR_RETURNED');
|
error = Joomla.JText._('COM_PATCHTESTER_NO_ERROR_RETURNED');
|
||||||
}
|
}
|
||||||
|
|
||||||
jQuery('#patchtester-progress-header').text(Joomla.JText._('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED'));
|
document.getElementById('patchtester-progress-header').innerText(Joomla.JText._('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED'));
|
||||||
jQuery('#patchtester-progress-message').html(error);
|
document.getElementById('patchtester-progress-message').innerHTML = Joomla.sanitizeHtml(error);
|
||||||
jQuery('#progress').remove();
|
document.getElementById('progress').remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
},
|
},
|
||||||
error: function (jqXHR, textStatus, errorThrown) {
|
onError: (jqXHR) => {
|
||||||
var json = (typeof jqXHR === 'object' && jqXHR.responseText) ? jqXHR.responseText : null;
|
const json = (typeof jqXHR === 'object' && jqXHR.responseText) ? jqXHR.responseText : null;
|
||||||
jQuery('#patchtester-progress-header').text(Joomla.JText._('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED'));
|
document.getElementById('patchtester-progress-header').innerText(Joomla.JText._('COM_PATCHTESTER_FETCH_AN_ERROR_HAS_OCCURRED'));
|
||||||
jQuery('#patchtester-progress-message').html(json);
|
document.getElementById('patchtester-progress-message').innerHTML = Joomla.sanitizeHtml(json);
|
||||||
jQuery('#progress').remove();
|
document.getElementById('progress').remove();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
};
|
|
||||||
|
|
||||||
initialize();
|
|
||||||
};
|
|
||||||
|
|
||||||
jQuery(function () {
|
|
||||||
new PatchFetcher();
|
|
||||||
|
|
||||||
if (typeof window.parent.SqueezeBox === 'object') {
|
|
||||||
jQuery(window.parent.SqueezeBox).on('close', function () {
|
|
||||||
window.parent.location.reload(true);
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
});
|
}
|
||||||
}(jQuery, Joomla, window);
|
|
||||||
|
new PatchFetcher();
|
||||||
|
Loading…
Reference in New Issue
Block a user