summaryrefslogtreecommitdiff
path: root/public/assets/js
diff options
context:
space:
mode:
Diffstat (limited to 'public/assets/js')
-rw-r--r--public/assets/js/lib/views/details/details.js4
-rw-r--r--public/assets/js/lib/views/details/settings.js8
-rw-r--r--public/assets/js/lib/views/keywords/keywords.js2
-rw-r--r--public/assets/js/lib/views/mail/compose.js4
-rw-r--r--public/assets/js/lib/views/mail/mailbox.js2
-rw-r--r--public/assets/js/lib/views/mail/message.js2
-rw-r--r--public/assets/js/lib/views/profile/profile.js14
-rw-r--r--public/assets/js/lib/views/profile/profile_edit.js4
-rw-r--r--public/assets/js/lib/views/search/results.js14
-rw-r--r--public/assets/js/util/format.js2
10 files changed, 28 insertions, 28 deletions
diff --git a/public/assets/js/lib/views/details/details.js b/public/assets/js/lib/views/details/details.js
index 1b67b92..781d136 100644
--- a/public/assets/js/lib/views/details/details.js
+++ b/public/assets/js/lib/views/details/details.js
@@ -32,8 +32,8 @@ var DetailsView = View.extend({
set_background_color(data.thread.color || (data.keyword ? data.keyword.color : 'plain'))
$("body").removeClass('loading')
var thread = data.thread
- $("h1").html(sanitize(thread.title))
- $("title").html(sanitize(thread.title))
+ $("h1").html(sanitizeEntities(thread.title))
+ $("title").html(sanitizeEntities(thread.title))
$(".metadata").html(metadata(thread))
$(".settings_link").attr("href", "/details/" + thread.id + "/settings")
this.form.load(data.thread)
diff --git a/public/assets/js/lib/views/details/settings.js b/public/assets/js/lib/views/details/settings.js
index c8e53db..a7dd050 100644
--- a/public/assets/js/lib/views/details/settings.js
+++ b/public/assets/js/lib/views/details/settings.js
@@ -42,7 +42,7 @@ var ThreadSettingsForm = FormView.extend({
this.$(".close_link").attr("href", "/details/" + thread.id)
this.$(".metadata").html(metadata(thread))
- this.$("[name=title]").val(sanitize(thread.title))
+ this.$("[name=title]").val(thread.title)
this.$("[name=hootbox]").prop("checked", !!thread.settings.hootbox)
this.$("[name=shorturls]").prop("checked", !!thread.settings.shorturls)
@@ -130,7 +130,7 @@ var ThreadSettingsForm = FormView.extend({
var usernames = this.$('[name=allowed_field]').val().replace(/,/g, ' ').split(' ').map(s => s.trim()).filter(s => !! s)
this.$('[name=allowed_field]').val('')
usernames = usernames.filter( (name) => this.allowed.indexOf(name) === -1 )
- .map( (name) => sanitize(name) )
+ .map( (name) => sanitizeHTML(name) )
$.ajax({
method: "PUT",
url: "/api/checkUsernames",
@@ -216,7 +216,7 @@ var ThreadSettingsForm = FormView.extend({
var id = data.thread.id
var comment_count = (data.comments || []).length
var file_count = (data.files || []).length
- var msg = "Are you sure you want to delete this thread?\n\n#" + id + ' "' + sanitize(data.thread.title) + '"'
+ var msg = "Are you sure you want to delete this thread?\n\n#" + id + ' "' + sanitizeHTML(data.thread.title) + '"'
msg += " + " + comment_count + " comment" + courtesy_s(comment_count)
if ( file_count) msg += " + " + file_count + " file" + courtesy_s(file_count)
var should_remove = confirm(msg)
@@ -244,7 +244,7 @@ var ThreadSettingsForm = FormView.extend({
var data = this.options.parent.data
var file = data.files.find(f => f.id === file_id)
if (! file) return
- var msg = "Are you sure you want to delete this file?\n\n#" + file_id + ' "' + sanitize(file.filename) + '"'
+ var msg = "Are you sure you want to delete this file?\n\n#" + file_id + ' "' + sanitizeHTML(file.filename) + '"'
var should_remove = confirm(msg)
if (should_remove) {
$.ajax({
diff --git a/public/assets/js/lib/views/keywords/keywords.js b/public/assets/js/lib/views/keywords/keywords.js
index 9b2eadc..12bd5a8 100644
--- a/public/assets/js/lib/views/keywords/keywords.js
+++ b/public/assets/js/lib/views/keywords/keywords.js
@@ -47,7 +47,7 @@ var KeywordsView = View.extend({
var age = get_age(thread.lastmodified)
var id = thread.id + get_revision(thread)
var t = this.template
- .replace(/{{keyword}}/g, sanitize(keyword.keyword))
+ .replace(/{{keyword}}/g, sanitizeHTML(keyword.keyword))
.replace(/{{id}}/g, id)
.replace(/{{username}}/g, keyword.username)
.replace(/{{privacy_dot}}/g, dot)
diff --git a/public/assets/js/lib/views/mail/compose.js b/public/assets/js/lib/views/mail/compose.js
index 1da4ceb..f2592ea 100644
--- a/public/assets/js/lib/views/mail/compose.js
+++ b/public/assets/js/lib/views/mail/compose.js
@@ -26,12 +26,12 @@ var ComposeView = FormView.extend({
console.log(tmpl)
this.$("[name=username]").val(message.sender)
this.$("[name=subject]").val(message.subject)
- this.$("[name=body]").val(sanitize(tmpl + message.body))
+ this.$("[name=body]").val(tmpl + message.body)
$("body").removeClass('loading')
}.bind(this))
return
}
- this.$("[name=username]").val(sanitize(username))
+ this.$("[name=username]").val(username)
$("body").removeClass('loading')
},
diff --git a/public/assets/js/lib/views/mail/mailbox.js b/public/assets/js/lib/views/mail/mailbox.js
index 9d988cb..c48d948 100644
--- a/public/assets/js/lib/views/mail/mailbox.js
+++ b/public/assets/js/lib/views/mail/mailbox.js
@@ -14,7 +14,7 @@ var MailboxView = View.extend({
},
load: function(name){
- name = sanitize(name) || "inbox"
+ name = sanitizeHTML(name) || "inbox"
$("h1").html(name)
var query = window.location.search.substr(1)
$.get(this.action + name, query, this.populate.bind(this))
diff --git a/public/assets/js/lib/views/mail/message.js b/public/assets/js/lib/views/mail/message.js
index b5258a5..6fa3d78 100644
--- a/public/assets/js/lib/views/mail/message.js
+++ b/public/assets/js/lib/views/mail/message.js
@@ -13,7 +13,7 @@ var MessageView = View.extend({
},
load: function(name){
- name = sanitize(name) || "inbox"
+ name = sanitizeHTML(name) || "inbox"
$.ajax({
url: this.action + name,
method: 'get',
diff --git a/public/assets/js/lib/views/profile/profile.js b/public/assets/js/lib/views/profile/profile.js
index 2254bd5..1064adb 100644
--- a/public/assets/js/lib/views/profile/profile.js
+++ b/public/assets/js/lib/views/profile/profile.js
@@ -18,7 +18,7 @@ var ProfileView = View.extend({
populate: function(user){
$("body").removeClass('loading')
var $table = this.$("table")
- var username = sanitize(user.username)
+ var username = sanitizeHTML(user.username)
var is_own_profile = (username === auth.user.username)
if (is_own_profile) {
$(".edit_profile a").attr("href", "/profile/" + username + "/edit")
@@ -34,27 +34,27 @@ var ProfileView = View.extend({
].map(pair => {
var key = pair[0], label = pair[1]
if (! user[key]) return;
- return [label, sanitize(user[key])]
+ return [label, sanitizeHTML(user[key])]
})
if (user.email) {
fields.push([
'Email',
- '<a href="mailto:' + sanitize(user.email) + '">' + sanitize(user.email) + '</a>'
+ '<a href="mailto:' + sanitizeHTML(user.email) + '">' + sanitizeHTML(user.email) + '</a>'
])
}
if (user.twitter) {
if (user.twitter.match(/^http/)) {
var partz = user.twitter.split('/')
if (partz.length > 2) {
- var handle = sanitize(partz[3])
+ var handle = sanitizeHTML(partz[3])
fields.push([
'Twitter',
'<a href="https://twitter.com/' + handle + '">@' + handle + '</a>'
])
}
} else {
- var handle = sanitize(user.twitter)
+ var handle = sanitizeHTML(user.twitter)
fields.push([
'Twitter',
'<a href="https://twitter.com/' + handle + '">@' + handle + '</a>'
@@ -62,10 +62,10 @@ var ProfileView = View.extend({
}
}
if (user.website) {
- var website = sanitize(user.website)
+ var website = sanitizeHTML(user.website)
fields.push([
'Website',
- '<a href="' + sanitize(website) + '">' + sanitize(website) + '</a>'
+ '<a href="' + sanitizeHTML(website) + '">' + sanitizeHTML(website) + '</a>'
])
}
diff --git a/public/assets/js/lib/views/profile/profile_edit.js b/public/assets/js/lib/views/profile/profile_edit.js
index e50a7c0..d3656c4 100644
--- a/public/assets/js/lib/views/profile/profile_edit.js
+++ b/public/assets/js/lib/views/profile/profile_edit.js
@@ -18,12 +18,12 @@ var ProfileForm = FormView.extend({
load: function(username){
this.action = "/api/user/" + username;
"realname location email phone website twitter".split(" ").forEach((field) => {
- this.$('[name=' + field + ']').val( sanitize(auth.user[field]) )
+ this.$('[name=' + field + ']').val( auth.user[field] )
})
if (! auth.user.avatar) {
$("#profile-avatar-embed").hide()
} else {
- $("#profile-avatar-embed").attr("src", sanitize(auth.user.avatar))
+ $("#profile-avatar-embed").attr("src", sanitizeHTML(auth.user.avatar))
}
$("body").removeClass('loading')
},
diff --git a/public/assets/js/lib/views/search/results.js b/public/assets/js/lib/views/search/results.js
index 0f34845..8c793f1 100644
--- a/public/assets/js/lib/views/search/results.js
+++ b/public/assets/js/lib/views/search/results.js
@@ -21,11 +21,11 @@ var SearchResults = View.extend({
},
populate: function(res){
- var query = sanitize(res.meta.query)
+ var query = sanitizeHTML(res.meta.query)
var terms = res.meta.terms
console.log(res)
- $("title").html('bucky search "' + sanitize(query) + '"')
- $("[name=query]").val(query)
+ $("title").html('bucky search "' + query + '"')
+ $("[name=query]").val(res.meta.query)
this.$(".query").html(query)
var total = parseInt(res.meta.total)
this.$(".total").html(total + " result" + courtesy_s(total))
@@ -48,13 +48,13 @@ var SearchResults = View.extend({
image = result.thread.flagged
}
var image_path = image ? '/data/' + result.thread.id + '/' + sanitize(image.filename) : ''
- var file_tag = result.file ? '<a href="' + make_link(result.file) + '">' + bold_terms(sanitize(result.file.filename), terms) + '</a>' : ''
+ var file_tag = result.file ? '<a href="' + make_link(result.file) + '">' + bold_terms(result.file.filename, terms) + '</a>' : ''
var t = this.template
- .replace(/{{thread_id}}/g, sanitize("" + result.thread.id))
+ .replace(/{{thread_id}}/g, sanitizeHTML("" + result.thread.id))
.replace(/{{meta}}/, metadata(result.thread))
.replace(/{{image}}/, image_path)
- .replace(/{{title}}/, bold_terms(sanitize(result.thread.title), terms))
- .replace(/{{comment}}/, result.comment ? bold_terms(sanitize(result.comment.comment), terms) : '')
+ .replace(/{{title}}/, bold_terms(result.thread.title, terms))
+ .replace(/{{comment}}/, result.comment ? bold_terms(result.comment.comment, terms) : '')
.replace(/{{file}}/, file_tag)
.replace(/{{strength}}/, result.strength)
this.$("#results").append(t)
diff --git a/public/assets/js/util/format.js b/public/assets/js/util/format.js
index 4115c47..165a009 100644
--- a/public/assets/js/util/format.js
+++ b/public/assets/js/util/format.js
@@ -11,7 +11,7 @@ function csrf() {
return $("[name=_csrf]").attr("value")
}
function bold_terms (s, terms) {
- s = sanitize(s)
+ s = sanitizeHTML(s)
terms.forEach( (term) => {
s = s.replace(new RegExp(term, "ig"), "<b>" + term + "</b>")
})
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-12-10 14:12:59 +0000