diff options
| author | sostler <sbostler@gmail.com> | 2010-01-30 02:11:40 -0500 |
|---|---|---|
| committer | sostler <sbostler@gmail.com> | 2010-01-30 02:11:40 -0500 |
| commit | 1dcfbf2578d41c5442c21f3f58170049bb2e6f1a (patch) | |
| tree | 8116136944c6a46258e5ee49b4e0963974bb6dd9 | |
| parent | 65f06c8d8593881f10d767dd0610ca6f63569f56 (diff) | |
Changed submission URIs from GET to POST
| -rwxr-xr-x | src/site.clj | 15 | ||||
| -rwxr-xr-x | static/js/pichat.js | 100 | ||||
| -rwxr-xr-x | static/js/register.js | 2 |
3 files changed, 58 insertions, 59 deletions
diff --git a/src/site.clj b/src/site.clj index 15ac373..c0a6ab4 100755 --- a/src/site.clj +++ b/src/site.clj @@ -525,16 +525,13 @@ (GET "/u/:nick/:offset" (profile session (params :nick) (params :offset))) - (GET "/update-profile" (update-profile session params)) (GET "/login" (login session params)) (GET "/logout" (logout session)) (GET "/register" (serve-static "static" "register.html")) - (GET "/submit-registration" (register session params)) (GET "/:room/chat" (no-cache (validated-chat session (-> request :route-params :room)))) (GET "/chat" (no-cache (validated-chat session "RoomA"))) (GET "/browser" (browser session)) (GET "/refresh" (validated-refresh session params)) - (GET "/msg" (validated-msg session params)) (GET "/log" (validated-log session "RoomA" "0" params)) (GET "/:room/log" (validated-log session (-> request :route-params :room) @@ -543,16 +540,20 @@ (-> request :route-params :room) (-> request :route-params :offset) params)) + ;; TODO: validate POST Referrer headers for POSTs + (POST "/msg" (validated-msg session params)) + (POST "/submit-registration" (register session params)) + (POST "/update-profile" (update-profile session params)) (ANY "*" (unknown-page params))) -(decorate pichat - (with-mimetypes) - (with-session {:type :memory, :expires (* 60 60)})) -; All uploading-related actions use the with-multipart decoration. (defroutes multipart (POST "/upload" (upload session params))) +(decorate pichat + (with-mimetypes) + (with-session {:type :memory, :expires (* 60 60)})) + (decorate multipart (with-mimetypes) (with-session {:type :memory, :expires (* 60 60)}) diff --git a/static/js/pichat.js b/static/js/pichat.js index 79f21b0..0a99f6c 100755 --- a/static/js/pichat.js +++ b/static/js/pichat.js @@ -7,22 +7,22 @@ function escapeHtml(txt) { } function linkify(text) { - var URLRegex = /((\b(http\:\/\/|https\:\/\/|ftp\:\/\/)|(www\.))+(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?)/gi; - return text.replace(URLRegex, linkReplace); + var URLRegex = /((\b(http\:\/\/|https\:\/\/|ftp\:\/\/)|(www\.))+(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?)/gi; + return text.replace(URLRegex, linkReplace); } function linkReplace(match){ - var PicRegex = /\.(jpg|jpeg|png|gif|bmp)$/i; - var matchWithoutParams = match.replace(/\?.*$/i, "") - if (PicRegex.test(matchWithoutParams)){ - return "<a target='_blank' href='" + match + "'><img src='" + match + "'></a>" - } else { - return "<a target='_blank' href='" + match + "'>" + match + "</a>" - } + var PicRegex = /\.(jpg|jpeg|png|gif|bmp)$/i; + var matchWithoutParams = match.replace(/\?.*$/i, "") + if (PicRegex.test(matchWithoutParams)){ + return "<a target='_blank' href='" + match + "'><img src='" + match + "'></a>" + } else { + return "<a target='_blank' href='" + match + "'>" + match + "</a>" + } } function buildMsgContent(content) { - return linkify(content) + return linkify(content) } function buildMessageDiv(msg, isLoading) { @@ -32,35 +32,35 @@ function buildMessageDiv(msg, isLoading) { return '<div class="msgDiv ' + loadingClass + '" ' + msgId + '>' + '<b><a href="/u/' + nick + ' ">' + nick + '</a>: </b>' + buildMsgContent(msg.content) - + '</div>'; + + '</div>'; } function buildUserDiv(user) { if (user.avatar) { return '<div class="username">' - + '<a href="/u/' + escapeHtml(user.nick) + '" target="_blank">' - + '<img src="' + user.avatar + '" width="50" height="50">' - + escapeHtml(user.nick) + '</a></div>'; + + '<a href="/u/' + escapeHtml(user.nick) + '" target="_blank">' + + '<img src="' + user.avatar + '" width="50" height="50">' + + escapeHtml(user.nick) + '</a></div>'; } else { return '<div class="username">' - + '<a href="/u/' + escapeHtml(user.nick) + '" target="_blank">' - + escapeHtml(user.nick) + '</a></div>'; + + '<a href="/u/' + escapeHtml(user.nick) + '" target="_blank">' + + escapeHtml(user.nick) + '</a></div>'; } } function buildGrowlDataAndPopDatShit(msg) { - var nick = escapeHtml(msg.nick); - nick = '<a href="/u/' + nick + ' " style="color:pink">' + nick + '</a>:' - var msg = buildMsgContent(msg.content) - growl(nick, msg) + var nick = escapeHtml(msg.nick); + nick = '<a href="/u/' + nick + ' " style="color:pink">' + nick + '</a>:' + var msg = buildMsgContent(msg.content) + growl(nick, msg) } function growl(user, msg) { $.gritter.add({ - // (string | mandatory) the heading of the notification - title: user, - // (string | mandatory) the text inside the notification - text: msg + // (string | mandatory) the heading of the notification + title: user, + // (string | mandatory) the text inside the notification + text: msg }); } @@ -89,19 +89,19 @@ function submitMessage() { .removeClass('loading').addClass('loaded'); }; var onError = function(resp, textStatus, errorThrown) { - div.remove(); + div.remove(); handleMsgError(resp); }; - + $.ajax({ - type: 'GET', - timeout: 5000, - url: '/msg', - data: { 'room': Room, 'content': content }, - cache: false, - dataType: 'json', - success: onSuccess, - error: onError + type: 'POST', + timeout: 5000, + url: '/msg', + data: { 'room': Room, 'content': content }, + cache: false, + dataType: 'json', + success: onSuccess, + error: onError }); } @@ -147,9 +147,9 @@ function setUserList(users) { function updateUI(msgs, users) { if (window['growlize'] && msgs && msgs.length > 0) { - $.map(msgs, buildGrowlDataAndPopDatShit) + $.map(msgs, buildGrowlDataAndPopDatShit) } else if (msgs && msgs.length > 0) { - addNewMessages(msgs); + addNewMessages(msgs); } if (users !== null) { var flattened = users.sort().join(",") @@ -226,30 +226,27 @@ function initProfile() { t.html(buildMsgContent(t.text())); }); - var onSubmit = function(original_element, edit, old) { - edit = $.trim(edit); - if (edit == old) { return old }; - // TODO: Prevent entering script tags - if (original_element == 'avatar' && edit.indexOf("<") != -1) { - return old; - } + var onSubmit = function(attr, newVal, oldVal) { + newVal = $.trim(newVal); + if (newVal == oldVal) { return oldVal }; + $.ajax({ - type: "GET", + type: "POST", timeout: 5000, url: "/update-profile", - data: { 'attr': original_element, 'val': edit } + data: { 'attr': attr, 'val': newVal } }); - if (original_element == 'avatar') { - var s = '<img id="avatarPic" src="' + edit + '" width="150" />'; + if (attr == 'avatar') { + var s = '<img id="avatarPic" src="' + newVal + '" width="150" />'; $('#avatarPic').replaceWith(s); } - return escapeHtml(edit); + return escapeHtml(newVal); }; var opt = { 'default_text': 'Enter here!', 'callback': onSubmit, 'field_type': 'text', - 'callbackShowErrors': false }; + 'callbackShowErrors': false }; $('#avatar.editable').editInPlace(opt); @@ -266,13 +263,14 @@ function initLog() { } +// TODO function favoriteImage() {}; -function setupUpload(elementId, roomKey) { +function setupUpload(elementId, roomKey) { new AjaxUpload(elementId, { action: '/upload', autoSubmit: true, name: 'image', - data: { room: roomKey } + data: { room: roomKey } }); }
\ No newline at end of file diff --git a/static/js/register.js b/static/js/register.js index 89a37fa..d8f9b6a 100755 --- a/static/js/register.js +++ b/static/js/register.js @@ -34,7 +34,7 @@ function submitRegistration() { }; $.ajax({ - type: 'GET', + type: 'POST', timeout: 5000, url: 'submit-registration', data: {'nick': nick, 'email': email, 'hash': hash }, |