[Rt-commit] rt branch, 4.2/alert-invalid-file-inputs, created. rt-4.1.17-66-g18a6bd8

Thomas Sibley trs at bestpractical.com
Tue Jul 23 18:04:11 EDT 2013


The branch, 4.2/alert-invalid-file-inputs has been created
        at  18a6bd8baa3c41bb0a5e27941f0a3d1b98e37ef5 (commit)

- Log -----------------------------------------------------------------
commit f8f89f49f2afd2e1a365c76872648df48089c710
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Wed Mar 2 18:00:35 2011 +0800

    Warn users when upload filenames contain double quotes
    
    CGI, HTTP::Body, and MIME::Entity do *not* support double quotes in
    filenames.
    
    See also #16119.

diff --git a/share/static/css/base/forms.css b/share/static/css/base/forms.css
index dd52cf0..e763778 100644
--- a/share/static/css/base/forms.css
+++ b/share/static/css/base/forms.css
@@ -225,6 +225,11 @@ form div.submit div.buttons div.next {
     width: 50%;
 }
 
+.invalid {
+    font-style: italic;
+    color: red;
+}
+
 /* query builder */
 
 #formatbuttons {
diff --git a/share/static/js/event-registration.js b/share/static/js/event-registration.js
index 98e1e27..bb6d83e 100644
--- a/share/static/js/event-registration.js
+++ b/share/static/js/event-registration.js
@@ -80,3 +80,23 @@ jQuery(function() {
         }).change();
     });
 });
+
+jQuery( function() {
+    jQuery("input[type=file]").change( function() {
+        var input = jQuery(this);
+        var warning = input.next(".invalid");
+
+        if ( !input.val().match(/"/) ) {
+            warning.hide();
+        } else {
+            if (warning.length) {
+                warning.show();
+            } else {
+                input.val("");
+                jQuery("<span class='invalid'>")
+                    .text("Filenames with double quotes are not supported.")
+                    .insertAfter(input);
+            }
+        }
+    });
+});

commit 0d4faacc85d678ad90ee8a4f1bcbcacda4e5aec5
Author: Thomas Sibley <trs at bestpractical.com>
Date:   Tue Jul 23 14:20:35 2013 -0700

    Basic I18N for JS strings
    
    This simple solution doesn't scale, but it's tiny and sufficient for now.

diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index c441838..c55f360 100644
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -115,6 +115,7 @@ sub JSFiles {
       jquery.modal-defaults.js
       jquery.cookie.js
       titlebox-state.js
+      i18n.js
       util.js
       autocomplete.js
       jquery.event.hover-1.0.js
diff --git a/share/html/Elements/JavascriptConfig b/share/html/Elements/JavascriptConfig
index e7bbcde..2571410 100644
--- a/share/html/Elements/JavascriptConfig
+++ b/share/html/Elements/JavascriptConfig
@@ -62,14 +62,23 @@ if ($session{CurrentUser} and $session{CurrentUser}->id) {
         . (!$session{CurrentUser}->Privileged ? "/SelfService" : "");
 }
 
+my $Catalog = {
+    quote_in_filename => "Filenames with double quotes can not be uploaded.", #loc
+};
+$_ = loc($_) for values %$Catalog;
+
 $m->callback(
     CallbackName    => "Data",
     CurrentUser     => $CurrentUser,
     Config          => $Config,
+    Catalog         => $Catalog,
 );
 </%init>
 <script>
 window.RT = {};
 RT.CurrentUser = <% JSON( $CurrentUser ) |n%>;
 RT.Config      = <% JSON( $Config      ) |n%>;
+
+RT.I18N = {};
+RT.I18N.Catalog = <% JSON( $Catalog ) |n %>;
 </script>
diff --git a/share/static/js/event-registration.js b/share/static/js/event-registration.js
index bb6d83e..f648c3c 100644
--- a/share/static/js/event-registration.js
+++ b/share/static/js/event-registration.js
@@ -94,7 +94,7 @@ jQuery( function() {
             } else {
                 input.val("");
                 jQuery("<span class='invalid'>")
-                    .text("Filenames with double quotes are not supported.")
+                    .text(loc_key("quote_in_filename"))
                     .insertAfter(input);
             }
         }
diff --git a/share/static/js/i18n.js b/share/static/js/i18n.js
new file mode 100644
index 0000000..29ea078
--- /dev/null
+++ b/share/static/js/i18n.js
@@ -0,0 +1,15 @@
+function loc_key(key) {
+    if (arguments.length > 1 && console && console.log)
+        console.log("loc_key() does not support substitution! (for key: " + key + ")")
+
+    var msg;
+    if (RT.I18N && RT.I18N.Catalog)
+        msg = RT.I18N.Catalog[key];
+
+    if (msg == null && console && console.log) {
+        console.log("I18N key '" + key + "' not found in catalog");
+        msg = "(no translation for key: " + key + ")";
+    }
+
+    return msg;
+}

commit 18a6bd8baa3c41bb0a5e27941f0a3d1b98e37ef5
Author: Thomas Sibley <trs at bestpractical.com>
Date:   Tue Jul 23 14:22:34 2013 -0700

    Encode JSON strings as Perl character strings instead of UTF-8 bytes
    
    If JSON() produces UTF-8 bytes, it can't be used in Mason pages with
    other content.  Mason pages are constructed using Perl character
    strings and then our PSGI response callback in
    RT::Interface::Web::Handler encodes all content as UTF-8 if it's not
    already encoded.  This leads to double-encoding when JSON() output is
    mixed with other content, such as in /Elements/JavascriptConfig.
    
    The autocomplete endpoints which used JSON() worked successfully because
    their _entire_ page content was UTF-8 already, so it wasn't encoded
    again by the response callback.  By switching JSON() away from UTF-8,
    interpolation issues are fixed and the autocomplete endpoints now rely
    on the request handler encoding to UTF-8 instead.
    
    Additionally, replace various uses of JSON::to_json() directly with
    JSON().

diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index c55f360..01c6495 100644
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -186,13 +186,13 @@ sub EscapeURI {
 
 =head2 EncodeJSON SCALAR
 
-Encodes the SCALAR to JSON and returns a JSON string.  SCALAR may be a simple
-value or a reference.
+Encodes the SCALAR to JSON and returns a JSON Unicode (B<not> UTF-8) string.
+SCALAR may be a simple value or a reference.
 
 =cut
 
 sub EncodeJSON {
-    my $s = JSON::to_json(shift, { utf8 => 1, allow_nonref => 1 });
+    my $s = JSON::to_json(shift, { allow_nonref => 1 });
     $s =~ s{/}{\\/}g;
     return $s;
 }
diff --git a/share/html/Helpers/Autocomplete/CustomFieldValues b/share/html/Helpers/Autocomplete/CustomFieldValues
index cd9ddb1..a5ba1fc 100644
--- a/share/html/Helpers/Autocomplete/CustomFieldValues
+++ b/share/html/Helpers/Autocomplete/CustomFieldValues
@@ -54,7 +54,7 @@ my $term = (split /\n/, $ARGS{term} || '')[-1];
 
 my $abort = sub {
     $r->content_type('application/json; charset=utf-8');
-    $m->out(JSON::to_json( [] ));
+    $m->out(JSON( [] ));
     $m->abort;
 };
 
diff --git a/share/html/Helpers/Autocomplete/Tickets b/share/html/Helpers/Autocomplete/Tickets
index 251bf64..cc2969f 100644
--- a/share/html/Helpers/Autocomplete/Tickets
+++ b/share/html/Helpers/Autocomplete/Tickets
@@ -46,7 +46,7 @@
 %#
 %# END BPS TAGGED BLOCK }}}
 % $r->content_type('application/json; charset=utf-8');
-<% JSON::to_json( \@suggestions ) |n %>
+<% JSON( \@suggestions ) |n %>
 % $m->abort;
 <%ARGS>
 $return => ''
@@ -55,8 +55,6 @@ $max => 10
 $exclude => ''
 </%ARGS>
 <%INIT>
-require JSON;
-
 # Only allow certain return fields
 $return = 'id'
     unless $return =~ /^(?:id|Subject)$/;
diff --git a/share/html/Ticket/Elements/DelayShowHistory b/share/html/Ticket/Elements/DelayShowHistory
index 73c14cf..2fe7ed6 100644
--- a/share/html/Ticket/Elements/DelayShowHistory
+++ b/share/html/Ticket/Elements/DelayShowHistory
@@ -67,16 +67,12 @@ jQuery(function(){
 <%ARGS>
 $Ticket
 </%ARGS>
-<%ONCE>
-require JSON;
-</%ONCE>
 <%INIT>
 my %params = %ARGS;
 delete $params{Ticket};
 
-my $url = JSON::to_json(
+my $url = JSON(
     RT->Config->Get('WebPath') . "/Helpers/TicketHistory?".
-        $m->comp('/Elements/QueryString', %params, id => $Ticket->id ),
-    { allow_nonref => 1 }
+        $m->comp('/Elements/QueryString', %params, id => $Ticket->id )
 );
 </%INIT>

-----------------------------------------------------------------------


More information about the Rt-commit mailing list