boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

YaCy-UI:

Browse Source 
- fixed xss vulnurability
- improved add bookmark dialog

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@5189 6c8d7289-2bf4-0310-a012-ef5d649a1542
pull/1/head
apfelmaennchen 17 years ago
parent a81cb78211
commit a5f61e8b1b
6 changed files with 67 additions and 33 deletions
Show Stats Download Patch File Download Diff File

16
htroot/yacy/ui/css/base.css
Unescape View File

@ -34,7 +34,8 @@ div.main {
margin-bottom: .5em; margin-bottom: .5em;
padding: 2px 5px; padding: 2px 5px;
border: 1px solid #CCCCCC; border: 1px solid #CCCCCC;
font: normal small Arial, Helvetica, sans-serif; font: "Trebuchet MS", Trebuchet, Verdana, Helvetica, Arial, sans-serif;
font-size: 12px;
color: #999999; color: #999999;
} }
.filter { .filter {
@ -42,7 +43,8 @@ div.main {
margin-bottom: .5em; margin-bottom: .5em;
padding: 2px 5px; padding: 2px 5px;
border: 1px solid #CCCCCC; border: 1px solid #CCCCCC;
font: normal small Arial, Helvetica, sans-serif; font-family: "Trebuchet MS", Trebuchet, Verdana, Helvetica, Arial, sans-serif;
font-size: 12px;
color: #999999; color: #999999;
} }
.selector { .selector {
@ -50,15 +52,17 @@ div.main {
margin-bottom: .5em; margin-bottom: .5em;
padding: 2px 5px; padding: 2px 5px;
border: 1px solid #CCCCCC; border: 1px solid #CCCCCC;
font: normal small Arial, Helvetica, sans-serif; font-family: "Trebuchet MS", Trebuchet, Verdana, Helvetica, Arial, sans-serif;
font-size: 12px;
color: #999999; color: #999999;
} }
.small { .small {
font: normal small Arial, Helvetica, sans-serif; font-family: "Trebuchet MS", Trebuchet, Verdana, Helvetica, Arial, sans-serif;
font-size: 9px; font-size: 10px;
} }
.normal { .normal {
font: normal small Arial, Helvetica, sans-serif; font: "Trebuchet MS", Trebuchet, Verdana, Helvetica, Arial, sans-serif;
font-size: 12px;
} }
/* Sidebar */ /* Sidebar */

22
htroot/yacy/ui/css/jquery.dialog.css
Unescape View File

@ -12,7 +12,7 @@
background: url(../img/tab.png) no-repeat; background: url(../img/tab.png) no-repeat;
padding: 2px; padding: 2px;
height: 28px; height: 28px;
_height: 29px; /*_height: 29px;*/
} }
.bmdialog .ui-dialog.ui-draggable .ui-dialog-titlebar, .bmdialog .ui-dialog.ui-draggable .ui-dialog-titlebar,
@ -20,13 +20,13 @@
cursor: move; cursor: move;
} }
.bmdialog .ui-dialog .ui-dialog-titlebar-close, .bmdialog .ui-dialog .ui-dialog-titlebar-ajax,
.bmdialog.ui-dialog .ui-dialog-titlebar-close { .bmdialog.ui-dialog .ui-dialog-titlebar-ajax {
width: 16px; width: 16px;
height: 16px; height: 16px;
background: url(../img-2/cancel.png) no-repeat; background: url(../loading.gif) no-repeat;
position:absolute; position:absolute;
top: 6px; top: 8px;
right: 7px; right: 7px;
cursor: default; cursor: default;
} }
@ -71,9 +71,16 @@
margin: 6px; margin: 6px;
} }
/* Dialog handle styles */ /* Dialog handle styles
.bmdialog .ui-dialog .ui-resizable-n, .bmdialog .ui-dialog .ui-resizable-n,
.bmdialog.ui-dialog .ui-resizable-n { cursor: n-resize; height: 6px; width: 100%; top: 0px; left: 0px; background: transparent url(i/dialog-n.gif) repeat scroll center top; } .bmdialog.ui-dialog .ui-resizable-n {
cursor: n-resize;
height: 6px;
width: 100%;
top: 0px;
left: 0px;
background: transparent url(i/dialog-n.gif) repeat scroll center top;
}
.bmdialog .ui-dialog .ui-resizable-s, .bmdialog .ui-dialog .ui-resizable-s,
.bmdialog.ui-dialog .ui-resizable-s { cursor: s-resize; height: 8px; width: 100%; bottom: 0px; left: 0px; background: transparent url(i/dialog-s.gif) repeat scroll center top; } .bmdialog.ui-dialog .ui-resizable-s { cursor: s-resize; height: 8px; width: 100%; bottom: 0px; left: 0px; background: transparent url(i/dialog-s.gif) repeat scroll center top; }
@ -95,3 +102,4 @@
.bmdialog .ui-dialog .ui-resizable-ne, .bmdialog .ui-dialog .ui-resizable-ne,
.bmdialog.ui-dialog .ui-resizable-ne { cursor: ne-resize; width: 9px; height: 29px; right: 0px; top: 0px; background: transparent url(i/dialog-ne.gif); } .bmdialog.ui-dialog .ui-resizable-ne { cursor: ne-resize; width: 9px; height: 29px; right: 0px; top: 0px; background: transparent url(i/dialog-ne.gif); }
*/

3
htroot/yacy/ui/css/jquery.flexigrid.css
Unescape View File

@ -3,8 +3,9 @@
.flexigrid .flexigrid
{ {
font-family: Arial, Helvetica, sans-serif; font-family: "Trebuchet MS", Trebuchet, Verdana, Helvetica, Arial, sans-serif;
font-size: 11px; font-size: 11px;
color: #27537a;
position: relative; position: relative;
border: 0px solid #eee; border: 0px solid #eee;
overflow: hidden; overflow: hidden;

3
htroot/yacy/ui/index.html
Unescape View File

@ -32,6 +32,9 @@
<script type="text/javascript"> <script type="text/javascript">
//<![CDATA[ //<![CDATA[
HTMLenc = function(s) {
return $('<div/>').text(s).html();
}
$(function() { $(function() {
qtag = ""; qtag = "";
tabid = "Welcome"; tabid = "Welcome";

2
htroot/yacy/ui/sidebar/sidebar_1.html
Unescape View File

@ -40,7 +40,7 @@
} else { } else {
var tabnr = $tabs.tabs('length'); var tabnr = $tabs.tabs('length');
var tabname = $("input[@name='search']").getValue(); var tabname = $("input[@name='search']").getValue();
$tabs.tabs('add', "yacyui-search.html", '*' + tabname); $tabs.tabs('add', "yacyui-search.html", '*' + HTMLenc(tabname));
$tabs.tabs('select',tabnr); $tabs.tabs('select',tabnr);
} }
return false; return false;

54
htroot/yacy/ui/yacyui-bookmarks.html
Unescape View File

@ -6,14 +6,14 @@
// $('#yoptions').resetForm(); // $('#yoptions').resetForm();
$("#bmadd").dialog({ $("#bmadd").dialog({
autoOpen: false, autoOpen: false,
height: 350, height: 375,
width: 250, width: 250,
resizable: false, resizable: false,
buttons: { buttons: {
"Add": function() { "Add": function() {
var url = $("input[@name='bm_url']").getValue(); var url = $("input[@name='bm_url']").getValue();
var title = $("input[@name='bm_title']").getValue(); var title = $("textarea[@name='bm_title']").getValue();
var desc = $("input[@name='bm_desc']").getValue(); var desc = $("textarea[@name='bm_desc']").getValue();
var tags = $("input[@name='bm_tags']").getValue() var tags = $("input[@name='bm_tags']").getValue()
var path = $("input[@name='bm_path']").getValue(); var path = $("input[@name='bm_path']").getValue();
var pub = $("select[@name='bm_public']").getValue(); var pub = $("select[@name='bm_public']").getValue();
@ -27,10 +27,7 @@
$tabs.tabs("load", 3); $tabs.tabs("load", 3);
} }
}); });
}, }
"Cancel": function() {
$(this).dialog("close");
}
} }
}); });
function bm_action(com,grid) { function bm_action(com,grid) {
@ -51,7 +48,26 @@
else if (com=='Add') { else if (com=='Add') {
$("#bmadd").dialog('open'); $("#bmadd").dialog('open');
} }
} }
$("#bm_url").blur(function() {
var url = $("input[@name='bm_url']").getValue();
$.ajax({
type: "GET",
url: "/xml/util/getpageinfo_p.xml?url="+url,
dataType: "xml",
success: function(xml) {
var title = $(xml).find('title').text();
$("textarea[@name='bm_title']").setValue(title);
var desc = $(xml).find('desc').text();
$("textarea[@name='bm_desc']").setValue(desc);
tags = "";
$(xml).find('tag').each(function(){
tags = tags + "," + $(this).attr('name');
});
$("input[@name='bm_tags']").setValue(tags);
}
});
});
counter = 0; counter = 0;
$.ajax({ $.ajax({
type: "GET", type: "GET",
@ -77,11 +93,11 @@
var icon = '<img src="img-2/lock.png" alt="private bookmark" title="private bookmark"/>' var icon = '<img src="img-2/lock.png" alt="private bookmark" title="private bookmark"/>'
} }
$('<tr></tr') $('<tr></tr')
.html('<td>' +hash+ '</td><td>' +icon+ '</td><td><h3 class="linktitle">' +title+ '</h3><p class="desc">' +desc+ '</p><p class="url"><a href="' +link+ '">' +link+ '</a></p><td>' +tags+ ' </td><td>' +date+ '</td>') .html('<td>' +hash+ '</td><td>' +icon+ '</td><td><h3 class="linktitle">' +HTMLenc(title)+ '</h3><p class="desc">' +HTMLenc(desc)+ '</p><p class="url"><a href="' +link+ '">' +link+ '</a></p><td>' +HTMLenc(tags)+ ' </td><td>' +date+ '</td>')
.appendTo('#ymarks tbody'); .appendTo('#ymarks tbody');
counter++; counter++;
}); //close each( }); //close each(
var height=document.documentElement.clientHeight - 205; var height=document.documentElement.clientHeight - 205;
$('#ymarks').flexigrid({ $('#ymarks').flexigrid({
colModel: [ colModel: [
{display: 'Hash', name : 'hash', width : 50, sortable : false, align: 'center', hide: true}, {display: 'Hash', name : 'hash', width : 50, sortable : false, align: 'center', hide: true},
@ -98,8 +114,8 @@
striped: true, striped: true,
nowrap: false, nowrap: false,
height: height, height: height,
title: 'YaCy Bookmarks: '+qtag title: 'YaCy Bookmarks: ' + HTMLenc(qtag)
}); });
} }
}); //close $.ajax( }); //close $.ajax(
}); });
@ -108,7 +124,7 @@
<!-- Display Bookmarks Table --> <!-- Display Bookmarks Table -->
<table id="ymarks" summary="YaCy Bookmarks"> <table id="ymarks" summary="YaCy Bookmarks">
<tbody> <tbody>
</tbody> </tbody>
</table> </table>
<!-- Display Bookmarks Edit Dialog --> <!-- Display Bookmarks Edit Dialog -->
@ -116,15 +132,17 @@
<form id="bmaddform" class="small" method="get" accept-charset="UTF-8" action=""> <form id="bmaddform" class="small" method="get" accept-charset="UTF-8" action="">
<label for="url">URL:</label> <label for="url">URL:</label>
<br /> <br />
<input type="text" name="bm_url" id="bm_url" class="filter" onblur="loadTitle()" size="80" /> <input type="text" name="bm_url" id="bm_url" class="filter" size="80" />
<br /> <br />
<label for="bm_title">Title:</label> <label for="bm_title">Title:</label>
<br /> <br />
<input type="text" name="bm_title" id="bm_title" class="filter" size="80" /> <textarea name="bm_title" id="bm_title" class="filter" rows="1" cols="20">
</textarea>
<br /> <br />
<label for="bm_desc">Description:</label> <label for="bm_desc">Description:</label>
<br /> <br />
<input type="text" name="bm_desc" id="bm_desc" class="filter" size="80" /> <textarea name="bm_desc" id="bm_desc" class="filter" rows="3" cols="20">
</textarea>
<br /> <br />
<label for="bm_path">Folder (/folder/subfolder):</label> <label for="bm_path">Folder (/folder/subfolder):</label>
<br /> <br />

Write Preview
Loading…
Cancel
Save