DontSellMe/richdocuments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Apply some upstream patches

Browse Source
This commit is contained in:
Victor Dubiniuk 2015-01-26 23:51:28 +03:00
parent 9ab0a0add5
commit f03a1a0edf
4 changed files with 536 additions and 528 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
js/3rdparty/webodf/editor/widgets/fontPicker.js vendored
View File

@ -36,9 +36,10 @@
*/ */
/*global define,require,document */ /*global define,require,document */
define("webodf/editor/widgets/fontPicker", [ define("webodf/editor/widgets/fontPicker", [
"dijit/form/Select"], "dijit/form/Select",
"dojox/html/entities"],
function (Select) { function (Select, htmlEntities) {
"use strict"; "use strict";
/** /**
@ -101,7 +102,7 @@ define("webodf/editor/widgets/fontPicker", [
name = documentFonts[i].name; name = documentFonts[i].name;
family = documentFonts[i].family || name; family = documentFonts[i].family || name;
selectionList.push({ selectionList.push({
label: '<span style="font-family: ' + family + ';">' + name + '</span>', label: '<span style="font-family: ' + htmlEntities.encode(family) + ';">' + htmlEntities.encode(name) + '</span>',
value: name value: name
}); });
} }
@ -114,7 +115,7 @@ define("webodf/editor/widgets/fontPicker", [
// Lastly populate the fonts provided by the editor // Lastly populate the fonts provided by the editor
for (i = 0; i < editorFonts.length; i += 1) { for (i = 0; i < editorFonts.length; i += 1) {
selectionList.push({ selectionList.push({
label: '<span style="font-family: ' + editorFonts[i] + ';">' + editorFonts[i] + '</span>', label: '<span style="font-family: ' + htmlEntities.encode(editorFonts[i]) + ';">' + htmlEntities.encode(editorFonts[i]) + '</span>',
value: editorFonts[i] value: editorFonts[i]
}); });
} }

11
js/3rdparty/webodf/editor/widgets/paragraphStyles.js vendored
View File

@ -39,9 +39,12 @@
/*global define,require */ /*global define,require */
define("webodf/editor/widgets/paragraphStyles", define("webodf/editor/widgets/paragraphStyles",
["webodf/editor/EditorSession"], [
"dojox/html/entities",
"webodf/editor/EditorSession"
],
function (EditorSession) { function (htmlEntities, EditorSession) {
"use strict"; "use strict";
/** /**
* @constructor * @constructor
@ -99,7 +102,7 @@ define("webodf/editor/widgets/paragraphStyles",
for (i = 0; i < availableStyles.length; i += 1) { for (i = 0; i < availableStyles.length; i += 1) {
selectionList.push({ selectionList.push({
label: availableStyles[i].displayName, label: htmlEntities.encode(availableStyles[i].displayName),
value: availableStyles[i].name value: availableStyles[i].name
}); });
} }
@ -120,7 +123,7 @@ define("webodf/editor/widgets/paragraphStyles",
if (select) { if (select) {
select.addOption({ select.addOption({
value: styleInfo.name, value: styleInfo.name,
label: newStyleElement.getAttributeNS(stylens, 'display-name') label: htmlEntities.encode(newStyleElement.getAttributeNS(stylens, 'display-name'))
}); });
} }

8
js/3rdparty/webodf/webodf-debug.js vendored
View File

@ -1,4 +1,4 @@
var webodf_version = "0.4.2-2050-g8d8fc02"; var webodf_version = "0.4.2-2050-g8d8fc02-dirty";
function Runtime() { function Runtime() {
} }
Runtime.prototype.getVariable = function(name) { Runtime.prototype.getVariable = function(name) {
@ -13549,7 +13549,11 @@ gui.HyperlinkClickHandler = function HyperlinkClickHandler(getRootNode) {
bookmarks[0].scrollIntoView(true) bookmarks[0].scrollIntoView(true)
} }
}else { }else {
runtime.getWindow().open(url) if(/^\s*(javascript|data):/.test(url)) {
runtime.log("WARN:", "potentially malicious URL ignored")
}else {
runtime.getWindow().open(url)
}
} }
if(e.preventDefault) { if(e.preventDefault) {
e.preventDefault() e.preventDefault()

1036
js/3rdparty/webodf/webodf.js vendored
View File

File diff suppressed because one or more lines are too long