You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by jc...@apache.org on 2010/06/24 18:53:43 UTC

svn commit: r957622 - in /couchdb/trunk: THANKS share/www/script/futon.browse.js share/www/script/futon.format.js

Author: jchris
Date: Thu Jun 24 16:53:43 2010
New Revision: 957622

URL: http://svn.apache.org/viewvc?rev=957622&view=rev
Log:
proper docid escaping in Futon view display, thanks Paul Bonser. Closes COUCHDB-748

Modified:
    couchdb/trunk/THANKS
    couchdb/trunk/share/www/script/futon.browse.js
    couchdb/trunk/share/www/script/futon.format.js

Modified: couchdb/trunk/THANKS
URL: http://svn.apache.org/viewvc/couchdb/trunk/THANKS?rev=957622&r1=957621&r2=957622&view=diff
==============================================================================
--- couchdb/trunk/THANKS (original)
+++ couchdb/trunk/THANKS Thu Jun 24 16:53:43 2010
@@ -62,5 +62,6 @@ suggesting improvements or submitting ch
  * Dmitry Unkovsky <oi...@gmail.com>
  * Zachary Zolton <za...@gmail.com>
  * Brian Jenkins <bo...@bonkydog.com>
+ * Paul Bonser <pi...@paulbonser.com>
 
 For a list of authors see the `AUTHORS` file.

Modified: couchdb/trunk/share/www/script/futon.browse.js
URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/futon.browse.js?rev=957622&r1=957621&r2=957622&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/futon.browse.js [utf-8] (original)
+++ couchdb/trunk/share/www/script/futon.browse.js [utf-8] Thu Jun 24 16:53:43 2010
@@ -152,7 +152,7 @@
                     page.viewName.indexOf("/_view"));
                 db.compactView(groupname, {success: function(resp) { callback() }});
                 break;
-              case "view_cleanup": 
+              case "view_cleanup":
                 db.viewCleanup({success: function(resp) { callback() }});
                 break;
             }
@@ -178,7 +178,7 @@
           }
         });
       }
-      
+
       this.databaseSecurity = function() {
         $.showDialog("dialog/_database_security.html", {
           load : function(d) {
@@ -672,7 +672,7 @@
             if (row.id) {
               $("<td class='key'><a href='document.html?" + encodeURIComponent(db.name) +
                 "/" + $.couch.encodeDocId(row.id) + "'><strong></strong><br>" +
-                "<span class='docid'>ID:&nbsp;" + row.id + "</span></a></td>")
+                "<span class='docid'>ID:&nbsp;" + $.futon.escape(row.id) + "</span></a></td>")
                 .find("strong").text(key).end()
                 .appendTo(tr);
             } else {
@@ -851,7 +851,7 @@
                   return true;
                 } catch (err) {
                   var msg = err.message;
-                  if (msg == "parseJSON" || msg == "JSON.parse") { 
+                  if (msg == "parseJSON" || msg == "JSON.parse") {
                     msg = "There is a syntax error in the document.";
                   }
                   $("<div class='error'></div>").text(msg).appendTo(this);

Modified: couchdb/trunk/share/www/script/futon.format.js
URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/futon.format.js?rev=957622&r1=957621&r2=957622&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/futon.format.js [utf-8] (original)
+++ couchdb/trunk/share/www/script/futon.format.js [utf-8] Thu Jun 24 16:53:43 2010
@@ -13,6 +13,11 @@
 (function($) {
   $.futon = $.futon || {};
   $.extend($.futon, {
+    escape: function(string) {
+      return string.replace(/&/g, "&amp;")
+                   .replace(/</g, "&lt;")
+                   .replace(/>/g, "&gt;");
+    },
 
     // JSON pretty printing
     formatJSON: function(val, options) {
@@ -24,12 +29,6 @@
       }, options || {});
       var itemsep = options.linesep.length ? "," + options.linesep : ", ";
 
-      function escape(string) {
-        return string.replace(/&/g, "&amp;")
-                     .replace(/</g, "&lt;")
-                     .replace(/>/g, "&gt;");
-      }
-
       function format(val, depth) {
         var tab = [];
         for (var i = 0; i < options.indent * depth; i++) tab.push("");
@@ -45,7 +44,7 @@
               retval = indentLines(retval.replace(/\r\n/g, "\n"), tab.substr(options.indent));
             } else {
               if (options.html) {
-                retval = escape(JSON.stringify(val));
+                retval = $.futon.escape(JSON.stringify(val));
               } else {
                 retval = JSON.stringify(val);
               }
@@ -92,7 +91,7 @@
                   if (options.quoteKeys) {
                     keyDisplay = keyDisplay.substr(1, keyDisplay.length - 2);
                   }
-                  keyDisplay = "<code class='key'>" + escape(keyDisplay) + "</code>";
+                  keyDisplay = "<code class='key'>" + $.futon.escape(keyDisplay) + "</code>";
                   if (options.quoteKeys) {
                     keyDisplay = '"' + keyDisplay + '"';
                   }
@@ -118,7 +117,7 @@
       function indentLines(text, tab) {
         var lines = text.split("\n");
         for (var i in lines) {
-          lines[i] = (i > 0 ? tab : "") + escape(lines[i]);
+          lines[i] = (i > 0 ? tab : "") + $.futon.escape(lines[i]);
         }
         return lines.join("<br>");
       }