You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by je...@apache.org on 2022/02/17 21:39:28 UTC
[airflow] 37/43: Simplify trigger cancel button (#21591)
This is an automated email from the ASF dual-hosted git repository.
jedcunningham pushed a commit to branch v2-2-test
in repository https://gitbox.apache.org/repos/asf/airflow.git
commit 628aa1f99c865d97d0b1c7c76e630e43a7b8d319
Author: Jed Cunningham <66...@users.noreply.github.com>
AuthorDate: Tue Feb 15 11:00:26 2022 -0700
Simplify trigger cancel button (#21591)
Co-authored-by: Jed Cunningham <je...@apache.org>
(cherry picked from commit 65297673a318660fba76797e50d0c06804dfcafc)
---
airflow/www/templates/airflow/trigger.html | 2 +-
tests/www/views/test_views_trigger_dag.py | 11 +++++------
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/airflow/www/templates/airflow/trigger.html b/airflow/www/templates/airflow/trigger.html
index efc1650..2388d4e 100644
--- a/airflow/www/templates/airflow/trigger.html
+++ b/airflow/www/templates/airflow/trigger.html
@@ -63,7 +63,7 @@
</label>
</div>
<button type="submit" class="btn btn-primary">Trigger</button>
- <button type="button" class="btn" onclick="location.href = '{{ origin }}'; return false">Cancel</button>
+ <a class="btn" href="{{ origin }}">Cancel</a>
</form>
{% endblock %}
diff --git a/tests/www/views/test_views_trigger_dag.py b/tests/www/views/test_views_trigger_dag.py
index f261438..2b43468 100644
--- a/tests/www/views/test_views_trigger_dag.py
+++ b/tests/www/views/test_views_trigger_dag.py
@@ -134,6 +134,10 @@ def test_trigger_dag_form(admin_client):
("http://google.com", "/home"),
("36539'%3balert(1)%2f%2f166", "/home"),
(
+ '"><script>alert(99)</script><a href="',
+ ""><script>alert(99)</script><a href="",
+ ),
+ (
"%2Ftree%3Fdag_id%3Dexample_bash_operator';alert(33)//",
"/home",
),
@@ -145,12 +149,7 @@ def test_trigger_dag_form_origin_url(admin_client, test_origin, expected_origin)
test_dag_id = "example_bash_operator"
resp = admin_client.get(f'trigger?dag_id={test_dag_id}&origin={test_origin}')
- check_content_in_response(
- '<button type="button" class="btn" onclick="location.href = \'{}\'; return false">'.format(
- expected_origin
- ),
- resp,
- )
+ check_content_in_response(f'<a class="btn" href="{expected_origin}">Cancel</a>', resp)
@pytest.mark.parametrize(