You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@whimsical.apache.org by ru...@apache.org on 2016/08/24 11:47:00 UTC
[whimsy] branch incomplete-unsigned updated: require an extra click
to download potentially dangerous content
This is an automated email from the ASF dual-hosted git repository.
rubys pushed a commit to branch incomplete-unsigned
in repository https://git-dual.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/incomplete-unsigned by this push:
new a26669e require an extra click to download potentially dangerous content
a26669e is described below
commit a26669eb1643ddb8279e3f2d1787d6077ab584b3
Author: Sam Ruby <ru...@intertwingly.net>
AuthorDate: Wed Aug 24 07:46:38 2016 -0400
require an extra click to download potentially dangerous content
---
www/secretary/workbench/file.cgi | 4 ++++
www/secretary/workbench/worklist.js | 5 ++++-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/www/secretary/workbench/file.cgi b/www/secretary/workbench/file.cgi
index 15736c4..b14ccea 100755
--- a/www/secretary/workbench/file.cgi
+++ b/www/secretary/workbench/file.cgi
@@ -1052,6 +1052,10 @@ _html do
end
end
+ when 'danger'
+ _h2 'Potentially dangerous content'
+ _a @link, href: '/members/received/' + @link
+
else
_h2 'Unsupported action'
_table border: 1, cellpadding: 10, cellspacing: 0 do
diff --git a/www/secretary/workbench/worklist.js b/www/secretary/workbench/worklist.js
index 81ff50b..ec9d49f 100644
--- a/www/secretary/workbench/worklist.js
+++ b/www/secretary/workbench/worklist.js
@@ -99,10 +99,13 @@ $(document).ready(function() {
if (directory || link.match(/pgp\.txt$/)) {
parent.frames[1].location.href = 'file.cgi?action=view&dir=' +
encodeURIComponent(link);
- } else {
+ } else if (link.match(/\.(pdf|txt)$/)) {
var href = link;
if ($(this).attr('data-mtime')) href += '?' + $(this).attr('data-mtime');
parent.frames[1].location.href = '/members/received/' + href;
+ } else {
+ parent.frames[1].location.href = 'file.cgi?action=danger&link=' +
+ encodeURIComponent(link);
}
if (!link.match(/^eFax-\d+\.pdf$/)) {
--
To stop receiving notification emails like this one, please contact
['"commits@whimsical.apache.org" <co...@whimsical.apache.org>'].