zcy
/
svgedit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Safer encoding of cookies; ensure emptyStorageOnDecline only works with explicit decline (and as before, with config so set); add cookie removal to emptyStorageOnDecline behavior 

git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2709 eee81c28-f429-11dd-99c0-75d572ba1ddd
master
Brett Zamir 2014-02-19 01:37:21 +00:00
parent cb02aad1f7
commit dc1bf5d88c
3 changed files with 30 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
editor/extensions/ext-storage.js
View File

@ -67,22 +67,30 @@ svgEditor.addExtension('storage', function() {
} }
} }
} }
function removeStoragePrefCookie () {
document.cookie = 'store=; expires=Thu, 01 Jan 1970 00:00:00 GMT'; function expireCookie (cookie) {
document.cookie = encodeURIComponent(cookie) + '=; expires=Thu, 01 Jan 1970 00:00:00 GMT';
} }
function emptyLocalStorage() {
function removeStoragePrefCookie () {
expireCookie('store');
}
function emptyStorage() {
setSVGContentStorage(''); setSVGContentStorage('');
var name; var name, hasStorage = 'localStorage' in window;
if ('localStorage' in window) {
for (name in svgEditor.curPrefs) { for (name in svgEditor.curPrefs) {
if (svgEditor.curPrefs.hasOwnProperty(name)) { if (svgEditor.curPrefs.hasOwnProperty(name)) {
name = 'svg-edit-' + name;
if (hasStorage) {
window.localStorage.removeItem(name); window.localStorage.removeItem(name);
} }
expireCookie(name);
} }
} }
} }
// emptyLocalStorage(); // emptyStorage();
/** /**
* Listen for unloading: If and only if opted in by the user, set the content * Listen for unloading: If and only if opted in by the user, set the content
@ -124,7 +132,7 @@ svgEditor.addExtension('storage', function() {
} }
else { else {
val = encodeURIComponent(val); val = encodeURIComponent(val);
document.cookie = key + '=' + val + '; expires=Fri, 31 Dec 9999 23:59:59 GMT'; document.cookie = encodeURIComponent(key) + '=' + val + '; expires=Fri, 31 Dec 9999 23:59:59 GMT';
} }
} }
} }
@ -223,7 +231,7 @@ svgEditor.addExtension('storage', function() {
// doesn't even want to remember their not wanting // doesn't even want to remember their not wanting
// storage, so we don't set the cookie or continue on with // storage, so we don't set the cookie or continue on with
// setting storage on beforeunload // setting storage on beforeunload
document.cookie = 'store=' + pref + '; expires=Fri, 31 Dec 9999 23:59:59 GMT'; // 'prefsAndContent' | 'prefsOnly' document.cookie = 'store=' + encodeURIComponent(pref) + '; expires=Fri, 31 Dec 9999 23:59:59 GMT'; // 'prefsAndContent' | 'prefsOnly'
// If the URL was configured to always insist on a prompt, if // If the URL was configured to always insist on a prompt, if
// the user does indicate a wish to store their info, we // the user does indicate a wish to store their info, we
// don't want ask them again upon page refresh so move // don't want ask them again upon page refresh so move
@ -235,8 +243,10 @@ svgEditor.addExtension('storage', function() {
} }
else { // The user does not wish storage (or cancelled, which we treat equivalently) else { // The user does not wish storage (or cancelled, which we treat equivalently)
removeStoragePrefCookie(); removeStoragePrefCookie();
if (emptyStorageOnDecline) { if (pref && // If the user explicitly expresses wish for no storage
emptyLocalStorage(); emptyStorageOnDecline
) {
emptyStorage();
} }
if (pref && checked) { if (pref && checked) {
// Open a URL which won't set storage and won't prompt user about storage // Open a URL which won't set storage and won't prompt user about storage

6
editor/svg-editor.js
View File

@ -40,6 +40,7 @@ TO-DOS
editor.storagePromptClosed = false; // For use with ext-storage.js editor.storagePromptClosed = false; // For use with ext-storage.js
var svgCanvas, urldata, var svgCanvas, urldata,
Utils = svgedit.utilities,
isReady = false, isReady = false,
callbacks = [], callbacks = [],
customHandlers = {}, customHandlers = {},
@ -272,7 +273,7 @@ TO-DOS
defaultPrefs[key] = widget.preferenceForKey(storeKey); defaultPrefs[key] = widget.preferenceForKey(storeKey);
} }
else { else {
var result = document.cookie.match(new RegExp('(?:^|;\\s*)' + storeKey + '=([^;]+)')); var result = document.cookie.match(new RegExp('(?:^|;\\s*)' + Utils.preg_quote(encodeURIComponent(storeKey)) + '=([^;]+)'));
defaultPrefs[key] = result ? decodeURIComponent(result[1]) : ''; defaultPrefs[key] = result ? decodeURIComponent(result[1]) : '';
} }
} }
@ -771,7 +772,6 @@ TO-DOS
modKey = (svgedit.browser.isMac() ? 'meta+' : 'ctrl+'), // ⌘ modKey = (svgedit.browser.isMac() ? 'meta+' : 'ctrl+'), // ⌘
path = svgCanvas.pathActions, path = svgCanvas.pathActions,
undoMgr = svgCanvas.undoMgr, undoMgr = svgCanvas.undoMgr,
Utils = svgedit.utilities,
defaultImageURL = curConfig.imgPath + 'logo.png', defaultImageURL = curConfig.imgPath + 'logo.png',
workarea = $('#workarea'), workarea = $('#workarea'),
canv_menu = $('#cmenu_canvas'), canv_menu = $('#cmenu_canvas'),
@ -5099,7 +5099,7 @@ TO-DOS
editor.ready(function() { editor.ready(function() {
var pre = 'data:image/svg+xml;base64,'; var pre = 'data:image/svg+xml;base64,';
var src = str.substring(pre.length); var src = str.substring(pre.length);
loadSvgString(svgedit.utilities.decode64(src)); loadSvgString(Utils.decode64(src));
}); });
}; };

5
editor/svgutils.js
View File

@ -716,4 +716,9 @@ svgedit.utilities.snapToGrid = function(value) {
return value; return value;
}; };
svgedit.utilities.preg_quote = function (str, delimiter) {
// From: http://phpjs.org/functions
return String(str).replace(new RegExp('[.\\\\+*?\\[\\^\\]$(){}=!<>|:\\' + (delimiter || '') + '-]', 'g'), '\\$&');
};
}()); }());