Commit Graph

638 Commits (dd9e3b4864a127942e65c6297b6712fca2e4014c)

Author SHA1 Message Date
Brett Zamir 1e2e6529d2 Critical privacy/data integrity fix: Move cross-domain capable message listener into own extension (ext-xdomain-messaging.js) and do not include by default (the extension now won't work anyways without an allowedOrigins config first being set (in config.js) for security reasons (and not via URL)); add allowedOrigins config and demo use in config-sample.js; JSLint; update embedapi.html to supply the xdomain extension in case running xdomain (again, allowedOrigins must be supplied in the local copy of config.js for this to work); modify embedapi.js to allow reuse of cross-domain API with same-domain usage, but without the intermediate JSON parsing which could lose some non-JSONable arguments or response.
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2714 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-22 04:08:24 +00:00
Brett Zamir bb75f34ec3 Require extensions to begin with "ext-" and end with ".js" to prevent URL-prompted loading of other files within the extPath.
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2712 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-19 05:26:46 +00:00
Brett Zamir 48f6dd42ca Simplify storage checking/access
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2711 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-19 04:36:49 +00:00
Brett Zamir dc1bf5d88c Safer encoding of cookies; ensure emptyStorageOnDecline only works with explicit decline (and as before, with config so set); add cookie removal to emptyStorageOnDecline behavior
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2709 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-19 01:37:21 +00:00
Brett Zamir cb02aad1f7 Mention locale editor methods in svg-editor.js
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2708 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-19 00:46:52 +00:00
Brett Zamir 51dcf01415 Minor: Avoid internal use of svgEditor, fix comment
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2706 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-18 23:57:49 +00:00
Brett Zamir e463b43220 1. Reference config.js in the editor (and remove encouragement for adding extensions to HTML) but ignore config.js in SVN (let user configure) but supply config-sample.js to indicate config/pref/extension possibilities;
2. Move ext-overview_window.js to default but overridable list of extensions (as with other extensions);
3. Allow extensions to avoid problems if failing to return an object (in svgcanvas.js);
4. Support new langReady callback to ensure extension always called when locale info is ready (and always load locale, even English);
5. Move localStorage storing to a new (i18n-ized and available-by-default) storage extension which adds a dialog asking user for whether to store prefs and/or SVG content; $.pref() now falls back to checking defaultPrefs (which may have been expanded at runtime to include URL or storage settings); use new config "forceStorage" to get old (bad) behavior
6. Remove initial cap from "Editor" to reflect singleton nature of object (as compared to JSLint conventions for initial cap constructors);
7. Begin a little JSDoc, clearer grouping of properties/methods; JSLint/clean-up
8. Omit values for lang and iconsize to be successfully auto-detected; 9. Document "save_notice_done" and "export_notice_done" within list of prefs; document "showlayers" and "no_save_warning" as config
10. Add "preventAllURLConfig" and "preventURLContentLoading" config for URL security; 
11. Add "lockExtensions" and "noDefaultExtensions" config for URL behavior re: extension loading
12. Document "showGrid", and new "noStorageOnLoad" and "emptyStorageOnDecline" extension-related config
13. Change setConfig to allow a second object with "overwrite" and "allowInitialUserOverride" properties and to behave accordingly (with URL config acting with overwrite=false to act under lower priority given security concern), along with checking "preventAllURLConfig" and "lockExtensions" config.
14. Remove any dupe extensions
15. Strip all path config from URL setting in addition to extPath (imgPath, langPath, jGraduatePath)
16. Support select+checkbox type dialog (used for storage ext.)
17. Ensure clickSelect is public so can be properly used by ext-connector.js
18. Reinstate 'in' checks just to be safe
19. Fix broken linkControlPoints() and addSubPath() functions
20. Fix problem when position returned by extension object was too high (e.g., if too few other extensions were included).

git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2705 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-18 15:06:27 +00:00
Brett Zamir d63ed88e25 Rename PNG files accordingly
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2687 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-11 02:03:54 +00:00
Brett Zamir 74810573b2 Change group to group_elements (though keep duplicate group under old name in case it is supposed to have a different function)
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2686 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-11 01:58:57 +00:00
Brett Zamir f378e667fb Further documenting of $.pref
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2684 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-11 00:05:59 +00:00
Brett Zamir cc780f39e6 Document $.pref
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2683 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-11 00:05:17 +00:00
Brett Zamir 05dc118abe JSLint (minor)
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2682 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 13:50:55 +00:00
Brett Zamir 645ab15976 Add missing 'e'
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2681 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 13:46:19 +00:00
Brett Zamir 6e5905370d Add e.returnValue in addEventListener('beforeunload') for sake of Firefox
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2680 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 13:45:48 +00:00
Brett Zamir 6a9cf9551a Finish most of svg-editor.js JSLint
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2678 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 13:14:38 +00:00
Brett Zamir 2b9e299240 Ensure panning extension can be over-ridden via URL
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2676 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 11:39:33 +00:00
Brett Zamir 5352fe0a64 JSLint (including avoiding global)
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2675 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 10:53:51 +00:00
Brett Zamir ba5aaeb1f0 JSLint
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2674 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 10:21:55 +00:00
Brett Zamir 6d4ec994f0 Clarify exportImage option in comments
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2672 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 05:54:17 +00:00
Brett Zamir 7295eece09 Potentially breaking change: Prevent setting of extPath via URL and prevent setting of cross-domain or cross-folder extensions via URL, i.e., if the extensions string possesses the character ":", "/", or, to be extra safe, "\", (issue #4 of mailing list post "Agenda for resolving security issues"). extPath and extensions can still be meaningfully set freely via setConfig calls, e.g., "svgCanvas.setConfig({extPath: ..., extensions: ...});" if made before Editor.init() is called in svg-editor.js (which is called on a jQuery ready (i.e., DOMContentLoaded) event). To avoid modifying svg-editor.html, one could build an extension which loaded its own scripts as done by the simple extFunc() function in svg-editor.js, but this would occur a little later (Should we export extFunc() for this usage?).
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2671 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-10 05:33:05 +00:00
Brett Zamir bc3f7923e0 Very minor clean-up
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2668 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-04 04:08:24 +00:00
Brett Zamir 515de36d65 Check for urldata.extPath!
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2657 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 12:22:20 +00:00
Brett Zamir 51ed2f6106 JSLint
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2653 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 10:55:18 +00:00
Brett Zamir 4d42195d63 Properly prevent "extensions" in URL
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2650 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 08:23:27 +00:00
Brett Zamir 712c52ed54 Critical security fix preventing cross-domain extensions or extension path via URL
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2648 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 07:13:47 +00:00
Brett Zamir 75bd787023 JSLint
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2644 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 02:13:37 +00:00
Brett Zamir afa427a4a2 Begin JSLint journey
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2640 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 00:27:46 +00:00
Brett Zamir 6b5a4e645e change beforeunload to use addEventListener (only supporting IE9 now and better to allow multiple if user wishes); also CamelCase internal variable for consistency; add brackets
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2639 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-01-31 00:06:50 +00:00
Brett Zamir 395badc387 Avoid duplicate sliders when switching between WEBP and JPEG (thanks adrianbjones for the report!); fix tabs
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2616 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-29 07:07:09 +00:00
Brett Zamir 5ff2311348 Making tabbing consistent
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2615 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-29 06:54:31 +00:00
Brett Zamir 6ad70cf440 Prevent error when disabling image label
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2612 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-29 03:58:24 +00:00
Brett Zamir 2b35ec344b Prevent errors in svg-editor when imagelib extension is used; Update imagelib to proper HTML5 with charset
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2611 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-29 03:43:10 +00:00
Brett Zamir f8aeacd7a8 Support PNG, JPEG, BMP, WEBP export formats by change of "Export to PNG" menu item into "Export" with its own pull-down dialog (and a HTML5 range type input element for "quality" selection for JPEG or WEBP files), including changes for the server_opensave extension; change locale key from "export_png" to "export_img" and change the corresponding localized strings (currently CS, DE, ES, FR, IT, NL, PT-BR, RO, SK, all reset to English to avoid translation errors); within the setCustomHandlers() API, deprecate "pngsave" in favor of "exportImage" (chosen to avoid just using the simpler but reserved JS keyword "export") including use within the server_opensave extension; a few JSLint-friendly changes
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2602 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-28 03:53:30 +00:00
Brett Zamir c54b7865e1 Fix arguments passing in new postMessage code
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2594 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-14 03:15:16 +00:00
Brett Zamir c75661c758 Indent consistency per file
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2591 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-14 01:50:42 +00:00
Brett Zamir 80c16aa6ef Move back to string messages for postMessage for sake of IE9 (though not with eval); avoid IE9 error with localStorage and missing select icon
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2590 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-14 01:24:52 +00:00
Brett Zamir ffde8814ac Fix security issue by avoiding use of eval() within postMessage calls between embedAPI and main editor (also namespace the messages and protect the imagelib extension message listener from non-string messages); avoid embedAPI's unneeded randomizing of callback IDs in favor of incrementing; deprecate old embedded_svg_edit API name in favor of JS/JSLint-friendly EmbeddedSVGEdit name (and allow it to be instantiated w/o new keyword); JSLint/HTML5-ize embedAPI files, remove HTML5/browser-optional type="text/javascript", remove unused comments for embedAPI
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2585 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-13 23:59:32 +00:00
Brett Zamir 109cbaf99b Remove 2-space sequences
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2584 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-13 23:23:08 +00:00
Brett Zamir 62a7c13e9c Consistent indentation (tab seemed to be main convention in this file, so changed to tab)
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2581 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-12 03:08:26 +00:00
Mike Baynton af639eb56b Fix vertical position of flyouts from left toolbar when viewport <= 1250px
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2562 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-10-07 01:35:01 +00:00
James Sacksteder 3887d822b2 Added a thumbnail overview as described in Issue 208 part 6.
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2533 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-09-23 18:55:52 +00:00
薄成文 7b986e56ef fix a bug of layer changes.
see :http://code.google.com/p/svg-edit/issues/detail?id=1099

git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2516 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-06-07 14:16:00 +00:00
Adrian Jones 5b641cb5c0 Two more loading messages for Import and Open of images.
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2513 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-05-29 01:39:37 +00:00
Adrian Jones 61295b83e6 Simplified the loading image from URL message to make use of existing dialog box types and text strings
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2512 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-05-28 22:29:14 +00:00
Adrian Jones f924e34fba Add loading message when loading image from URL. Complex SVGs take a long time to render!
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2510 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-05-08 17:29:18 +00:00
Bruno Heridet f6dcf51e37 cleaned up populateLayers()
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2467 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-02-23 19:22:00 +00:00
Bruno Heridet 78cb0e48bb added missing radix and misc formatting
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2466 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-02-23 18:56:45 +00:00
Bruno Heridet 4cdacdc168 improved loosed type coercion for reorient tool
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2465 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-02-23 18:34:23 +00:00
Bruno Heridet 541a981a21 removed non properly deleted test config introduced in r1467
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2464 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-02-23 18:09:16 +00:00
Bruno Heridet 0e92ca4a0e switched from properlySourceSizeTextArea() to a full CSS equivalent to optimize DOM repaint
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2463 eee81c28-f429-11dd-99c0-75d572ba1ddd
2013-02-23 18:05:15 +00:00