Author: jchris Date: Thu Jun 24 16:53:43 2010 New Revision: 957622 URL: http://svn.apache.org/viewvc?rev=957622&view=rev Log: proper docid escaping in Futon view display, thanks Paul Bonser. Closes COUCHDB-748
Modified: couchdb/trunk/THANKS couchdb/trunk/share/www/script/futon.browse.js couchdb/trunk/share/www/script/futon.format.js Modified: couchdb/trunk/THANKS URL: http://svn.apache.org/viewvc/couchdb/trunk/THANKS?rev=957622&r1=957621&r2=957622&view=diff ============================================================================== --- couchdb/trunk/THANKS (original) +++ couchdb/trunk/THANKS Thu Jun 24 16:53:43 2010 @@ -62,5 +62,6 @@ suggesting improvements or submitting ch * Dmitry Unkovsky <oil.cray...@gmail.com> * Zachary Zolton <zachary.zol...@gmail.com> * Brian Jenkins <bonky...@bonkydog.com> + * Paul Bonser <p...@paulbonser.com> For a list of authors see the `AUTHORS` file. Modified: couchdb/trunk/share/www/script/futon.browse.js URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/futon.browse.js?rev=957622&r1=957621&r2=957622&view=diff ============================================================================== --- couchdb/trunk/share/www/script/futon.browse.js [utf-8] (original) +++ couchdb/trunk/share/www/script/futon.browse.js [utf-8] Thu Jun 24 16:53:43 2010 @@ -152,7 +152,7 @@ page.viewName.indexOf("/_view")); db.compactView(groupname, {success: function(resp) { callback() }}); break; - case "view_cleanup": + case "view_cleanup": db.viewCleanup({success: function(resp) { callback() }}); break; } @@ -178,7 +178,7 @@ } }); } - + this.databaseSecurity = function() { $.showDialog("dialog/_database_security.html", { load : function(d) { @@ -672,7 +672,7 @@ if (row.id) { $("<td class='key'><a href='document.html?" + encodeURIComponent(db.name) + "/" + $.couch.encodeDocId(row.id) + "'><strong></strong><br>" + - "<span class='docid'>ID: " + row.id + "</span></a></td>") + "<span class='docid'>ID: " + $.futon.escape(row.id) + "</span></a></td>") .find("strong").text(key).end() .appendTo(tr); } else { @@ -851,7 +851,7 @@ return true; } catch (err) { var msg = err.message; - if (msg == "parseJSON" || msg == "JSON.parse") { + if (msg == "parseJSON" || msg == "JSON.parse") { msg = "There is a syntax error in the document."; } $("<div class='error'></div>").text(msg).appendTo(this); Modified: couchdb/trunk/share/www/script/futon.format.js URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/futon.format.js?rev=957622&r1=957621&r2=957622&view=diff ============================================================================== --- couchdb/trunk/share/www/script/futon.format.js [utf-8] (original) +++ couchdb/trunk/share/www/script/futon.format.js [utf-8] Thu Jun 24 16:53:43 2010 @@ -13,6 +13,11 @@ (function($) { $.futon = $.futon || {}; $.extend($.futon, { + escape: function(string) { + return string.replace(/&/g, "&") + .replace(/</g, "<") + .replace(/>/g, ">"); + }, // JSON pretty printing formatJSON: function(val, options) { @@ -24,12 +29,6 @@ }, options || {}); var itemsep = options.linesep.length ? "," + options.linesep : ", "; - function escape(string) { - return string.replace(/&/g, "&") - .replace(/</g, "<") - .replace(/>/g, ">"); - } - function format(val, depth) { var tab = []; for (var i = 0; i < options.indent * depth; i++) tab.push(""); @@ -45,7 +44,7 @@ retval = indentLines(retval.replace(/\r\n/g, "\n"), tab.substr(options.indent)); } else { if (options.html) { - retval = escape(JSON.stringify(val)); + retval = $.futon.escape(JSON.stringify(val)); } else { retval = JSON.stringify(val); } @@ -92,7 +91,7 @@ if (options.quoteKeys) { keyDisplay = keyDisplay.substr(1, keyDisplay.length - 2); } - keyDisplay = "<code class='key'>" + escape(keyDisplay) + "</code>"; + keyDisplay = "<code class='key'>" + $.futon.escape(keyDisplay) + "</code>"; if (options.quoteKeys) { keyDisplay = '"' + keyDisplay + '"'; } @@ -118,7 +117,7 @@ function indentLines(text, tab) { var lines = text.split("\n"); for (var i in lines) { - lines[i] = (i > 0 ? tab : "") + escape(lines[i]); + lines[i] = (i > 0 ? tab : "") + $.futon.escape(lines[i]); } return lines.join("<br>"); }