hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-07 01:54:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix potentially unsafe external link

Browse Source
This commit is contained in:
Tim Donohue
2020-07-27 15:27:51 -05:00
parent 93903de1c5
commit 645a1800bb
1 changed files with 77 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

153
dspace-rest/src/main/webapp/static/reports/restReport.js
View File

@@ -15,7 +15,7 @@ var Report = function() {
this.ROOTPATH = "/xmlui/handle/"
//this.ROOTPATH = "/jspui/handle/"
//this.ROOTPATH = "/handle/"
//Indicate if Password Authentication is supported
this.makeAuthLink = function(){return false;};
@@ -27,34 +27,34 @@ var Report = function() {
this.getId = function(obj) {
return obj.uuid;
}
//Override this method is sortable.js has been included
this.hasSorttable = function() {
return false;
}
this.getDefaultParameters = function(){
return {};
}
this.getCurrentParameters = function(){
return {};
}
this.saveUrl = function() {
this.myReportParameters.saveAsUrl(this.getCurrentParameters());
}
this.getLoginPayload = function() {
//Placeholder to allow a customized report to prompt for email/password
//If not enabled, the authenticaton callback will be called immediately
var email = $("#restemail").val();
var pass = $("#restpass").val();
if (email == "" || pass == "") {
return undefined;
return undefined;
} else if (email == null || pass == null) {
return undefined;
return undefined;
} else {
return {email: email, password: pass};
return {email: email, password: pass};
}
}
this.getLangSuffix = function(){
@@ -82,15 +82,15 @@ var Report = function() {
className: 'spinner', // The CSS class to assign to the spinner
zIndex: 2e9, // The z-index (defaults to 2000000000)
top: '400px', // Top position relative to parent
left: '600px' // Left position relative to parent
left: '600px' // Left position relative to parent
});
this.displayItems = function(itemsTitle, offset, limit, total, funcdec, funcinc) {
var count = $("#itemtable tr.data").length;
var last = offset + limit;
var suff = "";
if (total == null) {
last = offset + count;
suff = (count == limit) ? " of " + last + "+ " : " of " + last;
@@ -102,7 +102,7 @@ var Report = function() {
suff = " of " + total;
}
suff += " unfiltered; displaying " + count + " filtered" ;
itemsTitle += " (" + (offset+1) + " - " + last + suff + ")";
$("#prev,#next").attr("disabled",true);
$("#itemdiv h3").text(itemsTitle);
@@ -110,34 +110,34 @@ var Report = function() {
if (offset > 0) $("#prev").attr("disabled", false);
$("#prev").off("click").on("click", funcdec);
//in case of filters, always allow next
if (total == null) {
$("#next").attr("disabled", false);
$("#next").attr("disabled", false);
} else if (offset + limit < total) {
$("#next").attr("disabled", false);
$("#next").attr("disabled", false);
$("#exlimit").addClass("red");
} else if (limit == total) {
//total may only be accurate to one page
$("#next").attr("disabled", false);
$("#next").attr("disabled", false);
$("#exlimit").addClass("red");
}
$("#next").off("click").on("click", funcinc);
}
this.myReportParameters = undefined;
this.myFilters = undefined;
this.myMetadataFields = undefined;
this.initMetadataFields = function() {
this.myMetadataFields = new MetadataFields(self);
this.myMetadataFields.load();
this.myMetadataFields.load();
}
this.initBitstreamFields = function() {
this.myBitstreamFields = new BitstreamFields(self);
this.myBitstreamFields.load();
this.myBitstreamFields.load();
}
this.baseInit = function() {
this.myReportParameters = new ReportParameters(
this.getDefaultParameters(),
@@ -173,13 +173,13 @@ var Report = function() {
});
return itemdata;
}
this.export = function(rows) {
var itemdata = "data:text/csv;charset=utf-8," + this.makeCsv(rows);
var encodedUri = encodeURI(itemdata);
window.open(encodedUri);
window.open(encodedUri);
}
//this is meant to be overridden for each report
this.exportCol = function(colnum, col) {
var data = "";
@@ -187,7 +187,7 @@ var Report = function() {
data += self.exportCell(col);
return data;
}
this.exportCell = function(col) {
data = "\"";
$(col).contents().each(function(i, node){
@@ -198,16 +198,16 @@ var Report = function() {
if ($(node).is("div:not(:last-child)")) {
data += "||";
}
}
}
});
data += "\"";
return data;
}
this.init = function() {
this.baseInit();
this.baseInit();
}
}
var Auth = function(report) {
@@ -242,17 +242,17 @@ var Auth = function(report) {
self.authStat();
self.callback();
}
});
});
}
this.verifyShibLogin = function() {
var self = this;
$.ajax({
url: "/rest/shibboleth-login",
url: "/rest/shibboleth-login",
success: self.authStat
});
}
this.authStat = function() {
var self = this;
$.ajax({
@@ -264,7 +264,7 @@ var Auth = function(report) {
success: function(data) {
var user = "";
if (data.email != undefined) {
user = data.email;
user = data.email;
} else {
user = "You are not logged in. Some items may be excluded from reports.";
}
@@ -279,10 +279,10 @@ var Auth = function(report) {
if (data.email == undefined && self.report.makeShibLink()) {
self.verifyShibLogin();
}
}
});
}
});
}
this.logout = function() {
var self = this;
$.ajax({
@@ -293,7 +293,7 @@ var Auth = function(report) {
complete: function(xhr, status) {
self.authStat();
}
});
});
}
this.getHeaders = function() {
var HEADERS = {};
@@ -314,14 +314,14 @@ var ReportParameters = function(defaultParams, prmstr) {
var field = tmparr[0];
var val = decodeURIComponent(tmparr[1]);
var pval = this.params[field];
if ($.isArray(pval)) {
pval[pval.length] = val;
pval[pval.length] = val;
} else {
this.params[field] = val;
}
}
$("#limit").val(this.params.limit);
$("#limit").val(this.params.limit);
$("#offset").val(this.params.offset);
this.limit = this.params.limit;
this.offset = this.params.offset;
@@ -350,11 +350,11 @@ var ReportParameters = function(defaultParams, prmstr) {
var lim = $("#limit").val();
if ($.isNumeric(val) && $.isNumeric(lim)) {
if (increment) {
$("#offset").val(this.getNextOffset());
$("#offset").val(this.getNextOffset());
} else {
$("#offset").val(this.getPrevOffset());
$("#offset").val(this.getPrevOffset());
}
}
}
}
this.saveAsUrl = function(params) {
@@ -381,7 +381,7 @@ var Filters = function() {
$("#filter-reload").attr("disabled", false);
}
);
$.getJSON(
"/rest/filters",
function(data){
@@ -444,13 +444,13 @@ var Filters = function() {
list = "none";
}
return list;
}
}
}
var MetadataFields = function(report) {
this.metadataSchemas = undefined;
var self = this;
this.load = function(){
$.ajax({
url: "/rest/registries/schema",
@@ -463,15 +463,15 @@ var MetadataFields = function(report) {
},
complete: function(xhr, status) {
}
});
});
}
this.initFields = function(data, report) {
var params = report.myReportParameters.params;
self.metadataSchemas = data;
self.drawShowFields(params["show_fields[]"]);
}
this.getShowFields = function(){
var val = $("#show-fields select").val();
return val == null ? Array() : val;
@@ -497,7 +497,7 @@ var MetadataFields = function(report) {
});
});
}
this.initQueries = function(){};
}
@@ -508,15 +508,15 @@ var BitstreamFields = function(report) {
}
this.map = [
{
key: "original-file-names",
name: "Original File Names",
key: "original-file-names",
name: "Original File Names",
ftest: self.isOriginal,
fval: function(bit) {
return bit.name;
}
},
{
key: "mime-type",
key: "mime-type",
name: "Mime Type",
ftest: self.isOriginal,
fval: function(bit) {
@@ -524,7 +524,7 @@ var BitstreamFields = function(report) {
}
},
{
key: "bitstream-format",
key: "bitstream-format",
name: "Bitstream Format",
ftest: self.isOriginal,
fval: function(bit) {
@@ -532,7 +532,7 @@ var BitstreamFields = function(report) {
}
},
{
key: "bitstream-description",
key: "bitstream-description",
name: "Bitstream Description",
ftest: self.isOriginal,
fval: function(bit) {
@@ -540,7 +540,7 @@ var BitstreamFields = function(report) {
}
},
{
key: "bitstream-size",
key: "bitstream-size",
name: "Bitstream Size",
ftest: self.isOriginal,
fval: function(bit) {
@@ -548,18 +548,18 @@ var BitstreamFields = function(report) {
}
},
{
key: "bitstream-checksum",
key: "bitstream-checksum",
name: "MD5 Checksum",
ftest: self.isOriginal,
fval: function(bit) {
if (bit.checkSum.checkSumAlgorithm === "MD5") {
return bit.checkSum.value;
return bit.checkSum.value;
}
return "";
}
},
];
this.load = function(){
self.initFields(report);
}
@@ -568,7 +568,7 @@ var BitstreamFields = function(report) {
var params = report.myReportParameters.params;
self.drawShowFieldsBits(params["show_fields_bits[]"]);
};
this.hasBitstreamFields = function() {
return self.getShowFieldsBits() != null;
}
@@ -576,20 +576,20 @@ var BitstreamFields = function(report) {
var val = $("#show-fields-bits select").val();
return val == null ? Array() : val;
}
this.drawShowFieldsBits = function(pfieldsBits) {
var sel = $("<select name='show_fields_bits'/>");
sel.attr("multiple","true").attr("size","8").appendTo("#show-fields-bits");
for(var i=0; i<this.map.length; i++) {
var opt = report.myHtmlUtil.addOpt(sel, this.map[i].name, this.map[i].key);
if (pfieldsBits != null) {
opt.attr("selected", pfieldsBits[this.map[i].key] != undefined ? "Y" : null);
opt.attr("selected", pfieldsBits[this.map[i].key] != undefined ? "Y" : null);
}
sel.append(opt);
sel.append(opt);
}
}
this.getKeyText = function(key, item, bitfields) {
var ret = [];
if (bitfields == null || item.bitstreams == null) {
@@ -608,20 +608,20 @@ var BitstreamFields = function(report) {
if (mapval == null) {
return ret;
}
$.each(item.bitstreams, function(colindex, bitstream) {
if (mapval.ftest(bitstream)) {
var val = mapval.fval(bitstream);
if (val != null) {
if (isNaN(val) || ret.length == 0) {
ret.push(val);
ret.push(val);
} else {
ret[0] += val;
}
}
}
});
});
return ret;
}
}
@@ -661,6 +661,7 @@ var HtmlUtil = function() {
a.append(val);
a.attr("href", href);
a.attr("target", "_blank");
a.attr("rel", "noopener noreferrer");
return a;
}
@@ -704,7 +705,7 @@ var CommunitySelector = function(report, parent, paramCollSel) {
var collSel = $("<select/>").attr("id","collSel").attr("name","collSel").attr("multiple", true).attr("size",15);
parent.append(collSel);
report.myHtmlUtil.addOpt(collSel, "Whole Repository", "");
$.ajax({
url: "/rest/hierarchy",
dataType: "json",
@@ -722,7 +723,7 @@ var CommunitySelector = function(report, parent, paramCollSel) {
},
complete: function(xhr, status) {
}
});
});
this.addCommLabel = function(collSel, comm, indent, paramCollSel) {
var prefix = "";
@@ -738,12 +739,12 @@ var CommunitySelector = function(report, parent, paramCollSel) {
opt.attr("selected", true);
}
});
});
});
}
if (comm.community != null) {
$.each(comm.community, function(index, scomm) {
self.addCommLabel(collSel, scomm, indent + 1, paramCollSel);
});
});
}
}
}
}