ponymail-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From humbed...@apache.org
Subject [incubator-ponymail] 01/02: Rename function, call in the appropriate place and bail
Date Sun, 03 Mar 2019 12:25:55 GMT
This is an automated email from the ASF dual-hosted git repository.

humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail.git

commit 7c032dac4ce5e9fcfd90fde4116a61660bbe6258
Author: Daniel Gruno <humbedooh@apache.org>
AuthorDate: Sun Mar 3 13:25:23 2019 +0100

    Rename function, call in the appropriate place and bail
    
    - Calling the sanitizer before URL states were pushed resulted in
      some URL resets that were unintended.
    - Rename the sanitizer
    - Bail on invalid adresses, we don't need to fetch stats at all,
      we know it'll fail
---
 site/js/dev/ponymail_helperfuncs.js |  8 ++++----
 site/js/dev/ponymail_pagebuilder.js | 10 +++++++++-
 site/js/dev/ponymail_seeders.js     |  2 --
 site/js/dev/ponymail_trends.js      |  6 +++++-
 4 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/site/js/dev/ponymail_helperfuncs.js b/site/js/dev/ponymail_helperfuncs.js
index 2feea2e..b6ad259 100644
--- a/site/js/dev/ponymail_helperfuncs.js
+++ b/site/js/dev/ponymail_helperfuncs.js
@@ -176,10 +176,10 @@ function isArray(obj) {
 }
 
 
-// sanitize_domain: only accept valid mailing list IDs
-function sanitize_domain(val) {
-    var m = val.match(/[-@a-z.0-9]+/);
-    return m ? m[0] : "unknown";
+// ML address: only accept valid mailing list IDs
+function sanitize_address(val) {
+    var m = val.match(/^[-@A-Za-z.0-9]+$/);
+    return m ? m[0] : "INVALID";
 }
 // Check for slow URLs every 0.1 seconds
 window.setInterval(checkForSlows, 100)
diff --git a/site/js/dev/ponymail_pagebuilder.js b/site/js/dev/ponymail_pagebuilder.js
index 9696fda..cda67ca 100644
--- a/site/js/dev/ponymail_pagebuilder.js
+++ b/site/js/dev/ponymail_pagebuilder.js
@@ -391,7 +391,15 @@ function getListInfo(list, xdomain, nopush) {
     }
     if ((xdomain == undefined || xdomain == "") && list) {
         xdomain = list.replace(/^.*?@/, "")
-        
+    }
+    
+    if (list) list = sanitize_address(list);
+    if (xdomain) xdomain = sanitize_address(xdomain);
+    
+    // If invalid address passed, complain and exit - no need to attempt fetching stats
+    if (list == 'INVALID' || xdomain == 'INVALID') {
+        alert("Invalid mailing list address supplied!");
+        return
     }
     
     // Sort lists by usage before we enter here...
diff --git a/site/js/dev/ponymail_seeders.js b/site/js/dev/ponymail_seeders.js
index fa02cc1..d892923 100644
--- a/site/js/dev/ponymail_seeders.js
+++ b/site/js/dev/ponymail_seeders.js
@@ -54,8 +54,6 @@ function seedPrefs(json, state) {
 // preGetListInfo: Callback that fetches preferences and sets up list data
 // invoked by onload in list.html and search.html
 function preGetListInfo(list, xdomain, nopush) {
-    if (list) list = sanitize_domain(list);
-    if (xdomain) xdomain = sanitize_domain(xdomain);
     GetAsync("/api/preferences.lua", {
         l: list,
         x: xdomain,
diff --git a/site/js/dev/ponymail_trends.js b/site/js/dev/ponymail_trends.js
index f4b3d87..eeec976 100644
--- a/site/js/dev/ponymail_trends.js
+++ b/site/js/dev/ponymail_trends.js
@@ -287,7 +287,11 @@ function gatherTrends() {
     var dspan = a_arr[1]
     var query = a_arr[2]
     
-    list = sanitize_domain(list);
+    list = sanitize_address(list);
+    if (list == 'INVALID') {
+        alert("Invalid mailing list address supplied!");
+        return
+    }
     
     // Try to detect header searches, if present
     var nquery = ""


Mime
View raw message