Download as
Browse Code »

Commit f9aacc7def8f3df3c603e073eee157d63962d6ae

Authored by Joenio Costa
Committed by Antonio Terceiro
1 parent 1abc299e
Exists in master and in 28 other branches 1.2+SPB2, 2_split_by_role, add_fields_in_api, api_fixies, api_pagination, api_private_token, api_tasks, article_hit_count, blog_page_bug, checkbox_to_user_can_edit_page, communities_ratings, communities_ratings_moderation, community_ratings_rebase, fix_cloned_article_parent, fix_gallery_image_url, fix_javascript_categories, fix_optional_fields, fix_suggest_article, fix_user_email_validation, highlight_block_fix, notification_plugin, notification_plugin_rebase, script_to_update, split_by_role, stable, temp_ratings, tests, tests_fixies

Fitering <script> tag from chat messages 

(ActionItem1730)
Showing 2 changed files with 2 additions and 1 deletions   Show diff stats
app/views/layouts/chat.rhtml
  Diff comments   View file @f9aacc7
@@ -5,7 +5,7 @@ @@ -5,7 +5,7 @@
5 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> 5 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
6 <meta name="description" content="<%= @environment.name %>" /> 6 <meta name="description" content="<%= @environment.name %>" />
7 <link rel="shortcut icon" href="<%= image_path(theme_favicon) %>" type="image/x-icon" /> 7 <link rel="shortcut icon" href="<%= image_path(theme_favicon) %>" type="image/x-icon" />
8 - <%= javascript_include_tag 'jquery-latest', 'jquery.noconflict', 'jquery-ui-1.8.2.custom.min', 'jquery.scrollTo', 'jquery.scrollabletab', 'strophejs-1.0.1/strophe', 'jquery.emoticon', '/designs/icons/pidgin/emoticons.js', 'ba-linkify', 'jquery.ba-hashchange', 'jquery.sound', 'application', 'chat', :cache => 'cache-chat' %> 8 + <%= javascript_include_tag 'prototype', 'jquery-latest', 'jquery.noconflict', 'jquery-ui-1.8.2.custom.min', 'jquery.scrollTo', 'jquery.scrollabletab', 'strophejs-1.0.1/strophe', 'jquery.emoticon', '/designs/icons/pidgin/emoticons.js', 'ba-linkify', 'jquery.ba-hashchange', 'jquery.sound', 'application', 'chat', :cache => 'cache-chat' %>
9 <%= stylesheet_link_tag noosfero_stylesheets, :cache => 'cache' %> 9 <%= stylesheet_link_tag noosfero_stylesheets, :cache => 'cache' %>
10 <%= stylesheet_link_tag icon_theme_stylesheet_path %> 10 <%= stylesheet_link_tag icon_theme_stylesheet_path %>
11 <%= stylesheet_link_tag theme_stylesheet_path %> 11 <%= stylesheet_link_tag theme_stylesheet_path %>
public/javascripts/chat.js
  Diff comments   View file @f9aacc7
@@ -499,6 +499,7 @@ jQuery(function($) { @@ -499,6 +499,7 @@ jQuery(function($) {
499 if (e.keyCode == 13) { 499 if (e.keyCode == 13) {
500 var jid = $(this).attr('data-to'); 500 var jid = $(this).attr('data-to');
501 var body = $(this).val(); 501 var body = $(this).val();
  502 + body = body.stripScripts();
502 Jabber.deliver_message(jid, body); 503 Jabber.deliver_message(jid, body);
503 $(this).val(''); 504 $(this).val('');
504 return false; 505 return false;