Last change
on this file since 30529 was 30529, checked in by ak19, 8 years ago |
Implementing Dr Bainbridge's solution to fix the external link I'd broken in order to make external links safe/secure from XSS.
|
-
Property svn:executable
set to
*
-
Property svn:keywords
set to
Author Date Id Revision
|
File size:
950 bytes
|
Rev | Line | |
---|
[7343] | 1 | # this file must be UTF-8 encoded
|
---|
| 2 |
|
---|
[30529] | 3 | # If there are external links, call this function
|
---|
| 4 | _extlinkscript_ {
|
---|
| 5 |
|
---|
| 6 | function follow_escaped_link (event, the_url) \{
|
---|
| 7 | //http://stackoverflow.com/questions/8614438/preventdefault-inside-onclick-attribute-of-a-tag
|
---|
| 8 | event.preventDefault();
|
---|
| 9 |
|
---|
| 10 | //http://stackoverflow.com/questions/747641/what-is-the-difference-between-decodeuricomponent-and-decodeuri
|
---|
| 11 | the_url = decodeURIComponent(the_url);
|
---|
| 12 | var lastIndex = the_url.lastIndexOf("http://");
|
---|
| 13 | if(the_url.indexOf("http://") !== lastIndex) \{
|
---|
| 14 | the_url = the_url.substring(lastIndex);
|
---|
| 15 | \}
|
---|
| 16 | location.href = the_url;
|
---|
| 17 |
|
---|
| 18 | \}
|
---|
| 19 |
|
---|
| 20 | }
|
---|
| 21 |
|
---|
[725] | 22 | package extlink
|
---|
| 23 |
|
---|
[30529] | 24 | # override this to include _extlinkscript_
|
---|
| 25 | _globalscripts_{
|
---|
| 26 | <script language="javascript" type="text/javascript">
|
---|
| 27 | _extlinkscript_
|
---|
| 28 | </script>
|
---|
| 29 |
|
---|
| 30 | }
|
---|
| 31 |
|
---|
[876] | 32 | _header_ {_htmlhead_}
|
---|
[725] | 33 |
|
---|
[876] | 34 | _foundcontent_ {
|
---|
[725] | 35 |
|
---|
[876] | 36 | <h3>_textextlink_</h3>
|
---|
[725] | 37 |
|
---|
[876] | 38 | <p> _textextlinkcontent_
|
---|
| 39 | }
|
---|
[725] | 40 |
|
---|
| 41 | _notfoundcontent_ {
|
---|
| 42 |
|
---|
[876] | 43 | <h3>_textlinknotfound_</h3>
|
---|
[725] | 44 |
|
---|
[876] | 45 | <p> _textlinknotfoundcontent_
|
---|
| 46 | }
|
---|
Note:
See
TracBrowser
for help on using the repository browser.