root/main/trunk/greenstone2/macros/extlink.dm @ 31975

Revision 30529, 0.9 KB (checked in by ak19, 4 years ago)

Implementing Dr Bainbridge's solution to fix the external link I'd broken in order to make external links safe/secure from XSS.

  • Property svn:executable set to *
  • Property svn:keywords set to Author Date Id Revision
Line 
1# this file must be UTF-8 encoded
2
3# If there are external links, call this function
4_extlinkscript_ {
5
6function follow_escaped_link (event, the_url) \{
7  //http://stackoverflow.com/questions/8614438/preventdefault-inside-onclick-attribute-of-a-tag
8  event.preventDefault(); 
9
10  //http://stackoverflow.com/questions/747641/what-is-the-difference-between-decodeuricomponent-and-decodeuri
11  the_url = decodeURIComponent(the_url);
12  var lastIndex = the_url.lastIndexOf("http://");
13  if(the_url.indexOf("http://") !== lastIndex) \{
14    the_url = the_url.substring(lastIndex);
15  \}
16  location.href = the_url;
17 
18\}
19
20}
21
22package extlink
23
24# override this to include _extlinkscript_
25_globalscripts_{
26<script language="javascript" type="text/javascript">
27_extlinkscript_
28</script>
29
30}
31
32_header_ {_htmlhead_}
33
34_foundcontent_ {
35
36<h3>_textextlink_</h3>
37
38<p> _textextlinkcontent_
39}
40
41_notfoundcontent_ {
42
43<h3>_textlinknotfound_</h3>
44
45<p> _textlinknotfoundcontent_
46}
Note: See TracBrowser for help on using the browser.