- Timestamp:
- 2019-02-13T17:46:00+13:00 (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/web/interfaces/default/js/document_scripts.js
r32767 r32772 25 25 ********************/ 26 26 27 function makeURLSafe(url) { 28 29 url = url.replace(/ /g, "%20").replace(/\//g, "%2F").replace(/\:/g, "%3A").replace(/=/g, "%3D").replace(/\[/g,"%5B").replace(/\]/g,"%5D"); 30 return url; 27 /* 28 Tomcat 8 appears to be stricter in requiring unsafe and reserved chars 29 in URLs to be escaped with URL encoding 30 See section "Character Encoding Chart of 31 https://perishablepress.com/stop-using-unsafe-characters-in-urls/ 32 Reserved chars: 33 ; / ? : @ = & 34 -----> %3B %2F %3F %3A %40 %3D %26 35 Unsafe chars: 36 " < > # % { } | \ ^ ~ [ ] ` and SPACE/BLANK 37 ----> %22 %3C %3E %23 %25 %7B %7D %7C %5C %5E ~ %5B %5D %60 and %20 38 But the above conflicts with the reserved vs unreserved listings at 39 https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURI 40 Possibly more info: https://stackoverflow.com/questions/1547899/which-characters-make-a-url-invalid 41 42 */ 43 /* URL encode RESERVED characters in a non-URL context of a URL, such as the inline template (ilt) parameter value of a URL */ 44 function makeSafeForURL(url_part) { 45 // https://stackoverflow.com/questions/7368407/javascript-replace-a-set-of-characters-with-another-one 46 var reserved_mappings = { 47 ';': '%3B', 48 '/': '%2F', 49 '?': '%3F', 50 ':': '%3A', 51 '@': '%40', 52 '=': '%3D', 53 '&': '%26' 54 }; 55 56 encode_percentages = 1; // to force the URL-encoding of any % in url_part, do this for inline-templates that haven't ever been encoded 57 url_part = makeURLSafe(url_part, encode_percentages); 58 59 var url_encoded = url_part.replace(/[\;\/\?\:\@\=\&]/g, function(s) { 60 return reserved_mappings[s]; 61 }); 62 63 //var url_encoded = url_part.replace(/;/g, "%3B").replace(/\//g, "%2F").replace(/\?/g, "%3F").replace(/\:/g, "%3A").replace(/\@/g, "%40").replace(/=/g, "%3D").replace(/\&/g,"%26"); 64 return url_encoded; 65 } 66 67 /* 68 URL encode UNSAFE characters to make URL valid 69 Set encode_percentages to 1 (true) if the url isn't already partly URL encoded 70 */ 71 function makeURLSafe(url, encode_percentages) { 72 // https://stackoverflow.com/questions/12797118/how-can-i-declare-optional-function-parameters-in-javascript 73 encode_percentages = encode_percentages || 0; 74 75 var unsafe_mappings = { 76 ' ': '%20', 77 '"': '%22', 78 '<': '%3C', 79 '>': '%3E', 80 '#': '%23', 81 '{': '%7B', 82 '}': '%7D', 83 '|': '%7C', 84 '\\': '%5C', 85 '^': '%5E', 86 //'~': '~', // unreserved char (but is it then unsafe?), as per https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURI 87 '[': '%5B', 88 ']': '%5D', 89 '`': '%60' 90 }; 91 92 var url_encoded = url; 93 if(encode_percentages) { 94 // https://stackoverflow.com/questions/1168807/how-can-i-add-a-key-value-pair-to-a-javascript-object 95 //unsafe_mappings["%"] = "%25"; 96 url_encoded = url_encoded.replace(/\%/g,"%25"); // encode % first 97 98 } 99 url_encoded = url_encoded.replace(/[\ \"\<\>\#\{\}\|\\\^\[\]\`]/g, function(s) { 100 return unsafe_mappings[s]; 101 }); 102 103 104 //var url_encoded = url; 105 ///if(encode_percentages) { url_encoded = url_encoded.replace(/\%/g,"%25"); } // encode % first 106 //url_encoded = url_encoded.replace(/ /g, "%20").replace(/\"/g,"%22").replace(/\</g,"%3C").replace(/\>/g,"%3E").replace(/\#/g,"%23").replace(/\{/g,"%7B").replace(/\}/g,"%7D"); 107 //url_encoded = url_encoded.replace(/\|/g,"%7C").replace(/\\/g,"%5C").replace(/\^/g,"%5E").replace(/\[/g,"%5B").replace(/\]/g,"%5D").replace(/\`/g,"%60"); 108 109 return url_encoded; 31 110 } 32 111 … … 47 126 template += '</xsl:template>'; 48 127 49 template = make URLSafe(template);128 template = makeSafeForURL(template); 50 129 51 130 var hlCheckBox = document.getElementById("highlightOption"); … … 117 196 template += '</xsl:template>'; 118 197 119 template = make URLSafe(template);198 template = makeSafeForURL(template); 120 199 var url = gs.xsltParams.library_name + "/collection/" + gs.cgiParams.c + "/document/" + sectionID + "?ilt=" + template; 121 200 … … 686 765 ilt += '</xsl:template>'; 687 766 688 ilt = make URLSafe(ilt);767 ilt = makeSafeForURL(ilt); 689 768 690 769 … … 951 1030 template += '</html>'; 952 1031 template += '</xsl:template>'; 953 template = make URLSafe(template);1032 template = makeSafeForURL(template); 954 1033 var url = href + "?noText=1&ilt=" + template; 955 1034 … … 1355 1434 template += ']</images>'; 1356 1435 template += '</xsl:template>'; 1357 template = make URLSafe(template);1436 template = makeSafeForURL(template); 1358 1437 var url = gs.xsltParams.library_name + "/collection/" + gs.cgiParams.c + "/document/" + gs.cgiParams.d + "?ed=1&ilt=" + template; 1359 1438
Note:
See TracChangeset
for help on using the changeset viewer.