Diffstat (limited to 'frontend/beta/js/Clipperz/Base.js') (more/less context) (ignore whitespace changes)
-rw-r--r-- | frontend/beta/js/Clipperz/Base.js | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/frontend/beta/js/Clipperz/Base.js b/frontend/beta/js/Clipperz/Base.js index cf40314..1c6faa1 100644 --- a/frontend/beta/js/Clipperz/Base.js +++ b/frontend/beta/js/Clipperz/Base.js | |||
@@ -57,247 +57,275 @@ MochiKit.Base.update(Clipperz.Base, { | |||
57 | 57 | ||
58 | c = aValue.length; | 58 | c = aValue.length; |
59 | for (i=0; i<c; i++) { | 59 | for (i=0; i<c; i++) { |
60 | result[i] = aValue.charCodeAt(i); | 60 | result[i] = aValue.charCodeAt(i); |
61 | } | 61 | } |
62 | 62 | ||
63 | return result; | 63 | return result; |
64 | }, | 64 | }, |
65 | 65 | ||
66 | //......................................................................... | 66 | //......................................................................... |
67 | 67 | ||
68 | 'byteArrayToString': function (anArrayOfBytes) { | 68 | 'byteArrayToString': function (anArrayOfBytes) { |
69 | varresult; | 69 | varresult; |
70 | var i, c; | 70 | var i, c; |
71 | 71 | ||
72 | result = ""; | 72 | result = ""; |
73 | 73 | ||
74 | c = anArrayOfBytes.length; | 74 | c = anArrayOfBytes.length; |
75 | for (i=0; i<c; i++) { | 75 | for (i=0; i<c; i++) { |
76 | result += String.fromCharCode(anArrayOfBytes[i]); | 76 | result += String.fromCharCode(anArrayOfBytes[i]); |
77 | } | 77 | } |
78 | 78 | ||
79 | return result; | 79 | return result; |
80 | }, | 80 | }, |
81 | 81 | ||
82 | //------------------------------------------------------------------------- | 82 | //------------------------------------------------------------------------- |
83 | 83 | ||
84 | 'getValueForKeyInFormContent': function (aFormContent, aKey) { | 84 | 'getValueForKeyInFormContent': function (aFormContent, aKey) { |
85 | return aFormContent[1][MochiKit.Base.find(aFormContent[0], aKey)]; | 85 | return aFormContent[1][MochiKit.Base.find(aFormContent[0], aKey)]; |
86 | }, | 86 | }, |
87 | 87 | ||
88 | //------------------------------------------------------------------------- | 88 | //------------------------------------------------------------------------- |
89 | 89 | ||
90 | 'indexOfObjectInArray': function(anObject, anArray) { | 90 | 'indexOfObjectInArray': function(anObject, anArray) { |
91 | varresult; | 91 | varresult; |
92 | vari, c; | 92 | vari, c; |
93 | 93 | ||
94 | result = -1; | 94 | result = -1; |
95 | 95 | ||
96 | c = anArray.length; | 96 | c = anArray.length; |
97 | for (i=0; ((i<c) && (result < 0)); i++) { | 97 | for (i=0; ((i<c) && (result < 0)); i++) { |
98 | if (anArray[i] === anObject) { | 98 | if (anArray[i] === anObject) { |
99 | result = i; | 99 | result = i; |
100 | } | 100 | } |
101 | } | 101 | } |
102 | 102 | ||
103 | return result; | 103 | return result; |
104 | }, | 104 | }, |
105 | 105 | ||
106 | 'removeObjectAtIndexFromArray': function(anIndex, anArray) { | 106 | 'removeObjectAtIndexFromArray': function(anIndex, anArray) { |
107 | anArray.splice(anIndex, 1); | 107 | anArray.splice(anIndex, 1); |
108 | }, | 108 | }, |
109 | 109 | ||
110 | 'removeObjectFromArray': function(anObject, anArray) { | 110 | 'removeObjectFromArray': function(anObject, anArray) { |
111 | varobjectIndex; | 111 | varobjectIndex; |
112 | 112 | ||
113 | objectIndex = Clipperz.Base.indexOfObjectInArray(anObject, anArray); | 113 | objectIndex = Clipperz.Base.indexOfObjectInArray(anObject, anArray); |
114 | if (objectIndex > -1) { | 114 | if (objectIndex > -1) { |
115 | Clipperz.Base.removeObjectAtIndexFromArray(objectIndex, anArray); | 115 | Clipperz.Base.removeObjectAtIndexFromArray(objectIndex, anArray); |
116 | } else { | 116 | } else { |
117 | // jslog.error("Trying to remove an object not present in the array"); | 117 | // jslog.error("Trying to remove an object not present in the array"); |
118 | //TODO: raise an exception | 118 | //TODO: raise an exception |
119 | } | 119 | } |
120 | }, | 120 | }, |
121 | 121 | ||
122 | 'removeFromArray': function(anArray, anObject) { | 122 | 'removeFromArray': function(anArray, anObject) { |
123 | return Clipperz.Base.removeObjectFromArray(anObject, anArray); | 123 | return Clipperz.Base.removeObjectFromArray(anObject, anArray); |
124 | }, | 124 | }, |
125 | 125 | ||
126 | //------------------------------------------------------------------------- | 126 | //------------------------------------------------------------------------- |
127 | 127 | ||
128 | 'splitStringAtFixedTokenSize': function(aString, aTokenSize) { | 128 | 'splitStringAtFixedTokenSize': function(aString, aTokenSize) { |
129 | var result; | 129 | var result; |
130 | varstringToProcess; | 130 | varstringToProcess; |
131 | 131 | ||
132 | stringToProcess = aString; | 132 | stringToProcess = aString; |
133 | result = []; | 133 | result = []; |
134 | if (stringToProcess != null) { | 134 | if (stringToProcess != null) { |
135 | while (stringToProcess.length > aTokenSize) { | 135 | while (stringToProcess.length > aTokenSize) { |
136 | result.push(stringToProcess.substring(0, aTokenSize)); | 136 | result.push(stringToProcess.substring(0, aTokenSize)); |
137 | stringToProcess = stringToProcess.substring(aTokenSize); | 137 | stringToProcess = stringToProcess.substring(aTokenSize); |
138 | } | 138 | } |
139 | 139 | ||
140 | result.push(stringToProcess); | 140 | result.push(stringToProcess); |
141 | } | 141 | } |
142 | 142 | ||
143 | return result; | 143 | return result; |
144 | }, | 144 | }, |
145 | 145 | ||
146 | //------------------------------------------------------------------------- | 146 | //------------------------------------------------------------------------- |
147 | 147 | ||
148 | 'objectType': function(anObject) { | 148 | 'objectType': function(anObject) { |
149 | var result; | 149 | var result; |
150 | 150 | ||
151 | if (anObject == null) { | 151 | if (anObject == null) { |
152 | result = null; | 152 | result = null; |
153 | } else { | 153 | } else { |
154 | result = typeof(anObject); | 154 | result = typeof(anObject); |
155 | 155 | ||
156 | if (result == "object") { | 156 | if (result == "object") { |
157 | if (anObject instanceof Array) { | 157 | if (anObject instanceof Array) { |
158 | result = 'array' | 158 | result = 'array' |
159 | } else if (anObject.constructor == Boolean) { | 159 | } else if (anObject.constructor == Boolean) { |
160 | result = 'boolean' | 160 | result = 'boolean' |
161 | } else if (anObject instanceof Date) { | 161 | } else if (anObject instanceof Date) { |
162 | result = 'date' | 162 | result = 'date' |
163 | } else if (anObject instanceof Error) { | 163 | } else if (anObject instanceof Error) { |
164 | result = 'error' | 164 | result = 'error' |
165 | } else if (anObject instanceof Function) { | 165 | } else if (anObject instanceof Function) { |
166 | result = 'function' | 166 | result = 'function' |
167 | } else if (anObject.constructor == Number) { | 167 | } else if (anObject.constructor == Number) { |
168 | result = 'number' | 168 | result = 'number' |
169 | } else if (anObject.constructor == String) { | 169 | } else if (anObject.constructor == String) { |
170 | result = 'string' | 170 | result = 'string' |
171 | } else if (anObject instanceof Object) { | 171 | } else if (anObject instanceof Object) { |
172 | result = 'object' | 172 | result = 'object' |
173 | } else { | 173 | } else { |
174 | throw Clipperz.Base.exception.UnknownType; | 174 | throw Clipperz.Base.exception.UnknownType; |
175 | } | 175 | } |
176 | } | 176 | } |
177 | } | 177 | } |
178 | 178 | ||
179 | return result; | 179 | return result; |
180 | }, | 180 | }, |
181 | 181 | ||
182 | //------------------------------------------------------------------------- | 182 | //------------------------------------------------------------------------- |
183 | 183 | ||
184 | 'escapeHTML': function(aValue) { | 184 | 'escapeHTML': function(aValue) { |
185 | var result; | 185 | var result; |
186 | 186 | ||
187 | result = aValue; | 187 | result = aValue; |
188 | result = result.replace(/</g, "<"); | 188 | result = result.replace(/</g, "<"); |
189 | result = result.replace(/>/g, ">"); | 189 | result = result.replace(/>/g, ">"); |
190 | 190 | ||
191 | return result; | 191 | return result; |
192 | }, | 192 | }, |
193 | 193 | ||
194 | //------------------------------------------------------------------------- | 194 | //------------------------------------------------------------------------- |
195 | 195 | ||
196 | 'deepClone': function(anObject) { | 196 | 'deepClone': function(anObject) { |
197 | var result; | 197 | var result; |
198 | 198 | ||
199 | result = Clipperz.Base.evalJSON(Clipperz.Base.serializeJSON(anObject)); | 199 | result = Clipperz.Base.evalJSON(Clipperz.Base.serializeJSON(anObject)); |
200 | 200 | ||
201 | return result; | 201 | return result; |
202 | }, | 202 | }, |
203 | 203 | ||
204 | //------------------------------------------------------------------------- | 204 | //------------------------------------------------------------------------- |
205 | 205 | ||
206 | 'evalJSON': function(aString) { | 206 | 'evalJSON': function(aString) { |
207 | /* | 207 | /* |
208 | var result; | 208 | var result; |
209 | 209 | ||
210 | //check for XSS injection | 210 | //check for XSS injection |
211 | if (/<script>/.test(aString)) { | 211 | if (/<script>/.test(aString)) { |
212 | throw "error"; | 212 | throw "error"; |
213 | } | 213 | } |
214 | 214 | ||
215 | if (/<iframe>/.test(aString)) { | 215 | if (/<iframe>/.test(aString)) { |
216 | throw "error"; | 216 | throw "error"; |
217 | } | 217 | } |
218 | 218 | ||
219 | result = MochiKit.Base.evalJSON(aString); | 219 | result = MochiKit.Base.evalJSON(aString); |
220 | 220 | ||
221 | return result; | 221 | return result; |
222 | */ | 222 | */ |
223 | 223 | ||
224 | // return MochiKit.Base.evalJSON(aString); | 224 | // return MochiKit.Base.evalJSON(aString); |
225 | return JSON2.parse(aString); | 225 | return JSON2.parse(aString); |
226 | }, | 226 | }, |
227 | 227 | ||
228 | 'serializeJSON': function(anObject) { | 228 | 'serializeJSON': function(anObject) { |
229 | // return MochiKit.Base.serializeJSON(anObject); | 229 | // return MochiKit.Base.serializeJSON(anObject); |
230 | return JSON2.stringify(anObject); | 230 | return JSON2.stringify(anObject); |
231 | }, | 231 | }, |
232 | 232 | ||
233 | //------------------------------------------------------------------------- | 233 | //------------------------------------------------------------------------- |
234 | 234 | ||
235 | 'sanitizeString': function(aValue) { | 235 | 'sanitizeString': function(aValue) { |
236 | var result; | 236 | var result; |
237 | 237 | ||
238 | if (Clipperz.Base.objectType(aValue) == 'string') { | 238 | if (Clipperz.Base.objectType(aValue) == 'string') { |
239 | result = aValue; | 239 | result = aValue; |
240 | result = result.replace(/</img,"<"); | 240 | result = result.replace(/</img,"<"); |
241 | result = result.replace(/>/img,">"); | 241 | result = result.replace(/>/img,">"); |
242 | } else { | 242 | } else { |
243 | result = aValue; | 243 | result = aValue; |
244 | } | 244 | } |
245 | 245 | ||
246 | return result; | 246 | return result; |
247 | }, | 247 | }, |
248 | 248 | ||
249 | 'javascriptInjectionPattern': new RegExp("javascript:\/\/\"", "g"), | ||
250 | |||
251 | 'sanitizeUrl': function(aValue) { | ||
252 | varresult; | ||
253 | |||
254 | if ((aValue != null) && this.javascriptInjectionPattern.test(aValue)) { | ||
255 | result = aValue.replace(this.javascriptInjectionPattern, ''); | ||
256 | console.log("sanitized url", aValue, result); | ||
257 | } else { | ||
258 | result = aValue; | ||
259 | } | ||
260 | |||
261 | return result; | ||
262 | }, | ||
263 | |||
264 | 'sanitizeFavicon': function(aValue) { | ||
265 | varresult; | ||
266 | |||
267 | if ((aValue != null) && this.javascriptInjectionPattern.test(aValue)) { | ||
268 | result = aValue.replace(this.javascriptInjectionPattern, ''); | ||
269 | console.log("sanitized favicon", aValue, result); | ||
270 | } else { | ||
271 | result = aValue; | ||
272 | } | ||
273 | |||
274 | return result; | ||
275 | }, | ||
276 | |||
249 | //------------------------------------------------------------------------- | 277 | //------------------------------------------------------------------------- |
250 | 278 | ||
251 | 'exception': { | 279 | 'exception': { |
252 | 'AbstractMethod': new MochiKit.Base.NamedError("Clipperz.Base.exception.AbstractMethod"), | 280 | 'AbstractMethod': new MochiKit.Base.NamedError("Clipperz.Base.exception.AbstractMethod"), |
253 | 'UnknownType': new MochiKit.Base.NamedError("Clipperz.Base.exception.UnknownType"), | 281 | 'UnknownType': new MochiKit.Base.NamedError("Clipperz.Base.exception.UnknownType"), |
254 | 'VulnerabilityIssue':new MochiKit.Base.NamedError("Clipperz.Base.exception.VulnerabilityIssue") | 282 | 'VulnerabilityIssue':new MochiKit.Base.NamedError("Clipperz.Base.exception.VulnerabilityIssue") |
255 | }, | 283 | }, |
256 | 284 | ||
257 | //------------------------------------------------------------------------- | 285 | //------------------------------------------------------------------------- |
258 | __syntaxFix__: "syntax fix" | 286 | __syntaxFix__: "syntax fix" |
259 | 287 | ||
260 | }); | 288 | }); |
261 | 289 | ||
262 | 290 | ||
263 | 291 | ||
264 | MochiKit.Base.registerComparator('Object dummy comparator', | 292 | MochiKit.Base.registerComparator('Object dummy comparator', |
265 | function(a, b) { | 293 | function(a, b) { |
266 | return ((a.constructor == Object) && (b.constructor == Object)); | 294 | return ((a.constructor == Object) && (b.constructor == Object)); |
267 | }, | 295 | }, |
268 | function(a, b) { | 296 | function(a, b) { |
269 | var result; | 297 | var result; |
270 | var aKeys; | 298 | var aKeys; |
271 | var bKeys; | 299 | var bKeys; |
272 | 300 | ||
273 | //MochiKit.Logging.logDebug(">>> comparator"); | 301 | //MochiKit.Logging.logDebug(">>> comparator"); |
274 | //MochiKit.Logging.logDebug("- a: " + Clipperz.Base.serializeJSON(a)); | 302 | //MochiKit.Logging.logDebug("- a: " + Clipperz.Base.serializeJSON(a)); |
275 | //MochiKit.Logging.logDebug("- b: " + Clipperz.Base.serializeJSON(a)); | 303 | //MochiKit.Logging.logDebug("- b: " + Clipperz.Base.serializeJSON(a)); |
276 | aKeys = MochiKit.Base.keys(a).sort(); | 304 | aKeys = MochiKit.Base.keys(a).sort(); |
277 | bKeys = MochiKit.Base.keys(b).sort(); | 305 | bKeys = MochiKit.Base.keys(b).sort(); |
278 | 306 | ||
279 | result = MochiKit.Base.compare(aKeys, bKeys); | 307 | result = MochiKit.Base.compare(aKeys, bKeys); |
280 | //if (result != 0) { | 308 | //if (result != 0) { |
281 | //MochiKit.Logging.logDebug("- comparator 'keys':"); | 309 | //MochiKit.Logging.logDebug("- comparator 'keys':"); |
282 | //MochiKit.Logging.logDebug("- comparator aKeys: " + Clipperz.Base.serializeJSON(aKeys)); | 310 | //MochiKit.Logging.logDebug("- comparator aKeys: " + Clipperz.Base.serializeJSON(aKeys)); |
283 | //MochiKit.Logging.logDebug("- comparator bKeys: " + Clipperz.Base.serializeJSON(bKeys)); | 311 | //MochiKit.Logging.logDebug("- comparator bKeys: " + Clipperz.Base.serializeJSON(bKeys)); |
284 | //} | 312 | //} |
285 | if (result == 0) { | 313 | if (result == 0) { |
286 | vari, c; | 314 | vari, c; |
287 | 315 | ||
288 | c = aKeys.length; | 316 | c = aKeys.length; |
289 | for (i=0; (i<c) && (result == 0); i++) { | 317 | for (i=0; (i<c) && (result == 0); i++) { |
290 | result = MochiKit.Base.compare(a[aKeys[i]], b[bKeys[i]]); | 318 | result = MochiKit.Base.compare(a[aKeys[i]], b[bKeys[i]]); |
291 | //if (result != 0) { | 319 | //if (result != 0) { |
292 | //MochiKit.Logging.logDebug("- comparator 'values':"); | 320 | //MochiKit.Logging.logDebug("- comparator 'values':"); |
293 | //MochiKit.Logging.logDebug("- comparator a[aKeys[i]]: " + Clipperz.Base.serializeJSON(a[aKeys[i]])); | 321 | //MochiKit.Logging.logDebug("- comparator a[aKeys[i]]: " + Clipperz.Base.serializeJSON(a[aKeys[i]])); |
294 | //MochiKit.Logging.logDebug("- comparator b[bKeys[i]]: " + Clipperz.Base.serializeJSON(b[bKeys[i]])); | 322 | //MochiKit.Logging.logDebug("- comparator b[bKeys[i]]: " + Clipperz.Base.serializeJSON(b[bKeys[i]])); |
295 | //} | 323 | //} |
296 | } | 324 | } |
297 | } | 325 | } |
298 | 326 | ||
299 | //MochiKit.Logging.logDebug("<<< comparator - result: " + result); | 327 | //MochiKit.Logging.logDebug("<<< comparator - result: " + result); |
300 | return result; | 328 | return result; |
301 | }, | 329 | }, |
302 | true | 330 | true |
303 | ); | 331 | ); |