libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-01-19 14:13:34 +01:00
Code Issues Projects Releases Wiki Activity

pad: Improve rendering of uncaught exceptions

Browse source 
* Use jQuery to build the message HTML so that special characters in
    the error message, URL, etc. are properly escaped. This helps
    avoid XSS vulnerabilities.
  * Use bold text for the error message to make it stand out.
  * Add a line break between the error message and "in <url> at line
    <line>" so that the error message stands out more.
  * Use `<p>...</p>` instead of `</br>` to separate the parts of the
    popup.
  * Use CSS for spacing instead of `</br>`.
  * Grammar fixes (add a missing comma, "at" instead of "in").
This commit is contained in:
Richard Hansen 2020-10-19 20:25:08 -04:00 committed by John McLear
parent d35dbaaacc
commit 8463134125
1 changed files with 13 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/static/js/pad_utils.js
View file

@ -484,7 +484,6 @@ function setupGlobalExceptionHandler() {
globalExceptionHandler = function test (msg, url, linenumber)
{
var errorId = randomString(20);
var userAgent = padutils.escapeHtml(navigator.userAgent);
var msgAlreadyVisible = false;
$('.gritter-item .error-msg').each(function() {
@ -494,13 +493,19 @@ function setupGlobalExceptionHandler() {
});
if (!msgAlreadyVisible) {
errorMsg = "<b>Please press and hold Ctrl and press F5 to reload this page</b></br> \
If the problem persists please send this error message to your webmaster: </br></br>\
<div style='text-align:left; font-size: .8em'>\
ErrorId: " + errorId + "<br>\
URL: " + padutils.escapeHtml(window.location.href) + "<br>\
UserAgent: " + userAgent + "<br>\
<span class='error-msg'>"+ msg + "</span> in " + url + " at line " + linenumber + '</div>';
const txt = document.createTextNode.bind(document); // Convenience shorthand.
const errorMsg = [
$('<p>')
.append($('<b>').text('Please press and hold Ctrl and press F5 to reload this page')),
$('<p>')
.text('If the problem persists, please send this error message to your webmaster:'),
$('<div>').css('text-align', 'left').css('font-size', '.8em').css('margin-top', '1em')
.append(txt(`ErrorId: ${errorId}`)).append($('<br>'))
.append(txt(`URL: ${window.location.href}`)).append($('<br>'))
.append(txt(`UserAgent: ${navigator.userAgent}`)).append($('<br>'))
.append($('<b>').addClass('error-msg').text(msg)).append($('<br>'))
.append(txt(`at ${url} at line ${linenumber}`)).append($('<br>')),
];
$.gritter.add({
title: "An error occurred",