gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #3611 from FreeCodeCamp/fix/replace-script-tag-in-url

Browse Source 
Fix replace script tags in URL
This commit is contained in:
Quincy Larson
2015-10-06 16:48:37 -07:00
parent 2b1652942e 33e8f35bbf
commit 914f2ef0b8
3 changed files with 56 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
client/commonFramework.js
View File

@ -1,31 +1,49 @@
// common namespace
// all classes should be stored here
var common = common || {
// init is an array of functions that are
// called at the beginning of dom ready
init: []
};
var common = (function() {
// common namespace
// all classes should be stored here
var common = window.common || {
// init is an array of functions that are
// called at the beginning of dom ready
init: []
};
common.challengeName = common.challengeName || window.challenge_Name ?
window.challenge_Name :
'';
common.challengeName = common.challengeName || window.challenge_Name ?
window.challenge_Name :
'';
common.challengeType = common.challengeType || window.challengeType ?
window.challengeType :
0;
common.challengeType = common.challengeType || window.challengeType ?
window.challengeType :
0;
common.challengeId = common.challengeId || window.challenge_Id;
common.challengeId = common.challengeId || window.challenge_Id;
common.challengeSeed = common.challengeSeed || window.challengeSeed ?
window.challengeSeed :
[];
common.challengeSeed = common.challengeSeed || window.challengeSeed ?
window.challengeSeed :
[];
common.seed = common.challengeSeed.reduce(function(seed, line) {
return seed + line + '\n';
}, '');
common.seed = common.challengeSeed.reduce(function(seed, line) {
return seed + line + '\n';
}, '');
common.replaceScriptTags = function replaceScriptTags(value) {
return value
.replace(/<script>/gi, 'fccss')
.replace(/<\/script>/gi, 'fcces');
};
common.replaceSafeTags = function replaceSafeTags(value) {
return value
.replace(/fccss/gi, '<script>')
.replace(/fcces/gi, '</script>');
};
return common;
})();
// store code in the URL
common.codeUri = (function(common, encode, decode, location, history) {
var replaceScriptTags = common.replaceScriptTags;
var replaceSafeTags = common.replaceSafeTags;
var codeUri = {
encode: function(code) {
return encode(code);
@ -67,7 +85,7 @@ common.codeUri = (function(common, encode, decode, location, history) {
null,
location.href.split('?')[0]
);
location.hash = '#?' + query;
location.hash = '#?' + replaceScriptTags(query);
}
} else {
query = location.hash.replace(/^\#\?/, '');
@ -82,13 +100,15 @@ common.codeUri = (function(common, encode, decode, location, history) {
var key = param.split('=')[0];
var value = param.split('=')[1];
if (key === 'solution') {
return codeUri.decode(value);
return replaceSafeTags(codeUri.decode(value || ''));
}
return solution;
}, null);
},
querify: function(solution) {
location.hash = '?solution=' + codeUri.encode(solution);
location.hash = '?solution=' +
codeUri.encode(replaceScriptTags(solution));
return solution;
}
};
@ -306,12 +326,6 @@ var sandBox = (function(jailed, codeOutput) {
return sandBox;
}(window.jailed, common.codeOutput));
function replaceSafeTags(value) {
return value
.replace(/fccss/gi, '<script>')
.replace(/fcces/gi, '</script>');
}
var BDDregex = new RegExp(
'(expect(\\s+)?\\(.*\\;)|' +
'(assert(\\s+)?\\(.*\\;)|' +
@ -416,7 +430,7 @@ var editor = (function(CodeMirror, emmetCodeMirror, common) {
common.seed;
}
editor.setValue(replaceSafeTags(editorValue));
editor.setValue(common.replaceSafeTags(editorValue));
editor.refresh();
});
@ -659,7 +673,7 @@ function showCompletion() {
}
var resetEditor = function resetEditor() {
editor.setValue(replaceSafeTags(common.seed));
editor.setValue(common.replaceSafeTags(common.seed));
$('#testSuite').empty();
bonfireExecute(true);
common.codeStorage.updateStorage();

10
server/boot/user.js
View File

@ -15,6 +15,12 @@ const debug = debugFactory('freecc:boot:user');
const daysBetween = 1.5;
const sendNonUserToMap = ifNoUserRedirectTo('/map');
function replaceScriptTags(value) {
return value
.replace(/<script>/gi, 'fccss')
.replace(/<\/script>/gi, 'fcces');
}
function calcCurrentStreak(cals) {
const revCals = cals.concat([Date.now()]).slice().reverse();
let streakBroken = false;
@ -243,7 +249,9 @@ module.exports = function(app) {
moment,
longestStreak: profileUser.longestStreak,
currentStreak: profileUser.currentStreak
currentStreak: profileUser.currentStreak,
replaceScriptTags
});
}
);

4
server/views/account/show.jade
View File

@ -131,7 +131,7 @@ block content
td.col-xs-4= bonfire.name
td.col-xs-2= moment(bonfire.completedDate, 'x').format("MMM DD, YYYY")
td.col-xs-6
a(href='/challenges/' + bonfire.name + '?solution=' + encodeURIComponent(bonfire.solution), target='_blank') View my solution
a(href='/challenges/' + bonfire.name + '?solution=' + encodeURIComponent(replaceScriptTags(bonfire.solution)), target='_blank') View my solution
if (waypoints.length > 0)
.col-sm-12
table.table.table-striped
@ -146,7 +146,7 @@ block content
td.col-xs-2= moment(challenge.completedDate, 'x').format("MMM DD, YYYY")
td.col-xs-6
if (challenge.solution)
a(href='/challenges/' + challenge.name + '?solution=' + encodeURIComponent(challenge.solution), target='_blank') View my solution
a(href='/challenges/' + challenge.name + '?solution=' + encodeURIComponent(replaceScriptTags(challenge.solution)), target='_blank') View my solution
else
a(href='/challenges/' + challenge.name) View this challenge