diff options
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl | 8 | ||||
-rw-r--r-- | extensions/InlineHistory/web/inline-history.js | 6 |
2 files changed, 12 insertions, 2 deletions
diff --git a/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl b/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl index 261f5b3fd..dffec1d28 100644 --- a/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl +++ b/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl @@ -136,8 +136,12 @@ [% PROCESS formattimeunit time_unit = value FILTER html FILTER js %] [% ELSIF change.buglist %] [% value FILTER bug_list_link FILTER js %] - [% ELSIF change.fieldname == 'bug_file_loc' || - change.fieldname == 'see_also' %] + [% ELSIF change.fieldname == 'bug_file_loc' %] + [%~%]<a href="[% value FILTER html FILTER js %]" target="_blank" + [%~ ' onclick="return inline_history.confirmUnsafeUrl(this.href)"' + UNLESS is_safe_url(value) %]> + [%~%][% value FILTER html FILTER js %]</a> + [% ELSIF change.fieldname == 'see_also' %] [%~%]<a href="[% value FILTER html FILTER js %]" target="_blank"> [%~%][% value FILTER html FILTER js %]</a> [% ELSIF change.fieldname == 'assigned_to' || diff --git a/extensions/InlineHistory/web/inline-history.js b/extensions/InlineHistory/web/inline-history.js index 40f208d57..a6655e10b 100644 --- a/extensions/InlineHistory/web/inline-history.js +++ b/extensions/InlineHistory/web/inline-history.js @@ -368,6 +368,12 @@ var inline_history = { ul.appendChild(li); }, + confirmUnsafeUrl: function(url) { + return confirm( + 'This is considered an unsafe URL and could possibly be harmful.\n' + + 'The full URL is:\n\n' + url + '\n\nContinue?'); + }, + previousElementSibling: function(el) { if (el.previousElementSibling) return el.previousElementSibling; |