From b199f4960471ec9156f9c1ae2f165159d80f30df Mon Sep 17 00:00:00 2001 From: Tooru Fujisawa Date: Mon, 9 Mar 2015 16:13:32 +0000 Subject: Bug 1140798: Possible client side code injection in "suggested reviewers" menu. --- js/jquery/plugins/contextMenu/contextMenu-min.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'js/jquery/plugins') diff --git a/js/jquery/plugins/contextMenu/contextMenu-min.js b/js/jquery/plugins/contextMenu/contextMenu-min.js index 2db092acc..3f6ce1938 100644 --- a/js/jquery/plugins/contextMenu/contextMenu-min.js +++ b/js/jquery/plugins/contextMenu/contextMenu-min.js @@ -62,7 +62,7 @@ $currentTrigger=null;opt.$menu.find('.hover').trigger('contextmenu:blur');opt.$s return true;}});} setTimeout(function(){$trigger.trigger('contextmenu:hidden');},10);});},create:function(opt,root){if(root===undefined){root=opt;} opt.$menu=$('').addClass(opt.className||"").data({'contextMenu':opt,'contextMenuRoot':root});$.each(['callbacks','commands','inputs'],function(i,k){opt[k]={};if(!root[k]){root[k]={};}});root.accesskeys||(root.accesskeys={});$.each(opt.items,function(key,item){var $t=$('
  • ').addClass(item.className||""),$label=null,$input=null;$t.on('click',$.noop);item.$node=$t.data({'contextMenu':opt,'contextMenuRoot':root,'contextMenuKey':key});if(item.accesskey){var aks=splitAccesskey(item.accesskey);for(var i=0,ak;ak=aks[i];i++){if(!root.accesskeys[ak]){root.accesskeys[ak]=item;item._name=item.name.replace(new RegExp('('+ak+')','i'),'$1');break;}}} -if(typeof item=="string"){$t.addClass('context-menu-separator not-selectable');}else if(item.type&&types[item.type]){types[item.type].call($t,item,opt,root);$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});}else{if(item.type=='html'){$t.addClass('context-menu-html not-selectable');}else if(item.type){$label=$('').appendTo($t);$('').html(item._name||item.name).appendTo($label);$t.addClass('context-menu-input');opt.hasTypes=true;$.each([opt,root],function(i,k){k.commands[key]=item;k.inputs[key]=item;});}else if(item.items){item.type='sub';} +if(typeof item=="string"){$t.addClass('context-menu-separator not-selectable');}else if(item.type&&types[item.type]){types[item.type].call($t,item,opt,root);$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});}else{if(item.type=='html'){$t.addClass('context-menu-html not-selectable');}else if(item.type){$label=$('').appendTo($t);$('').text(item._name||item.name).appendTo($label);$t.addClass('context-menu-input');opt.hasTypes=true;$.each([opt,root],function(i,k){k.commands[key]=item;k.inputs[key]=item;});}else if(item.items){item.type='sub';} switch(item.type){case'text':$input=$('') .attr('name','context-menu-input-'+key) .val(item.value||"") @@ -81,7 +81,7 @@ break;case'checkbox':$input=$('') .attr('name','context-menu-input-'+key) .appendTo($label);if(item.options){$.each(item.options,function(value,text){$('').val(value).text(text).appendTo($input);});$input.val(item.selected);} -break;case'sub':$('').html(item._name||item.name).appendTo($t);item.appendTo=item.$node;op.create(item,root);$t.data('contextMenu',item).addClass('context-menu-submenu');item.callback=null;break;case'html':$(item.html).appendTo($t);break;default:$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});$('').html(item._name||item.name||"").appendTo($t);break;} +break;case'sub':$('').text(item._name||item.name).appendTo($t);item.appendTo=item.$node;op.create(item,root);$t.data('contextMenu',item).addClass('context-menu-submenu');item.callback=null;break;case'html':$(item.html).appendTo($t);break;default:$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});$('').text(item._name||item.name||"").appendTo($t);break;} if(item.type&&item.type!='sub'&&item.type!='html'){$input .on('focus',handle.focusInput) .on('blur',handle.blurInput);if(item.events){$input.on(item.events,opt);}} -- cgit v1.2.3-24-g4f1b