jfinn
/
jitsi_corner8
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Pārlūkot izejas kodu

escape nicknames before displaying them

j8
isymchych 9 gadus atpakaļ
vecāks
47f2320e94
revīzija
0bcbd105e3
11 mainītis faili ar 54 papildinājumiem un 44 dzēšanām
Apvienotais skats Rādīt salīdzināšanas statistiku
  1. 13
    9
      modules/UI/UI.js
  2. 2
    3
      modules/UI/side_pannels/SidePanelToggler.js
  3. 1
    1
      modules/UI/side_pannels/chat/Chat.js
  4. 1
    1
      modules/UI/side_pannels/contactlist/ContactList.js
  5. 1
    1
      modules/UI/side_pannels/settings/SettingsMenu.js
  6. 3
    3
      modules/UI/util/MessageHandler.js
  7. 10
    0
      modules/UI/util/UIUtil.js
  8. 5
    7
      modules/UI/videolayout/LocalVideo.js
  9. 4
    4
      modules/UI/videolayout/RemoteVideo.js
  10. 0
    5
      modules/UI/videolayout/VideoLayout.js
  11. 14
    10
      modules/settings/Settings.js

+ 13
- 9
modules/UI/UI.js Parādīt failu

223 
  * Intitialize conference UI.
 223 
  * Intitialize conference UI.
224 
  */
 224 
  */
225 
 UI.initConference = function () {
 225 
 UI.initConference = function () {
226 
-    var id = APP.conference.localId;
226 
+    let id = APP.conference.localId;
227 
     Toolbar.updateRoomUrl(window.location.href);
 227 
     Toolbar.updateRoomUrl(window.location.href);
228 
-    var meHTML = APP.translation.generateTranslationHTML("me");
229 
-    var settings = Settings.getSettings();
228 
+    let meHTML = APP.translation.generateTranslationHTML("me");
230
229
231 
-    $("#localNick").html(settings.email || settings.uid + " (" + meHTML + ")");
230 
+    let email = Settings.getEmail();
231 
+    let uid = Settings.getUserId();
232 
+    $("#localNick").html(email || `${uid} (${meHTML})`);
232
233
233 
     // Add myself to the contact list.
 234 
     // Add myself to the contact list.
234 
     ContactList.addContact(id);
 235 
     ContactList.addContact(id);
236 
     // Once we've joined the muc show the toolbar
 237 
     // Once we've joined the muc show the toolbar
237 
     ToolbarToggler.showToolbar();
 238 
     ToolbarToggler.showToolbar();
238
239
239 
-    var displayName = config.displayJids ? id : settings.displayName;
240 
+    let displayName = config.displayJids ? id : Settings.getDisplayName();
240
241
241 
     if (displayName) {
 242 
     if (displayName) {
242 
         UI.changeDisplayName('localVideoContainer', displayName);
 243 
         UI.changeDisplayName('localVideoContainer', displayName);
243 
     }
 244 
     }
244
245
245 
     // Make sure we configure our avatar id, before creating avatar for us
 246 
     // Make sure we configure our avatar id, before creating avatar for us
246 
-    UI.setUserAvatar(id, settings.email);
247 
+    UI.setUserAvatar(id, email);
247
248
248 
     Toolbar.checkAutoEnableDesktopSharing();
 249 
     Toolbar.checkAutoEnableDesktopSharing();
249 
     if(!interfaceConfig.filmStripOnly) {
 250 
     if(!interfaceConfig.filmStripOnly) {
607 
     PanelToggler.toggleContactList();
 608 
     PanelToggler.toggleContactList();
608 
 };
 609 
 };
609
610
610 
-UI.inputDisplayNameHandler = function (value) {
611 
-    VideoLayout.inputDisplayNameHandler(value);
611 
+/**
612 
+ * Handle new user display name.
613 
+ */
614 
+UI.inputDisplayNameHandler = function (newDisplayName) {
615 
+    eventEmitter.emit(UIEvents.NICKNAME_CHANGED, newDisplayName);
612 
 };
 616 
 };
613
617
614 
 /**
 618 
 /**
888 
     body = body.replace(/\n/g, "%0D%0A");
 892 
     body = body.replace(/\n/g, "%0D%0A");
889
893
890 
     if (nick) {
 894 
     if (nick) {
891 
-        body += "%0D%0A%0D%0A" + nick;
895 
+        body += "%0D%0A%0D%0A" + UIUtil.escapeHtml(nick);
892 
     }
 896 
     }
893
897
894 
     if (interfaceConfig.INVITATION_POWERED_BY) {
 898 
     if (interfaceConfig.INVITATION_POWERED_BY) {

+ 2
- 3
modules/UI/side_pannels/SidePanelToggler.js Parādīt failu

148 
             '#settingsmenu',
 148 
             '#settingsmenu',
149 
             null,
 149 
             null,
150 
             function() {
 150 
             function() {
151 
-                var settings = Settings.getSettings();
152 
-                $('#setDisplayName').get(0).value = settings.displayName;
153 
-                $('#setEmail').get(0).value = settings.email;
151 
+                $('#setDisplayName').val(Settings.getDisplayName());
152 
+                $('#setEmail').val(Settings.getEmail());
154 
             },
 153 
             },
155 
             null);
 154 
             null);
156 
     },
 155 
     },

+ 1
- 1
modules/UI/side_pannels/chat/Chat.js Parādīt failu

179 
         $('#nickinput').keydown(function (event) {
 179 
         $('#nickinput').keydown(function (event) {
180 
             if (event.keyCode === 13) {
 180 
             if (event.keyCode === 13) {
181 
                 event.preventDefault();
 181 
                 event.preventDefault();
182 
-                var val = UIUtil.escapeHtml(this.value);
182 
+                let val = this.value;
183 
                 this.value = '';
 183 
                 this.value = '';
184 
                 eventEmitter.emit(UIEvents.NICKNAME_CHANGED, val);
 184 
                 eventEmitter.emit(UIEvents.NICKNAME_CHANGED, val);
185 
             }
 185 
             }

+ 1
- 1
modules/UI/side_pannels/contactlist/ContactList.js Parādīt failu

158 
         let contactName = $(`#contacts #${id}>p`);
 158 
         let contactName = $(`#contacts #${id}>p`);
159
159
160 
         if (displayName) {
 160 
         if (displayName) {
161 
-            contactName.html(displayName);
161 
+            contactName.text(displayName);
162 
         }
 162 
         }
163 
     },
 163 
     },
164
164

+ 1
- 1
modules/UI/side_pannels/settings/SettingsMenu.js Parādīt failu

40 
 export default {
 40 
 export default {
41 
     init (emitter) {
 41 
     init (emitter) {
42 
         function update() {
 42 
         function update() {
43 
-            let displayName = UIUtil.escapeHtml($('#setDisplayName').val());
43 
+            let displayName = $('#setDisplayName').val();
44
44
45 
             if (displayName && Settings.getDisplayName() !== displayName) {
 45 
             if (displayName && Settings.getDisplayName() !== displayName) {
46 
                 emitter.emit(UIEvents.NICKNAME_CHANGED, displayName);
 46 
                 emitter.emit(UIEvents.NICKNAME_CHANGED, displayName);

+ 3
- 3
modules/UI/util/MessageHandler.js Parādīt failu

1 
 /* global $, APP, jQuery, toastr, Impromptu */
 1 
 /* global $, APP, jQuery, toastr, Impromptu */
2 
 /* jshint -W101 */
 2 
 /* jshint -W101 */
3
3
4 
+import UIUtil from './UIUtil';
5 
+
4 
 /**
 6 
 /**
5 
  * Flag for enable/disable of the notifications.
 7 
  * Flag for enable/disable of the notifications.
6 
  * @type {boolean}
 8 
  * @type {boolean}
204 
             return;
 206 
             return;
205 
         var displayNameSpan = '<span class="nickname" ';
 207 
         var displayNameSpan = '<span class="nickname" ';
206 
         if (displayName) {
 208 
         if (displayName) {
207 
-            displayNameSpan += ">" + displayName;
209 
+            displayNameSpan += ">" + UIUtil.escapeHtml(displayName);
208 
         } else {
 210 
         } else {
209 
             displayNameSpan += "data-i18n='" + displayNameKey +
 211 
             displayNameSpan += "data-i18n='" + displayNameKey +
210 
                 "'>" + APP.translation.translateString(displayNameKey);
 212 
                 "'>" + APP.translation.translateString(displayNameKey);
247 
 }(messageHandler || {}));
 249 
 }(messageHandler || {}));
248
250
249 
 module.exports = messageHandler;
 251 
 module.exports = messageHandler;
250 
-
251 
-

+ 10
- 0
modules/UI/util/UIUtil.js Parādīt failu

72 
         return $('<div/>').text(unsafeText).html();
 72 
         return $('<div/>').text(unsafeText).html();
73 
     },
 73 
     },
74
74
75 
+    /**
76 
+     * Unescapes the given text.
77 
+     *
78 
+     * @param {string} safe string which contains escaped html
79 
+     * @returns {string} unescaped html string.
80 
+     */
81 
+    unescapeHtml: function (safe) {
82 
+        return $('<div />').html(safe).text();
83 
+    },
84 
+
75 
     imageToGrayScale: function (canvas) {
 85 
     imageToGrayScale: function (canvas) {
76 
         var context = canvas.getContext('2d');
 86 
         var context = canvas.getContext('2d');
77 
         var imgData = context.getImageData(0, 0, canvas.width, canvas.height);
 87 
         var imgData = context.getImageData(0, 0, canvas.width, canvas.height);

+ 5
- 7
modules/UI/videolayout/LocalVideo.js Parādīt failu

65 
         if (nameSpan.text() !== displayName) {
 65 
         if (nameSpan.text() !== displayName) {
66 
             if (displayName && displayName.length > 0) {
 66 
             if (displayName && displayName.length > 0) {
67 
                 meHTML = APP.translation.generateTranslationHTML("me");
 67 
                 meHTML = APP.translation.generateTranslationHTML("me");
68 
-                $('#localDisplayName').html(displayName + ' (' + meHTML + ')');
68 
+                $('#localDisplayName').html(
69 
+                    UIUtil.escapeHtml(displayName) + ' (' + meHTML + ')'
70 
+                );
69 
             } else {
 71 
             } else {
70 
                 $('#localDisplayName').html(defaultLocalDisplayName);
 72 
                 $('#localDisplayName').html(defaultLocalDisplayName);
71 
             }
 73 
             }
81
83
82 
         if (displayName && displayName.length > 0) {
 84 
         if (displayName && displayName.length > 0) {
83 
             meHTML = APP.translation.generateTranslationHTML("me");
 85 
             meHTML = APP.translation.generateTranslationHTML("me");
84 
-            nameSpan.innerHTML = displayName + meHTML;
86 
+            nameSpan.innerHTML = UIUtil.escapeHtml(displayName) + meHTML;
85 
         }
 87 
         }
86 
         else {
 88 
         else {
87 
             nameSpan.innerHTML = defaultLocalDisplayName;
 89 
             nameSpan.innerHTML = defaultLocalDisplayName;
126 
                 editDisplayName.select();
 128 
                 editDisplayName.select();
127
129
128 
                 editDisplayName.one("focusout", function (e) {
 130 
                 editDisplayName.one("focusout", function (e) {
129 
-                    self.VideoLayout.inputDisplayNameHandler(this.value);
131 
+                    self.emitter.emit(UIEvents.NICKNAME_CHANGED, this.value);
130 
                     $('#editDisplayName').hide();
 132 
                     $('#editDisplayName').hide();
131 
                 });
 133 
                 });
132
134
141 
     }
 143 
     }
142 
 };
 144 
 };
143
145
144 
-LocalVideo.prototype.inputDisplayNameHandler = function (name) {
145 
-    this.emitter.emit(UIEvents.NICKNAME_CHANGED, UIUtil.escapeHtml(name));
146 
-};
147 
-
148 
 LocalVideo.prototype.createConnectionIndicator = function() {
 146 
 LocalVideo.prototype.createConnectionIndicator = function() {
149 
     if(this.connectionIndicator)
 147 
     if(this.connectionIndicator)
150 
         return;
 148 
         return;

+ 4
- 4
modules/UI/videolayout/RemoteVideo.js Parādīt failu

359 
     // If we already have a display name for this video.
 359 
     // If we already have a display name for this video.
360 
     if (nameSpan.length > 0) {
 360 
     if (nameSpan.length > 0) {
361 
         if (displayName && displayName.length > 0) {
 361 
         if (displayName && displayName.length > 0) {
362 
-            $('#' + this.videoSpanId + '_name').html(displayName);
362 
+            $('#' + this.videoSpanId + '_name').text(displayName);
363 
         }
 363 
         }
364 
         else if (key && key.length > 0) {
 364 
         else if (key && key.length > 0) {
365 
             var nameHtml = APP.translation.generateTranslationHTML(key);
 365 
             var nameHtml = APP.translation.generateTranslationHTML(key);
374 
         $('#' + this.videoSpanId)[0].appendChild(nameSpan);
 374 
         $('#' + this.videoSpanId)[0].appendChild(nameSpan);
375
375
376 
         if (displayName && displayName.length > 0) {
 376 
         if (displayName && displayName.length > 0) {
377 
-            nameSpan.innerHTML = displayName;
378 
-        }
379 
-        else
377 
+            $(nameSpan).text(displayName);
378 
+        } else {
380 
             nameSpan.innerHTML = interfaceConfig.DEFAULT_REMOTE_DISPLAY_NAME;
 379 
             nameSpan.innerHTML = interfaceConfig.DEFAULT_REMOTE_DISPLAY_NAME;
380 
+        }
381 
         nameSpan.id = this.videoSpanId + '_name';
 381 
         nameSpan.id = this.videoSpanId + '_name';
382 
     }
 382 
     }
383 
 };
 383 
 };

+ 0
- 5
modules/UI/videolayout/VideoLayout.js Parādīt failu

347 
         }
 347 
         }
348 
     },
 348 
     },
349
349
350 
-
351 
-    inputDisplayNameHandler (name) {
352 
-        localVideoThumbnail.inputDisplayNameHandler(name);
353 
-    },
354 
-
355 
     videoactive (videoelem, resourceJid) {
 350 
     videoactive (videoelem, resourceJid) {
356
351
357 
         console.info(resourceJid + " video is now active", videoelem);
 352 
         console.info(resourceJid + " video is now active", videoelem);

+ 14
- 10
modules/settings/Settings.js Parādīt failu

1 
 import {generateUsername} from '../util/UsernameGenerator';
 1 
 import {generateUsername} from '../util/UsernameGenerator';
2 
+import UIUtil from '../UI/util/UIUtil';
2
3
3 
 let email = '';
 4 
 let email = '';
4 
 let displayName = '';
 5 
 let displayName = '';
32
33
33 
     userId = window.localStorage.jitsiMeetId || '';
 34 
     userId = window.localStorage.jitsiMeetId || '';
34 
     email = window.localStorage.email || '';
 35 
     email = window.localStorage.email || '';
35 
-    displayName = window.localStorage.displayname || '';
36 
+    displayName = UIUtil.unescapeHtml(window.localStorage.displayname || '');
36 
     language = window.localStorage.language;
 37 
     language = window.localStorage.language;
37 
     cameraDeviceId = window.localStorage.cameraDeviceId || '';
 38 
     cameraDeviceId = window.localStorage.cameraDeviceId || '';
38 
     micDeviceId = window.localStorage.micDeviceId || '';
 39 
     micDeviceId = window.localStorage.micDeviceId || '';
46 
     /**
 47 
     /**
47 
      * Sets the local user display name and saves it to local storage
 48 
      * Sets the local user display name and saves it to local storage
48 
      *
 49 
      *
49 
-     * @param newDisplayName the new display name for the local user
50 
-     * @returns {string} the display name we just set
50 
+     * @param {string} newDisplayName unescaped display name for the local user
51 
      */
 51 
      */
52 
-    setDisplayName: function (newDisplayName) {
53 
-        if (displayName === newDisplayName) {
54 
-            return displayName;
55 
-        }
52 
+    setDisplayName (newDisplayName) {
56 
         displayName = newDisplayName;
 53 
         displayName = newDisplayName;
57 
-        window.localStorage.displayname = displayName;
58 
-        return displayName;
54 
+        window.localStorage.displayname = UIUtil.escapeHtml(displayName);
59 
     },
 55 
     },
60
56
61 
     /**
 57 
     /**
62 
-     * Returns the currently used by the user
58 
+     * Returns the escaped display name currently used by the user
63 
      * @returns {string} currently valid user display name.
 59 
      * @returns {string} currently valid user display name.
64 
      */
 60 
      */
65 
     getDisplayName: function () {
 61 
     getDisplayName: function () {
66 
         return displayName;
 62 
         return displayName;
67 
     },
 63 
     },
68
64
65 
+    /**
66 
+     * Returns id of the user.
67 
+     * @returns {string} user id
68 
+     */
69 
+    getUserId () {
70 
+        return userId;
71 
+    },
72 
+
69 
     setEmail: function (newEmail) {
 73 
     setEmail: function (newEmail) {
70 
         email = newEmail;
 74 
         email = newEmail;
71 
         window.localStorage.email = newEmail;
 75 
         window.localStorage.email = newEmail;

Rakstīt Priekšskatītījums
Notiek ielāde…
Atcelt
Saglabāt