| From: | Dave Page <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | Sehrope Sarkuni <sehrope(at)jackdb(dot)com> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se>, PostgreSQL WWW <pgsql-www(at)postgresql(dot)org> |
| Subject: | Re: Improve UX of YUM/DNF download form |
| Date: | 2020-06-09 11:49:29 |
| Message-ID: | CA+OCxoxKKfQSpytqpbzngvJN3Qi2jp8JzQsGLF42zr_fZJ2nNg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
Hi
On Tue, Jun 9, 2020 at 12:20 PM Sehrope Sarkuni <sehrope(at)jackdb(dot)com> wrote:
> I took a peek at the updated yum.js. There's a couple unused variables in
> the script generation and it doesn't escape the generated text before
> assigning it to the DOM node. Not an issue now as there's nothing that'd
> break it, but if it's ever updated to include a redirect ("<") or something
> else hokey it'd break.
>
> How about the attached? It splits the script generation into its own
> function returning a string and has the archChanged() only handle updating
> the DOM. It uses jQuery .text(...) for the DOM update so that the contents
> are escaped.
>
> I don't have the full site running locally but adding the new DOM node and
> copy / pasting in the browser to manipulate the live site with this code
> seems to work fine.
>
Thanks. The code has changed massively since the last patch (thanks to
Magnus harassing me about more changes on IM). New patch to follow - I'll
look to incorporate your tweaks.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2020-06-09 11:58:25 | Re: Improve UX of YUM/DNF download form |
| Previous Message | Sehrope Sarkuni | 2020-06-09 11:20:42 | Re: Improve UX of YUM/DNF download form |