Misplaced Pages

User:Enterprisey/copy-section-link.js: Difference between revisions

Article snapshot taken from[REDACTED] with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
< User:Enterprisey Browse history interactively← Previous editNext edit →Content deleted Content added
Revision as of 23:23, 25 October 2021 view sourceEnterprisey (talk | contribs)Edit filter managers, Autopatrolled, Administrators34,926 edits eh...← Previous edit Revision as of 15:34, 5 December 2021 view source Mr. Stradivarius (talk | contribs)Edit filter managers, Administrators59,192 edits fix cross-site scripting vulnerability in the hash part of the external URL, which could be exploited with a specially crafted heading containing JavaScript code; also remove unnecessary escaping of "<" characters, as JQuery .text() will escape them for usNext edit →
Line 10: Line 10:
.click( function () { .click( function () {
if( popup === null ) { if( popup === null ) {
var hash = "#" + $( this ).prev().attr( "id" ).replace( /</g, '&lt;' ); var hash = $( this ).prev().attr( "id" );
var oldid = mw.util.getParamValue( "oldid" ); var oldid = mw.util.getParamValue( "oldid" );
var popupContent; var popupContent;
function makeContent( pageName, id ) { function makeContent( pageName, id ) {
var wikitext = "]"; var wikitext = "]";
return $( '<p>', { "class": "copy-section-link-content" } ).append( return $( '<p>', { "class": "copy-section-link-content" } ).append(
$( "<code>", { "id": "copy-section-wikilink" + id } ).text( wikitext ), $( "<code>", { "id": "copy-section-wikilink" + id } ).text( wikitext ),
Line 29: Line 29:
} }
} ), } ),
"<br /><a href='" + mw.util.getUrl( pageName ) + hash + "' class='external free'>external</a>" $( "<br>" ),
); $( "<a>" )
.attr( "href", mw.util.getUrl( pageName ) + "#" + encodeURIComponent( hash ) )
.text( "external" )
);
} }


Revision as of 15:34, 5 December 2021

// <nowiki>
$.when(
    $.ready,
    mw.loader.using(  )
).then( function () {
    $( "span.mw-headline" ).each( function () {
        var popup = null;
        $( this ).after( " ", $( "<a>", { "class": "copy-section-link-pilcrow" } )
                .text( "¶" )
                .click( function () {
                    if( popup === null ) {
                        var hash = $( this ).prev().attr( "id" );
                        var oldid = mw.util.getParamValue( "oldid" );
                        var popupContent;
                        function makeContent( pageName, id ) {
                            var wikitext = "]";
                            return $( '<p>', { "class": "copy-section-link-content" } ).append(
                                $( "<code>", { "id": "copy-section-wikilink" + id } ).text( wikitext ),
                                $( "<button>" )
                                    .text( "Copy" )
                                    .css( { "padding": "0.5em", "cursor": "pointer", "margin-left": "0.5em" } )
                                    .click( function () {
                                        var textField = $( "#copy-section-wikilink" + id );
                                        try {
                                            navigator.clipboard.writeText( textField.text() );
                                        } catch( e ) {
                                            textField.select();
                                            document.execCommand( "copy" );
                                        }
                                    } ),
                                $( "<br>" ),
                                $( "<a>" )
                                	.attr( "href", mw.util.getUrl( pageName ) + "#" + encodeURIComponent( hash ) )
                                	.text( "external" )
                            );
                        }

                        var generalCss = { 'font-size': '0.9rem', 'font-family': 'sans-serif' };

                        var index;
                        if( oldid ) {
                            popupContent = makeContent( "Special:Permalink/" + oldid );
                            popupContent.css( generalCss );
                            popupContent.css( { 'padding-top': '0.5em', 'font-weight': 'normal' } );
                        } else {
                            var normalPanel = new OO.ui.TabPanelLayout( 'normal', {
                                label: 'Link',
                                $content: makeContent( mw.config.get( 'wgPageName' ), 'normal' )
                            } );
                            var permalinkPanel = new OO.ui.TabPanelLayout( 'permalink', {
                                label: 'Permalink',
                                $content: makeContent( 'Special:Permalink/' + mw.config.get( 'wgCurRevisionId' ), 'permalink' )
                            } );
                            index = new OO.ui.IndexLayout();
                            index.addTabPanels(  );
                            popupContent = index.$element;
                        }
                        popup = new OO.ui.PopupWidget( {
                            $content: popupContent,
                            $floatableContainer: $( this ),
                            padded: true,
                            width: 400,
                            height: 190,
                            align: 'forwards',
                        } );
                        $( this ).after( popup.$element );
                        if( index ) {
                            index.$menu.find( 'span.oo-ui-labelElement-label' ).css( generalCss );
                            index.$content.css( generalCss );
                        }

                        popup.toggle( true );
                    } else {
                        popup.toggle();
                    }
                } ) );
    } );
    mw.util.addCSS( "h2 .copy-section-link-pilcrow," +
                    "h3 .copy-section-link-pilcrow," +
                    "h4 .copy-section-link-pilcrow," +
                    "h5 .copy-section-link-pilcrow," +
                    "h6 .copy-section-link-pilcrow" +
                        "{ display: none }" +
                    "h2:hover .copy-section-link-pilcrow," +
                    "h3:hover .copy-section-link-pilcrow," +
                    "h4:hover .copy-section-link-pilcrow," +
                    "h5:hover .copy-section-link-pilcrow," +
                    "h6:hover .copy-section-link-pilcrow" +
                        "{ display: inline }" );
} );
// </nowiki>
User:Enterprisey/copy-section-link.js: Difference between revisions Add topic