extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 16:03:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

always stop event propagation for click-handler executing on javascript urls in navigation

Browse Source
This commit is contained in:
Ralf Becker 2014-02-17 11:18:59 +00:00
parent 092af04bc4
commit 3ba14a1291
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
phpgwapi/templates/idots/js/idots.js
View File

@ -63,7 +63,8 @@ egw_LAB.wait(function() {
// allowing javascript urls in topmenu and sidebox only under CSP by binding click handlers to them
var href_regexp = /^javascript:([^\(]+)\((.*)?\);?$/;
jQuery('#topmenu_items,#thesideboxcolumn').on('click','a[href^="javascript:"]',function(){
jQuery('#topmenu_items,#thesideboxcolumn').on('click','a[href^="javascript:"]',function(ev){
ev.stopPropagation(); // do NOT execute regular event, as it will violate CSP, when handler does NOT return false
var matches = this.href.match(href_regexp);
var args = [];
if (matches.length > 1 && matches[2] !== undefined)