Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

5 years ago · c624c102a6
--- a/core/js/core.json
+++ b/core/js/core.json
@@ -13,7 +13,6 @@
 		"sharedialogresharerinfoview.js",
 		"sharedialogshareelistview.js",
 		"public/publicpage.js",
 		"oc-requesttoken.js",
 		"setupchecks.js",
 		"../search/js/search.js",
 		"mimetype.js",
--- a/core/js/dist/login.js
+++ b/core/js/dist/login.js
--- a/core/js/dist/login.js.map
+++ b/core/js/dist/login.js.map
--- a/core/js/dist/main.js
+++ b/core/js/dist/main.js
--- a/core/js/dist/main.js.map
+++ b/core/js/dist/main.js.map
--- a/core/js/js.js
+++ b/core/js/js.js
@@ -1,5 +1,3 @@
 var oc_requesttoken = document.getElementsByTagName('head')[0].getAttribute('data-requesttoken');

 /** @namespace OCP */
 var OCP = Object.assign({}, window.OCP);

@@ -16,7 +14,6 @@ Object.assign(window.OC, {
 	_capabilities: window.oc_capabilities || null,

 	theme: window.oc_defaults || {},
 	requestToken: oc_requesttoken,

 	/**
 	 * Check if a user file is allowed to be handled.
--- a/core/js/merged-template-prepend.json
+++ b/core/js/merged-template-prepend.json
@@ -1,6 +1,5 @@
 [
  "js.js",
  "oc-requesttoken.js",
  "mimetype.js",
  "mimetypelist.js",
  "select2-toggleselect.js"
--- a/core/js/oc-requesttoken.js
+++ b/core/js/oc-requesttoken.js
@@ -1,6 +0,0 @@
 $(document).on('ajaxSend',function(elm, xhr, settings) {
 	if(settings.crossDomain === false) {
 		xhr.setRequestHeader('requesttoken', oc_requesttoken);
 		xhr.setRequestHeader('OCS-APIREQUEST', 'true');
 	}
 });
--- a/core/src/OC/eventsource.js
+++ b/core/src/OC/eventsource.js
@@ -32,6 +32,8 @@

 import $ from 'jquery'

 import {getToken} from './requesttoken'

 /**
 * Create a new event source
 * @param {string} src
@@ -51,7 +53,7 @@ const OCEventSource = function (src, data) {
 			dataStr += name + '=' + encodeURIComponent(data[name]) + '&';
 		}
 	}
 	dataStr += 'requesttoken=' + encodeURIComponent(oc_requesttoken);
 	dataStr += 'requesttoken=' + encodeURIComponent(getToken());
 	if (!this.useFallBack && typeof EventSource !== 'undefined') {
 		joinChar = '&';
 		if (src.indexOf('?') === -1) {
--- a/core/src/OC/index.js
+++ b/core/src/OC/index.js
@@ -42,6 +42,10 @@ import {currentUser, getCurrentUser} from './currentuser'
 import Dialogs from './dialogs'
 import EventSource from './eventsource'
 import {get, set} from './get_set'
 import {
 	getToken as getRequestToken,
 	subscribe as subscribeToRequestTokenChange,
 } from './requesttoken'
 import {
 	hideMenus,
 	registerMenu,
@@ -135,6 +139,7 @@ export default {
 	filePath,
 	redirect,
 	reload,
 	requestToken: getRequestToken(),
 	linkTo,
 	linkToOCS,
 	linkToRemote,
@@ -150,3 +155,6 @@ export default {
 	 */
 	webroot,
 }

 // Keep the request token prop in sync
 subscribeToRequestTokenChange(token => OC.requestToken = token)
--- a/core/src/OC/requesttoken.js
+++ b/core/src/OC/requesttoken.js
@@ -0,0 +1,43 @@
 /*
 * @copyright 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
 *
 * @author 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

 let token = document.getElementsByTagName('head')[0].getAttribute('data-requesttoken');
 const observers = []

 /**
 * @return {string}
 */
 export const getToken = () => token

 /**
 * @param {Function} observer
 * @return {number}
 */
 export const subscribe = observer => observers.push(observer)

 /**
 * @param {String} newToken
 */
 export const setToken = newToken => {
 	token = newToken

 	observers.forEach(o => o(token))
 }
--- a/core/src/globals.js
+++ b/core/src/globals.js
@@ -42,7 +42,7 @@ const deprecate = (func, funcName) => {
 	return newFunc
 }

 const setDeprecatedProp = (global, val, msg) => {
 const setDeprecatedProp = (global, cb, msg) => {
 	if (window[global] !== undefined) {
 		delete window[global]
 	}
@@ -53,7 +53,8 @@ const setDeprecatedProp = (global, val, msg) => {
 			} else {
 				warnIfNotTesting(`${global} is deprecated`)
 			}
 			return val

 			return cb()
 		}
 	})
 }
@@ -93,6 +94,7 @@ import OCP from './OCP/index'
 import OCA from './OCA/index'
 import escapeHTML from './Util/escapeHTML'
 import formatDate from './Util/format-date'
 import {getToken as getRequestToken} from './OC/requesttoken'
 import getURLParameter from './Util/get-url-parameter'
 import humanFileSize from './Util/human-file-size'
 import relative_modified_date from './Util/relative-modified-date'
@@ -115,14 +117,15 @@ window['md5'] = md5
 window['moment'] = moment

 window['OC'] = OC
 setDeprecatedProp('initCore', initCore, 'this is an internal function')
 setDeprecatedProp('oc_appswebroots', OC.appswebroots, 'use OC.appswebroots instead')
 setDeprecatedProp('oc_config', OC.config, 'use OC.config instead')
 setDeprecatedProp('oc_current_user', OC.getCurrentUser().uid, 'use OC.getCurrentUser().uid instead')
 setDeprecatedProp('oc_debug', OC.debug, 'use OC.debug instead')
 setDeprecatedProp('oc_isadmin', OC.isUserAdmin(), 'use OC.isUserAdmin() instead')
 setDeprecatedProp('oc_webroot', OC.webroot, 'use OC.getRootPath() instead')
 setDeprecatedProp('OCDialogs', OC.dialogs, 'use OC.dialogs instead')
 setDeprecatedProp('initCore', () => initCore, 'this is an internal function')
 setDeprecatedProp('oc_appswebroots', ()  => OC.appswebroots, 'use OC.appswebroots instead')
 setDeprecatedProp('oc_config', () => OC.config, 'use OC.config instead')
 setDeprecatedProp('oc_current_user', () => OC.getCurrentUser().uid, 'use OC.getCurrentUser().uid instead')
 setDeprecatedProp('oc_debug', () => OC.debug, 'use OC.debug instead')
 setDeprecatedProp('oc_isadmin', OC.isUserAdmin, 'use OC.isUserAdmin() instead')
 setDeprecatedProp('oc_requesttoken', () => getRequestToken(), 'use OC.requestToken instead')
 setDeprecatedProp('oc_webroot', () => OC.webroot, 'use OC.getRootPath() instead')
 setDeprecatedProp('OCDialogs', () => OC.dialogs, 'use OC.dialogs instead')
 window['OCP'] = OCP
 window['OCA'] = OCA
 window['escapeHTML'] = deprecate(escapeHTML, 'escapeHTML')
--- a/core/src/jquery/index.js
+++ b/core/src/jquery/index.js
@@ -28,6 +28,7 @@ import './filterattr'
 import './ocdialog'
 import './octemplate'
 import './placeholder'
 import './requesttoken'
 import './selectrange'
 import './showpassword'
 import './tipsy'
--- a/core/src/jquery/requesttoken.js
+++ b/core/src/jquery/requesttoken.js
@@ -0,0 +1,31 @@
 /*
 * @copyright 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
 *
 * @author 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

 import $ from 'jquery'

 import {getToken} from '../OC/requesttoken'

 $(document).on('ajaxSend',function(elm, xhr, settings) {
 	if(settings.crossDomain === false) {
 		xhr.setRequestHeader('requesttoken', getToken());
 		xhr.setRequestHeader('OCS-APIREQUEST', 'true');
 	}
 });
--- a/core/src/session-heartbeat.js
+++ b/core/src/session-heartbeat.js
@@ -23,6 +23,7 @@ import $ from 'jquery'

 import {generateUrl} from './OC/routing'
 import OC from './OC'
 import {setToken as setRequestToken} from './OC/requesttoken'

 /**
 * session heartbeat (defaults to enabled)
@@ -65,10 +66,7 @@ export const initSessionHeartBeat = () => {

 	setInterval(() => {
 		$.ajax(generateUrl('/csrftoken'))
 			.then(resp => {
 				oc_requesttoken = resp.token
 				OC.requestToken = resp.token
 			})
 			.then(resp => setRequestToken(resp.token))
 			.fail(e => {
 				console.error('session heartbeat failed', e)
 			})
--- a/settings/js/settings/personalInfo.js
+++ b/settings/js/settings/personalInfo.js
@@ -77,7 +77,7 @@ function showAvatarCropper () {
 	$cropper.children('.inner-container').prepend($cropperImage);

 	$cropperImage.attr('src',
 		OC.generateUrl('/avatar/tmp') + '?requesttoken=' + encodeURIComponent(oc_requesttoken) + '#' + Math.floor(Math.random() * 1000));
 		OC.generateUrl('/avatar/tmp') + '?requesttoken=' + encodeURIComponent(OC.requestToken) + '#' + Math.floor(Math.random() * 1000));

 	$cropperImage.load(function () {
 		var img = $cropperImage.get()[0];