summaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2013-07-11 00:00:01 +0200
committerThomas Müller <thomas.mueller@tmit.eu>2013-07-11 00:00:01 +0200
commit5e29f7d3246f748cc90e472711664e65c0e573f2 (patch)
treee1b3c2a308ed405f3b5bcf03ad4cef70c9b76d71 /core
parent7d7b7e6e63a15a2e41aa4d17e780121e6c5b426c (diff)
downloadnextcloud-server-5e29f7d3246f748cc90e472711664e65c0e573f2.tar.gz
nextcloud-server-5e29f7d3246f748cc90e472711664e65c0e573f2.zip
- eventsource.php: in case of potential CSRF attack we send an error message from the EventSource to the browser
- eventsource.js: handle undefined data on event - update.js: in case of error we close the event source - advise the user to reload the page - update.php: EventSource initialization is now done before we enter the maintenance mode in order to allow browser reload in case of possible CSRF attack
Diffstat (limited to 'core')
-rw-r--r--core/js/eventsource.js6
-rw-r--r--core/js/update.js5
2 files changed, 9 insertions, 2 deletions
diff --git a/core/js/eventsource.js b/core/js/eventsource.js
index ce8c8387c8e..536b180bc8f 100644
--- a/core/js/eventsource.js
+++ b/core/js/eventsource.js
@@ -110,7 +110,11 @@ OC.EventSource.prototype={
this.listeners[type].push(callback);
}else{
this.source.addEventListener(type,function(e){
- callback(JSON.parse(e.data));
+ if (typeof e.data != 'undefined') {
+ callback(JSON.parse(e.data));
+ } else {
+ callback('');
+ }
},false);
}
}else{
diff --git a/core/js/update.js b/core/js/update.js
index 8ab02bbf935..2c28e72f7cd 100644
--- a/core/js/update.js
+++ b/core/js/update.js
@@ -5,6 +5,9 @@ $(document).ready(function () {
});
updateEventSource.listen('error', function(message) {
$('<span>').addClass('error').append(message).append('<br />').appendTo($('.update'));
+ message = 'Please reload the page.';
+ $('<span>').addClass('error').append(message).append('<br />').appendTo($('.update'));
+ updateEventSource.close();
});
updateEventSource.listen('failure', function(message) {
$('<span>').addClass('error').append(message).append('<br />').appendTo($('.update'));
@@ -20,4 +23,4 @@ $(document).ready(function () {
window.location.href = OC.webroot;
}, 3000);
});
-}); \ No newline at end of file
+});