diff options
author | Côme Chilliet <91878298+come-nc@users.noreply.github.com> | 2024-01-16 09:04:24 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-16 09:04:24 +0100 |
commit | 80d58f01629214a769e20e5381dd2bac915fdd2d (patch) | |
tree | b2c757b0d28ec785cf7d84d21f00dcd664f8fb68 /core | |
parent | 587057b0edf4e3b17772cdcc686021ea6d6c938b (diff) | |
parent | a2915d4e222ea479d8498d33d8086a055672da2f (diff) | |
download | nextcloud-server-80d58f01629214a769e20e5381dd2bac915fdd2d.tar.gz nextcloud-server-80d58f01629214a769e20e5381dd2bac915fdd2d.zip |
Merge pull request #41312 from nextcloud/feat/migrate-code-integrity-check
Diffstat (limited to 'core')
-rw-r--r-- | core/js/setupchecks.js | 30 | ||||
-rw-r--r-- | core/js/tests/specs/setupchecksSpec.js | 17 |
2 files changed, 18 insertions, 29 deletions
diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js index 9eacb1b137a..99e289e5e54 100644 --- a/core/js/setupchecks.js +++ b/core/js/setupchecks.js @@ -230,16 +230,6 @@ type: OC.SetupChecks.MESSAGE_TYPE_WARNING }); } - if(!data.hasPassedCodeIntegrityCheck) { - messages.push({ - msg: t('core', 'Some files have not passed the integrity check. Further information on how to resolve this issue can be found in the {linkstart1}documentation ↗{linkend}. ({linkstart2}List of invalid files…{linkend} / {linkstart3}Rescan…{linkend})') - .replace('{linkstart1}', '<a target="_blank" rel="noreferrer noopener" class="external" href="' + data.codeIntegrityCheckerDocumentation + '">') - .replace('{linkstart2}', '<a href="' + OC.generateUrl('/settings/integrity/failed') + '">') - .replace('{linkstart3}', '<a href="' + OC.generateUrl('/settings/integrity/rescan?requesttoken={requesttoken}', {'requesttoken': OC.requestToken}) + '">') - .replace(/{linkend}/g, '</a>'), - type: OC.SetupChecks.MESSAGE_TYPE_ERROR - }); - } if(!data.isSettimelimitAvailable) { messages.push({ msg: t('core', 'The PHP function "set_time_limit" is not available. This could result in scripts being halted mid-execution, breaking your installation. Enabling this function is strongly recommended.'), @@ -317,6 +307,15 @@ return deferred.promise(); }, + escapeHTML: function(text) { + return text.toString() + .split('&').join('&') + .split('<').join('<') + .split('>').join('>') + .split('"').join('"') + .split('\'').join(''') + }, + /** * @param message The message string containing placeholders. * @param parameters An object with keys as placeholders and values as their replacements. @@ -327,11 +326,13 @@ for (var [placeholder, parameter] of Object.entries(parameters)) { var replacement; if (parameter.type === 'user') { - replacement = '@' + parameter.name; + replacement = '@' + this.escapeHTML(parameter.name); } else if (parameter.type === 'file') { - replacement = parameter.path || parameter.name; + replacement = this.escapeHTML(parameter.path) || this.escapeHTML(parameter.name); + } else if (parameter.type === 'highlight') { + replacement = '<a href="' + encodeURI(parameter.link) + '">' + this.escapeHTML(parameter.name) + '</a>'; } else { - replacement = parameter.name; + replacement = this.escapeHTML(parameter.name); } message = message.replace('{' + placeholder + '}', replacement); } @@ -350,6 +351,9 @@ } var message = setupCheck.description; + if (message) { + message = this.escapeHTML(message) + } if (setupCheck.descriptionParameters) { message = this.richToParsed(message, setupCheck.descriptionParameters); } diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js index a407fbb145a..5e879974fc9 100644 --- a/core/js/tests/specs/setupchecksSpec.js +++ b/core/js/tests/specs/setupchecksSpec.js @@ -226,7 +226,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -272,7 +271,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -318,7 +316,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -364,7 +361,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: false, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -409,7 +405,6 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html', isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: false, cronErrors: [], cronInfo: { @@ -454,7 +449,6 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html', isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -530,7 +524,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -581,7 +574,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -629,7 +621,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -674,7 +665,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -716,7 +706,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -748,7 +737,6 @@ describe('OC.SetupChecks tests', function() { }); }); - it('should return an error if gmp or bcmath are not enabled', function(done) { var async = OC.SetupChecks.checkSetup(); @@ -761,7 +749,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -805,7 +792,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { @@ -837,7 +823,7 @@ describe('OC.SetupChecks tests', function() { async.done(function( data, s, x ){ expect(data).toEqual([{ - msg: 'Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add "default_phone_region" with the respective ISO 3166-1 code of the region to your config file. For more details see the <a target="_blank" rel="noreferrer noopener" class="external" href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements">documentation ↗</a>.', + msg: 'Your installation has no default phone region set. This is required to validate phone numbers in the profile settings without a country code. To allow numbers without a country code, please add "default_phone_region" with the respective ISO 3166-1 code of the region to your config file. For more details see the <a target="_blank" rel="noreferrer noopener" class="external" href="https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements">documentation ↗</a>.', type: OC.SetupChecks.MESSAGE_TYPE_INFO }]); done(); @@ -856,7 +842,6 @@ describe('OC.SetupChecks tests', function() { suggestedOverwriteCliURL: '', isFairUseOfFreePushService: true, isCorrectMemcachedPHPModuleInstalled: true, - hasPassedCodeIntegrityCheck: true, isSettimelimitAvailable: true, cronErrors: [], cronInfo: { |