• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Jesse Silverman
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Al Hobbs
  • salvin francis

Javascript in bbcode

 
Greenhorn
Posts: 5
1
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi guys.
I'm trying to add new bbcode for spoiler. According to this page I modified bb-config.xml adding this:
 
Tom Waw
Greenhorn
Posts: 5
1
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Unfortunetly pressed submit before finishing my post Sorry.
I also tried this one:

<match name="spoiler">
       <regex>(?s)\[spoiler\](.*?)\[/spoiler\]</regex>
       <replace>
       <![CDATA[
<div style="margin-bottom: 2px;">
   <b>Hidden text. </b>

   <input value="Show" type="button" style="margin: 0px; padding: 0px; width: 60px; font-size: 10px;"
          onclick="
                  if (this.parentNode.getElementsByTagName('div')[1].style.display != 'inline') {
                      this.parentNode.getElementsByTagName('div')[1].style.display = 'inline';
                      this.value = 'Hide';
                  } else {
                      this.parentNode.getElementsByTagName('div')[1].style.display = 'none';
                      this.value = 'Show';
                  }">

   <div style="border: 1px inset; padding: 6px; margin-top: 3px;">
       <div style="display: none;">{TEXT}</div>
   </div>
</div>

Everything shows correctly except onclick param.  Input doesn't have it. Should I add something somewhere else?
 
Saloon Keeper
Posts: 7174
166
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's tricky. JForum disallows the injection on JavaScript handlers on a code level (in the SafeHtml class, in case you're curious.) How about something like this:


On an unrelated subject: you are using the latest JForum version from SourceForge, yes? The original version from jforum.net has multiple security holes (and other bugs) that will never be fixed.
 
Tom Waw
Greenhorn
Posts: 5
1
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm using JForum ver. 2.4.1.

Thanks for reply but this isn't what I need. I wanted hide large amount of text in this tag e.g. change notes. So yeah it will be hide but still takes a lot of space :P

In one topic I found something like "attributes.welcome" (not really remember exaclty name ) for html. How about adding there "onclick" value?
 
Tim Moores
Saloon Keeper
Posts: 7174
166
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That would work for other attributes, but the code that removes Javascript handlers takes precedence over that setting.
 
Tom Waw
Greenhorn
Posts: 5
1
Android IntelliJ IDE Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Tim for advice. I did some customisation and posted changes if someone needs this too.

To bb_config.xml add following lines:

Note: in my code input is as one line. Here I broke line few times.

In SafeHtml added:



and added some unit test to cover changes (SafeHtmlTest)


I know that the js section is very ugly xD
hf
 
author & internet detective
Posts: 40798
829
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for sharing your code!
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic