diff options
author | Aaron Parecki <aaron@parecki.com> | 2015-07-25 03:41:53 -0700 |
---|---|---|
committer | Aaron Parecki <aaron@parecki.com> | 2015-07-25 03:41:53 -0700 |
commit | 60830007641c985c11c8ac8f609aab735dd84a96 (patch) | |
tree | af8f910c3d6d555f99002b347012b7e539b2aabc /views/partials | |
parent | 91307d4a362a8fab0022aba19ab74bec9cb46f8f (diff) |
replace "favorite" bookmarklet
Twitter changed some XSS security settings which prevents Quill from injecting JS onto the page for the inline "favorite" button. This change makes it open the "favorite" screen in a new window.
Diffstat (limited to 'views/partials')
-rw-r--r-- | views/partials/bookmark-bookmarklet.php | 1 | ||||
-rw-r--r-- | views/partials/favorite-bookmarklet.php | 13 |
2 files changed, 3 insertions, 11 deletions
diff --git a/views/partials/bookmark-bookmarklet.php b/views/partials/bookmark-bookmarklet.php index 0dfd916..9799bd8 100644 --- a/views/partials/bookmark-bookmarklet.php +++ b/views/partials/bookmark-bookmarklet.php @@ -2,4 +2,3 @@ var t;try{t=((window.getSelection&&window.getSelection())||(document.getSelection&&document.getSelection())||(document.selection&&document.selection.createRange&&document.selection.createRange().text));}catch(e){t="";}; window.location="<?= Config::$base_url ?>bookmark?url="+encodeURIComponent(window.location.href)+"&content="+encodeURIComponent((t == '' ? '' : '"'+t+'"'))+"&name="+encodeURIComponent(document.title)+"&token=<?= $this->token ?>"; })(); - diff --git a/views/partials/favorite-bookmarklet.php b/views/partials/favorite-bookmarklet.php index e4d27bd..bdee851 100644 --- a/views/partials/favorite-bookmarklet.php +++ b/views/partials/favorite-bookmarklet.php @@ -1,10 +1,3 @@ -var quill_popup=function(){ - window.open(document.getElementById('quill-script').src.replace('favorite.js?','favorite-popup?'),'quill-like', 'status=no,directories=no,location=no,resizable=no,menubar=no,width=300,height=200,toolbar=no'); -}; -(function(){ - var quill=document.createElement('script'); - quill.src='<?= Config::$base_url ?>favorite.js?url='+encodeURIComponent(window.location)+'&token=<?= $this->token ?>'; - quill.setAttribute('id','quill-script'); - quill.setAttribute('onerror', 'quill_popup()'); - document.body.appendChild(quill); -})();
\ No newline at end of file +(function(){ + window.open("<?= Config::$base_url ?>favorite?url="+encodeURIComponent(window.location.href)+"&autosubmit=true&token=<?= $this->token ?>"); +})(); |