mirrors
/
miniflux-v2
mirror of https://github.com/miniflux/v2.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

First steps towards trusted-types support 

Refactor away some trival usages of `.innerHTML`. Unfortunately, there is no way to
enabled trusted-types in report-only mode via `<meta>` tags, see
https://github.com/w3c/webappsec-csp/issues/277
This commit is contained in:
jvoisin 2024-03-11 01:16:36 +01:00 committed by Frédéric Guillot
parent 826e4d654f
commit fd8f25916b
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
internal/ui/static/js/app.js
View File

@ -114,7 +114,7 @@ function handleSubmitButtons() {
let button = element.querySelector("button");
if (button) {
button.innerHTML = button.dataset.labelLoading;
button.textContent = button.dataset.labelLoading;
button.disabled = true;
}
};
@ -193,7 +193,7 @@ function toggleEntryStatus(element, toasting) {
let currentStatus = link.dataset.value;
let newStatus = currentStatus === "read" ? "unread" : "read";
link.querySelector("span").innerHTML = link.dataset.labelLoading;
link.querySelector("span").textContent = link.dataset.labelLoading;
updateEntriesStatus([entryID], newStatus, () => {
let iconElement, label;
@ -352,12 +352,13 @@ function handleFetchOriginalContent() {
return;
}
let previousInnerHTML = element.innerHTML;
let previousElement = element.cloneNode(true)
element.innerHTML = '<span class="icon-label">' + element.dataset.labelLoading + '</span>';
let request = new RequestBuilder(element.dataset.fetchContentUrl);
request.withCallback((response) => {
element.innerHTML = previousInnerHTML;
element.textContent = '';
element.appendChild(previousElement);
response.json().then((data) => {
if (data.hasOwnProperty("content") && data.hasOwnProperty("reading_time")) {