mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-20 23:46:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

cookies: Use js-cookie to read and write cookies

Browse source 
Rather than reinvent the wheel, use a well-tested library to parse and
write cookies. This should also help prevent XSS vulnerabilities
because the library handles special characters such as semicolon.
This commit is contained in:
Richard Hansen 2020-10-02 18:43:12 -04:00 committed by John McLear
parent d55edebddd
commit 3ab0f30ac8
9 changed files with 54 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/static/js/pad_cookie.js
View file

@ -14,8 +14,7 @@
* limitations under the License.
*/
const createCookie = require('./pad_utils').createCookie;
const readCookie = require('./pad_utils').readCookie;
const Cookies = require('./pad_utils').Cookies;
exports.padcookie = new class {
constructor() {
@ -40,17 +39,17 @@ exports.padcookie = new class {
}
readPrefs_() {
const jsonEsc = readCookie(this.cookieName_);
if (jsonEsc == null) return null;
try {
return JSON.parse(unescape(jsonEsc));
const json = Cookies.get(this.cookieName_);
if (json == null) return null;
return JSON.parse(json);
} catch (e) {
return null;
}
}
savePrefs_() {
createCookie(this.cookieName_, escape(JSON.stringify(this.prefs_)), 365 * 100);
Cookies.set(this.cookieName_, JSON.stringify(this.prefs_), {expires: 365 * 100});
}
getPref(prefName) {