mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-25 12:09:15 -05:00
c26146881a
Includes fixes for CVE-2020-6831, CVE-2020-12387, CVE-2020-12388, CVE-2020-12389, CVE-2020-12392, CVE-2020-12393, and CVE-2020-12395. * gnu/packages/gnuzilla.scm (%icecat-version, %icecat-build-id): Update. (icecat-source): Update gnuzilla commit, base version, and hashes. Apply icecat-use-older-reveal-hidden-html.patch. * gnu/packages/patches/icecat-makeicecat.patch: Adapt to new version. * gnu/packages/patches/icecat-use-older-reveal-hidden-html.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
70 lines
2.7 KiB
Diff
70 lines
2.7 KiB
Diff
From 2e8618d22568b6e00892a17303d437dd700eca98 Mon Sep 17 00:00:00 2001
|
|
From: Mark H Weaver <mhw@netris.org>
|
|
Date: Tue, 5 May 2020 21:27:41 -0400
|
|
Subject: [PATCH] Revert "Update Reveal hidden HTML."
|
|
|
|
I prefer the user interface of the old version.
|
|
|
|
This reverts commit f6e3adb6b2344ee2c7bb453a305fd2d6fb4c194c.
|
|
---
|
|
.../passive_improve_css.js | 23 ++++++++++++++-----
|
|
1 file changed, 17 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/data/extensions/SubmitMe@0xbeef.coffee/passive_improve_css.js b/data/extensions/SubmitMe@0xbeef.coffee/passive_improve_css.js
|
|
index 7692990..ca57982 100644
|
|
--- a/data/extensions/SubmitMe@0xbeef.coffee/passive_improve_css.js
|
|
+++ b/data/extensions/SubmitMe@0xbeef.coffee/passive_improve_css.js
|
|
@@ -10,6 +10,8 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
|
|
*/
|
|
|
|
|
|
+var bad = [];
|
|
+
|
|
function escapeHTML (unsafe_str) {
|
|
return unsafe_str
|
|
.replace(/&/g, '&')
|
|
@@ -20,9 +22,14 @@ function escapeHTML (unsafe_str) {
|
|
.replace(/\//g, '/')
|
|
}
|
|
|
|
+function dounhide(){
|
|
+ for(var i = 0; i < bad.length; i++){
|
|
+ bad[i].remove();
|
|
+ }
|
|
+}
|
|
+
|
|
console.log("passive_improve_css.js");
|
|
function reveal_css(){
|
|
- var bad = [];
|
|
|
|
var elements = document.getElementsByTagName("style");
|
|
for(var i = 0; i < elements.length; i++){
|
|
@@ -41,16 +48,20 @@ function reveal_css(){
|
|
|
|
}
|
|
}
|
|
- if(bad.length > 0 && window.confirm("Hidden HTML detected, would you like to reveal it?")){
|
|
- for(var i = 0; i < bad.length; i++){
|
|
- bad[i].remove();
|
|
- }
|
|
+ if(bad.length > 0){
|
|
+ const insertedDiv = document.createElement('div');
|
|
+ insertedDiv.innerHTML= '<p id="unhide" class="button white" style="text-decoration:none!important; color:#000!important; font-size:1em !important; font-family:\'sans-serif\'!important; font-weight:normal !important; background-color:transparent!important; margin:0!important; padding:0!important; font-size:10px!important; line-height:1!important"' +
|
|
+ 'alt="Click to reveal hidden elements in this page">' +
|
|
+ '<span>Reveal hidden elements</span>' +
|
|
+ '</a>';
|
|
+ insertedDiv.style="position:fixed; bottom:1em; right:1em; opacity:0.8; z-index: 2147483647 !important; border-radius: 3px !important; background-color: #fff !important; padding: 0.5em !important; box-shadow: 0 0 3px grey !important; font-color:#bbb!important; cursor: pointer!important;";
|
|
+ insertedDiv.addEventListener("click", dounhide, false);
|
|
+ document.body.insertBefore(insertedDiv, document.body.firstChild);
|
|
}
|
|
}
|
|
|
|
reveal_css();
|
|
|
|
-
|
|
/*
|
|
var a = document.getElementsByTagName("style")[2];
|
|
var btn = document.createElement("style"); // Create a <button> element
|
|
--
|
|
2.26.2
|
|
|