User:DannyS712/copyvio-check.js: Difference between revisions
Content deleted Content added
copy User:FR30799386/copyvio-check.js |
fix cross-site scripting vulnerability in the "view details" link; this could be exploited using a page title containing JavaScript code |
||
| Line 2: | Line 2: | ||
$(document).ready(function() { |
$(document).ready(function() { |
||
var runcheck=function(){ |
var runcheck=function(){ |
||
$.ajax('//tools.wmflabs.org/copyvios/api.json?version=1&action=search&project=wikipedia&lang=en&title=' + mw.config.get('wgTitle')).then(function(result) { |
$.ajax('//tools.wmflabs.org/copyvios/api.json?version=1&action=search&project=wikipedia&lang=en&title=' + encodeURIComponent(mw.config.get('wgTitle'))).then(function(result) { |
||
if ((Math.round(result.best.confidence * 100)) < 50) { |
if ((Math.round(result.best.confidence * 100)) < 50) { |
||
$('#FRvio').css('background', '#EFE'); |
$('#FRvio').css('background', '#EFE'); |
||
| Line 8: | Line 8: | ||
$('#FRvio').css('background', '#FEE'); |
$('#FRvio').css('background', '#FEE'); |
||
} |
} |
||
$('#FRvio'). |
$('#FRvio').text('').append( |
||
document.createTextNode('Around ' + Math.round(result.best.confidence * 100).toString() + '% chance of being a copyvio ('), |
|||
$('<a>') |
|||
| ⚫ | |||
.attr('id', 'FRvio-check') |
|||
| ⚫ | |||
.attr('target', '_blank') |
|||
| ⚫ | |||
| ⚫ | |||
.text('view details'), |
|||
document.createTextNode(')') |
|||
); |
|||
}); |
}); |
||
}; |
}; |
||
Revision as of 13:56, 6 December 2021
//Copied from [[User:FR30799386/copyvio-check.js]]
$(document).ready(function() {
var runcheck=function(){
$.ajax('//tools.wmflabs.org/copyvios/api.json?version=1&action=search&project=wikipedia&lang=en&title=' + encodeURIComponent(mw.config.get('wgTitle'))).then(function(result) {
if ((Math.round(result.best.confidence * 100)) < 50) {
$('#FRvio').css('background', '#EFE');
} else if ((Math.round(result.best.confidence * 100)) > 50) {
$('#FRvio').css('background', '#FEE');
}
$('#FRvio').text('').append(
document.createTextNode('Around ' + Math.round(result.best.confidence * 100).toString() + '% chance of being a copyvio ('),
$('<a>')
.attr('id', 'FRvio-check')
.attr('target', '_blank')
.attr('href', '//tools.wmflabs.org/copyvios/?lang=en&project=wikipedia&title=' +
encodeURIComponent(mw.config.get('wgTitle')) + '&oldid=&action=search&use_engine=1&use_links=1&turnitin=0&noredirect=true')
.text('view details'),
document.createTextNode(')')
);
});
};
if(mw.config.get('wgNamespaceNumber') === 0|| mw.config.get('wgNamespaceNumber') === 2)
{
var counter = 0;
setInterval(function() {
if ($('.mwe-pt-toolbar-big').length && !counter) {
counter++;
if($('.redirectMsg').length)
{
$('#mwe-pt-info > div.mwe-pt-tool-flyout').append('<div id="FRvio" style="background:#EFE; padding:0.5em;">Redirect are not normally copvios.'
+'(<a id="FRvio-redirect-check" href="javascript:void(0)">check anyway</a>)</div>');
$('#FRvio-redirect-check').click(function(e){
e.preventDefault();
$('#FRvio').css('background','#e8e8e8').text('Calculating copyvio percentage...');
runcheck();
return false;
});
}
else
{
$('#mwe-pt-info > div.mwe-pt-tool-flyout').append('<div id="FRvio" style="background:#e8e8e8; padding:0.5em;">'
+'Calculating copyvio percentage...</div>');
$('#mwe-pt-info > div.mwe-pt-tool-icon-container > img').on('click',function(e){
e.preventDefault();
runcheck();
return false;
});
}
}
}, 250);
}
});