StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: fix xss vulnerability

Browse Source 
bug 5008593

the fix deletes some code that was originally there to handle side nav
highlighting for inter-doc links. This code is no longer necessary (or at least
should not be) because side nav links should not be inter-doc links, but
should always be to their own document (no two sidenav links should go
to separate sections of the same doc).

Change-Id: If77d6fe869e6a44bae2f194c9de26222e6ad9419
This commit is contained in:
Scott Main
2011-07-08 16:19:25 -07:00
parent 0b22d93be3
commit 76a62f2deb
1 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
tools/droiddoc/templates-sdk/assets/android-developer-docs.js
View File

@@ -255,23 +255,23 @@ function highlightNav(fullPageName) {
if (lastSlashPos == (fullPageName.length - 1)) { // if the url ends in slash (add 'index.html')
fullPageName = fullPageName + "index.html";
}
// First check if the exact URL, with query string and all, is in the navigation menu
var pathPageName = fullPageName.substr(firstSlashPos);
// get the path and page name from the URL (such as 'guide/topics/graphics/index.html')
var htmlPos = fullPageName.indexOf(".html");
var pathPageName = fullPageName.slice(firstSlashPos, htmlPos + 5); // +5 advances past ".html"
// find instances of the page name in the side nav
var link = $("#devdoc-nav a[href$='"+ pathPageName+"']");
if (link.length == 0) {
var htmlPos = fullPageName.lastIndexOf(".html", fullPageName.length);
pathPageName = fullPageName.slice(firstSlashPos, htmlPos + 5); // +5 advances past ".html"
link = $("#devdoc-nav a[href$='"+ pathPageName+"']");
if ((link.length == 0) && ((fullPageName.indexOf("/guide/") != -1) || (fullPageName.indexOf("/resources/") != -1))) {
// if there's no match, then let's backstep through the directory until we find an index.html page
// that matches our ancestor directories (only for dev guide and resources)
lastBackstep = pathPageName.lastIndexOf("/");
while (link.length == 0) {
backstepDirectory = pathPageName.lastIndexOf("/", lastBackstep);
link = $("#devdoc-nav a[href$='"+ pathPageName.slice(0, backstepDirectory + 1)+"index.html']");
lastBackstep = pathPageName.lastIndexOf("/", lastBackstep - 1);
if (lastBackstep == 0) break;
}
// if there's no match, then let's backstep through the directory until we find an index.html
// page that matches our ancestor directories (only for dev guide and resources)
if ((link.length == 0) && ((fullPageName.indexOf("/guide/") != -1) ||
(fullPageName.indexOf("/resources/") != -1))) {
lastBackstep = pathPageName.lastIndexOf("/");
while (link.length == 0) {
backstepDirectory = pathPageName.lastIndexOf("/", lastBackstep);
link = $("#devdoc-nav a[href$='"+ pathPageName.slice(0, backstepDirectory +
1)+"index.html']");
lastBackstep = pathPageName.lastIndexOf("/", lastBackstep - 1);
if (lastBackstep == 0) break;
}
}