87300988042f9b370f257fddf5a3ae0d21662851 galt Sat Feb 4 00:12:53 2017 -0800 Fixes for early warning during ajax callback; fixes for early warning in js. Changed to not only parse to but strip out the CSP header and js-with-nonce leaving cleaner html -- should create fewer "surprises" for existing screen-scraping code. diff --git src/hg/js/alleles.js src/hg/js/alleles.js index c14fb8f..19588ca 100644 --- src/hg/js/alleles.js +++ src/hg/js/alleles.js @@ -20,66 +20,56 @@ function initSortTable() { // Initialize the sortable table var allelesTable = $('table#alleles.sortable'); if (allelesTable.length === 1) { sortTable.initialize(allelesTable[0],false); sortTable.sortCaseSensitive(true); } } function update(content, status) { // Update the geneAlleles section based upon ajax request hideLoadingImage(this.loadingId); // Do this first - var pageNonce = getNonce(); - - var ajaxNonce = stripNonce(content, false); - - var jsNonce = stripJsNonce(content, ajaxNonce, false);// DEBUG msg with true var geneAlleles = $('div#' + sectionName); if (geneAlleles.length > 0) { var cleanHtml = content; + var nonceJs = {}; + cleanHtml = stripCSPAndNonceJs(cleanHtml, false, nonceJs); // DEBUG msg with true //cleanHtml = stripJsFiles(cleanHtml,true); // DEBUG msg with true //cleanHtml = stripCssFiles(cleanHtml,true); // DEBUG msg with true //cleanHtml = stripJsEmbedded(cleanHtml,true);// DEBUG msg with true var sectionBegin = ""; var sectionEnd = ""; var ix = cleanHtml.indexOf(sectionBegin); if (ix > 0) cleanHtml = cleanHtml.substring(ix); ix = cleanHtml.indexOf(sectionEnd); if (ix > 0) cleanHtml = cleanHtml.substring(0,ix + sectionEnd.length); if (cleanHtml.length > 0) { ajaxUpdates++; $(geneAlleles[0]).html( cleanHtml ); hiliteRemove(); - // append ajax js blocks with nonce - for (i=0; i 0) thisUrl = "../" + thisUrl.substring(ix);