From ca1efafa62883c4c64db8a34ffe576d6b4a1bcc8 Mon Sep 17 00:00:00 2001 From: David Cook Date: Fri, 18 Aug 2023 04:32:31 +0000 Subject: [PATCH] Bug 34571: Remove use of "onclick" for ExpandField in cataloguing editors This change replaces the onclick HTML attribute with a Javascript binding to make it more in line with Koha conventions and make it CSP compatible. Test plan: 0. Apply patch 1. Go to http://localhost:8081/cgi-bin/koha/cataloguing/addbiblio.pl?frameworkcode=# 2. Try hiding/unhiding fields 3. Try cloning fields and hiding/unhiding those too 4. Note that everything works as expected 5. Do the same thing for authorities by going to http://localhost:8081/cgi-bin/koha/authorities/authorities.pl?authtypecode=# Signed-off-by: Owen Leonard Signed-off-by: Katrin Fischer Signed-off-by: Tomas Cohen Arazi (cherry picked from commit 8341ffe13db350f3d0c623e1f6ff6671e1944d82) Signed-off-by: Fridolin Somers (cherry picked from commit 8237fdd32a6519ce063f3e119874e89395aec379) Signed-off-by: Matt Blenkinsop --- .../prog/en/modules/authorities/authorities.tt | 12 ++++++++++-- .../prog/en/modules/cataloguing/addbiblio.tt | 9 +++++++-- koha-tmpl/intranet-tmpl/prog/js/cataloging.js | 6 ++++-- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/authorities.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/authorities.tt index 1a417c835c..295fb77e68 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/authorities.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/authorities.tt @@ -243,6 +243,14 @@ $("#confirm_not_duplicate").attr("value","1"); Check(); } + /* Wrap a value in HTML without putting HTML in translatable string */ + function formatFieldName( string ){ + return "" + string + ""; + } + + $(document).ready(function(){ + $('body').on('click','.expandfield',ExpandField); + }); [% Asset.css("css/addbiblio.css") | $raw %] @@ -398,7 +406,7 @@
[% UNLESS hide_marc %] [% IF advancedMARCEditor %] - [% innerloo.tag | html %] + [% innerloo.tag | html %] [% ELSE %] [% innerloo.tag | html %] [% END %] @@ -458,7 +466,7 @@ [% END # /UNLESS hide_marc %] [% UNLESS advancedMARCEditor %] - [% innerloo.tag_lib | html %] + [% innerloo.tag_lib | html %] [% END %] [% IF ( innerloo.repeatable ) %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbiblio.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbiblio.tt index 0a9042d917..f58826c1fc 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbiblio.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbiblio.tt @@ -787,6 +787,11 @@ $(document).ready(function(){ function formatFieldName( string ){ return "" + string + ""; } + + $(document).ready(function(){ + $('body').on('click','.expandfield',ExpandField); + }); + [% Asset.css("css/addbiblio.css") | $raw %] @@ -1043,7 +1048,7 @@ $(document).ready(function(){ [% END %]
[% IF advancedMARCEditor %] - [% innerloo.tag | html %] + [% innerloo.tag | html %] [% ELSE %] [% innerloo.tag | html %]  ? @@ -1084,7 +1089,7 @@ $(document).ready(function(){ [% END # /IF innerloo.fixedfield %] - [% UNLESS advancedMARCEditor %] - [% innerloo.tag_lib | html %] + [% innerloo.tag_lib | html %] [% END %] diff --git a/koha-tmpl/intranet-tmpl/prog/js/cataloging.js b/koha-tmpl/intranet-tmpl/prog/js/cataloging.js index d6f6715cc3..602ae9ceaf 100644 --- a/koha-tmpl/intranet-tmpl/prog/js/cataloging.js +++ b/koha-tmpl/intranet-tmpl/prog/js/cataloging.js @@ -59,7 +59,8 @@ function openAuth(tagsubfieldid,authtype,source) { window.open("../authorities/auth_finder.pl?source="+source+"&authtypecode="+authtype+"&index="+tagsubfieldid+"&value_mainstr="+encodeURIComponent(mainmainstring)+"&value_main="+encodeURIComponent(mainstring), "_blank",'width=700,height=550,toolbar=false,scrollbars=yes'); } -function ExpandField(index) { +function ExpandField() { + let index = this.dataset.field_id; var original = document.getElementById(index); //original
  • var lis = original.getElementsByTagName('li'); for(var i=0,lislen = lis.length ; i