Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stop passing sessionid cookie in to media uploader #29489

Merged
merged 2 commits into from
Apr 9, 2021
Merged

Stop passing sessionid cookie in to media uploader #29489

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8ffa275
Stop passing sessionid cookie in to media uploader
dannyroberts Apr 8, 2021
88f32f0
Fix comma-dangle situation within function arg list
dannyroberts Apr 8, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions corehq/apps/app_manager/static/app_manager/js/details/case_detail_print.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,8 @@ hqDefine("app_manager/js/details/case_detail_print", function () {
printTemplateUploader = new HQMediaFileUploadController(
print_uploader.slug,
print_uploader.media_type,
_.extend({}, print_uploader.options, {
swfURL: initial_page_data('swfURL'),
sessionid: initial_page_data('sessionid'),
}));
print_uploader.options
);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Parsing error: Unexpected token )

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What am I missing. Our .eslintrc.js requires comma-dangle, and Parsing error isn't what I'd expect in that situation anyway, so it can't be that. Am I like counting parentheses wrong?

Copy link
Contributor

@orangejenny orangejenny Apr 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comma-dangle is for objects & arrays, but not parameter lists in function calls. This will also break deploy because the uglifier will interpret it as a syntax error.

Today I learned that the trailing comma is allowed in function calls as of ECMAScript 2017, but we're not there yet.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, okay thank you sharing that. I assumed because of https://eslint.org/docs/rules/comma-dangle#functions that comma-dangle included function arguments. But maybe this parsing error is coming from something other than eslint 🤔

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think eslint has logic so that function arguments aren't included in the comma-dangle rule, even when it's set to "always", unless you also have an eslint environment that supports that syntax, like by setting ecmaVersion to 8+

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah okay gotcha. That was the piece I was missing. Thanks!

printTemplateUploader.init();
printRef = hqImport('hqmedia/js/media_reference_models').BaseMediaReference(initial_page_data('print_ref'));
printRef.upload_controller = printTemplateUploader;
Expand Down
5 changes: 1 addition & 4 deletions corehq/apps/app_manager/static/app_manager/js/nav_menu_media_common.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,7 @@ hqDefine("app_manager/js/nav_menu_media_common", function () {
uploaders[type] = new HQMediaFileUploadController(
uploader.slug,
uploader.media_type,
_.extend({}, uploader.options, {
sessionid: initial_page_data("sessionid"),
swfURL: initial_page_data("swfURL"),
})
uploader.options
);
uploaders[type].init();
});
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/app_manager/templates/app_manager/app_view_settings.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,6 @@
{% initial_page_data 'linked_whitelist' app.linked_whitelist %}
{% initial_page_data 'media_refs' refs %}
{% initial_page_data 'media_info' media_info %}
{% initial_page_data 'sessionid' request.COOKIES.sessionid %}
{% initial_page_data 'swfURL' 'hqmedia/MediaUploader/flashuploader.swf'|static %}
{% initial_page_data 'uploaders' uploaders_js %}
{% registerurl 'app_multimedia_ajax' domain app.get_id %}
{% registerurl "hqmedia_remove_logo" domain app.id %}
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/app_manager/templates/app_manager/form_view.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,12 +144,10 @@
{% initial_page_data 'nav_menu_media_specifics' nav_menu_media_specifics %}
{% initial_page_data 'root_requires_same_case' root_requires_same_case %}
{% initial_page_data 'put_in_root' module.put_in_root %}
{% initial_page_data 'sessionid' request.COOKIES.sessionid %}
{% initial_page_data 'shadow_parent_form_id' form.shadow_parent_form_id %}
{% initial_page_data 'is_release_notes_form' form.is_release_notes_form %}
{% initial_page_data 'is_allowed_to_be_release_notes_form' is_allowed_to_be_release_notes_form %}
{% initial_page_data 'is_training_module' is_training_module %}
{% initial_page_data 'swfURL' 'hqmedia/MediaUploader/flashuploader.swf'|static %}
{% if allow_form_copy and request|toggle_enabled:"COPY_FORM_TO_APP" %}
{% initial_page_data 'apps_modules' apps_modules %}
{% endif %}
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/app_manager/templates/app_manager/module_view.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,6 @@
{% initial_page_data 'print_ref' print_ref %}
{% initial_page_data 'print_uploader_js' print_uploader_js %}
{% initial_page_data 'shadow_module_options' shadow_module_options %}
{% initial_page_data 'swfURL' 'hqmedia/MediaUploader/flashuploader.swf'|static %}
{% initial_page_data 'sessionid' request.COOKIES.sessionid %}
{% initial_page_data 'default_language' app.default_language %}
{% initial_page_data 'current_language' lang %}
{% registerurl "view_form" domain app.id '---' %}
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/app_manager/templates/app_manager/module_view_report.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,6 @@
{% initial_page_data 'multimedia_object_map' multimedia.object_map %}
{% initial_page_data 'multimedia_upload_managers' multimedia.upload_managers_js %}
{% initial_page_data 'nav_menu_media_specifics' nav_menu_media_specifics %}
{% initial_page_data 'sessionid' request.COOKIES.sessionid %}
{% initial_page_data 'swfURL' 'hqmedia/MediaUploader/flashuploader.swf'|static %}
{% initial_page_data 'report_module_options' report_module_options %}
{% initial_page_data 'static_data_options' static_data_options %}
{% initial_page_data 'uuids_by_instance_id' uuids_by_instance_id %}
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/app_manager/views/formdesigner.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,6 @@ def _get_base_vellum_options(request, domain, form, displayLang):
'text': reverse("hqmedia_uploader_text", args=[domain, app.id]),
},
'objectMap': app.get_object_map(multimedia_map=form.get_relevant_multimedia_map(app)),
'sessionid': request.COOKIES.get('sessionid'),
},
}

Expand Down Expand Up @@ -273,7 +272,6 @@ def _get_vellum_core_context(request, domain, app, module, form, lang):
"meta/location",
] + _get_core_context_scheduler_data_nodes(module, form),
'activityUrl': reverse('ping'),
'sessionid': request.COOKIES.get('sessionid'),
'externalLinks': {
'changeSubscription': reverse("domain_subscription_view",
kwargs={'domain': domain}),
Expand Down
1 change: 0 additions & 1 deletion corehq/apps/app_manager/views/view_generic.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,6 @@ def _make_name(suffix):
for slug in uploader_slugs
]
context.update({
"sessionid": request.COOKIES.get('sessionid'),
"uploaders": uploaders,
"uploaders_js": [u.js_options for u in uploaders],
"refs": {
Expand Down
2 changes: 1 addition & 1 deletion corehq/apps/hqmedia/static/hqmedia/MediaUploader
Open in desktop
Submodule MediaUploader updated 1 files
+0 −9 hqmedia.upload_controller.js
6 changes: 2 additions & 4 deletions corehq/apps/hqmedia/static/hqmedia/js/hqmediauploaders.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,8 @@ hqDefine("hqmedia/js/hqmediauploaders", function () {
HQMediaUploaders[uploader.slug] = new HQMediaUploaderTypes[uploader.uploader_type](
uploader.slug,
uploader.media_type,
_.extend({
sessionid: initial_page_data("sessionid"),
swfURL: initial_page_data("swfURL"),
}, uploader.options));
uploader.options
);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Parsing error: Unexpected token )

HQMediaUploaders[uploader.slug].init();
});

Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/hqmedia/templates/hqmedia/bulk_upload.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,6 @@
{% endblock %}

{% block page_content %}
{% initial_page_data 'sessionid' request.COOKIES.sessionid %}
{% initial_page_data 'swfURL' 'hqmedia/MediaUploader/flashuploader.swf'|static %}
{% initial_page_data 'uploaders' uploaders_js %}

<p class="lead">{{ current_page.page_name }}</p>
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/hqmedia/templates/hqmedia/references.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,6 @@
{% endblock %}

{% block page_content %}
{% initial_page_data 'sessionid' request.COOKIES.sessionid %}
{% initial_page_data 'swfURL' 'hqmedia/MediaUploader/flashuploader.swf'|static %}
{% initial_page_data 'uploaders' uploaders_js %}
{% registerurl 'hqmedia_references' app.domain app.id %}
{% registerurl 'view_module' app.domain app.id '---' %}
Expand Down
2 changes: 0 additions & 2 deletions corehq/apps/hqmedia/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,6 @@ def page_context(self):
context.update({
'uploaders': self.upload_controllers,
'uploaders_js': [u.js_options for u in self.upload_controllers],
"sessionid": self.request.COOKIES.get('sessionid'),
})
return context

Expand All @@ -172,7 +171,6 @@ def page_context(self):
if self.app is None:
raise Http404(self)
context.update({
"sessionid": self.request.COOKIES.get('sessionid'),
"multimedia_state": self.app.check_media_state(),
})
return context
Expand Down