sub template {
# BMO - use metrics subclass if required
if (Bugzilla->metrics_enabled) {
- return $_[0]->request_cache->{template} ||= Bugzilla::Metrics::Template->create();
+ $_[0]->request_cache->{template} ||= Bugzilla::Metrics::Template->create();
} else {
- return $_[0]->request_cache->{template} ||= Bugzilla::Template->create();
+ $_[0]->request_cache->{template} ||= Bugzilla::Template->create();
}
+ $_[0]->request_cache->{template}->{_is_main} = 1;
+
+ return $_[0]->request_cache->{template};
}
sub template_inner {
use constant DEFAULT_CSP => (
default_src => [ 'self' ],
- script_src => [ 'self', 'https://login.persona.org', 'unsafe-inline', 'unsafe-eval' ],
- child_src => [ 'self', 'https://login.persona.org' ],
+ script_src => [ 'self', 'unsafe-inline', 'unsafe-eval' ],
+ child_src => [ 'self', ],
img_src => [ 'self', 'https://secure.gravatar.com' ],
style_src => [ 'self', 'unsafe-inline' ],
- disable => 1,
+ object_src => [ 'none' ],
+ form_action => [
+ 'self',
+ # used in template/en/default/search/search-google.html.tmpl
+ 'https://www.google.com/search'
+ ],
+ frame_ancestors => [ 'none' ],
+ disable => 1,
);
+# Because show_bug code lives in many different .cgi files,
+# we needed a centralized place to define the policy.
+# normally the policy would just live in one .cgi file.
+# Additionally, correct_urlbase() cannot be called at compile time, so this can't be a constant.
+sub SHOW_BUG_MODAL_CSP {
+ return (
+ script_src => ['self', 'nonce', 'unsafe-inline', 'unsafe-eval' ],
+ object_src => [correct_urlbase() . "extensions/BugModal/web/ZeroClipboard/ZeroClipboard.swf"],
+ connect_src => [
+ 'self',
+ # This is from extensions/OrangeFactor/web/js/orange_factor.js
+ 'https://brasstacks.mozilla.com/orangefactor/api/count',
+ ],
+ child_src => [
+ 'self',
+ # This is for the socorro lens addon and is to be removed by Bug 1332016
+ 'https://ashughes1.github.io/bugzilla-socorro-lens/chart.htm'
+ ],
+ );
+}
+
sub _init_bz_cgi_globals {
my $invocant = shift;
# We need to disable output buffering - see bug 179174
my ($self, %add_params) = @_;
if (Bugzilla->has_feature('csp')) {
require Bugzilla::CGI::ContentSecurityPolicy;
- return $self->{Bugzilla_csp} if $self->{Bugzilla_csp};
- my %params = DEFAULT_CSP;
- if (%add_params) {
+ if (%add_params || !$self->{Bugzilla_csp}) {
+ my %params = DEFAULT_CSP;
+ delete $params{disable} if %add_params && !$add_params{disable};
foreach my $key (keys %add_params) {
if (defined $add_params{$key}) {
$params{$key} = $add_params{$key};
delete $params{$key};
}
}
+ $self->{Bugzilla_csp} = Bugzilla::CGI::ContentSecurityPolicy->new(%params);
}
- return $self->{Bugzilla_csp} = Bugzilla::CGI::ContentSecurityPolicy->new(%params);
+
+ return $self->{Bugzilla_csp};
}
return undef;
}
$headers{'-x_content_type_options'} = 'nosniff';
my $csp = $self->content_security_policy;
- $csp->add_cgi_headers(\%headers) if defined $csp;
+ $csp->add_cgi_headers(\%headers) if defined $csp && !$csp->disable;
Bugzilla::Hook::process('cgi_headers',
{ cgi => $self, headers => \%headers }
default_src child_src connect_src
font_src img_src media_src
object_src script_src style_src
+ frame_ancestors form_action
);
has \@ALL_SRC => ( is => 'ro', isa => $SOURCE_LIST, predicate => 1 );
# Currenly active language
'current_language' => sub { return Bugzilla->current_language; },
+ 'script_nonce' => sub {
+ my $cgi = Bugzilla->cgi;
+ return $cgi->csp_nonce ? sprintf('nonce="%s"', $cgi->csp_nonce) : '';
+ },
+
# If an sudo session is in progress, this is the user who
# started the session.
'sudoer' => sub { return Bugzilla->sudoer; },
my $recipients = { 'changer' => $user, 'owner' => $owner };
$vars->{'sent_bugmail'} = Bugzilla::BugMail::Send($bugid, $recipients);
+ # BMO: add show_bug_format hook for experimental UI work
+ my $show_bug_format = {};
+ Bugzilla::Hook::process('show_bug_format', $show_bug_format);
+
+ if ($show_bug_format->{format} eq 'modal') {
+ $cgi->content_security_policy(Bugzilla::CGI::SHOW_BUG_MODAL_CSP());
+ }
+
print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/created.html.tmpl", $vars)
$vars->{'sent_bugmail'} =
Bugzilla::BugMail::Send($bug->id, { 'changer' => $user });
+ # BMO: add show_bug_format hook for experimental UI work
+ my $show_bug_format = {};
+ Bugzilla::Hook::process('show_bug_format', $show_bug_format);
+
+ if ($show_bug_format->{format} eq 'modal') {
+ $cgi->content_security_policy(Bugzilla::CGI::SHOW_BUG_MODAL_CSP());
+ }
+
print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
my $user = Bugzilla->login(LOGIN_REQUIRED);
my $dbh = Bugzilla->dbh;
- print $cgi->header();
-
$user->in_group('admin')
|| ThrowUserError('auth_failure', {group => 'admin',
action => 'delete',
$vars->{'sent_bugmail'} =
Bugzilla::BugMail::Send($bug->id, { 'changer' => $user });
+ # BMO: add show_bug_format hook for experimental UI work
+ my $show_bug_format = {};
+ Bugzilla::Hook::process('show_bug_format', $show_bug_format);
+
+ if ($show_bug_format->{format} eq 'modal') {
+ $cgi->content_security_policy(Bugzilla::CGI::SHOW_BUG_MODAL_CSP());
+ }
+
+ print $cgi->header();
$template->process("attachment/updated.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
$vars->{'a'} = $attachment;
$vars->{'token'} = $token;
+ print $cgi->header();
$template->process("attachment/confirm-delete.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
END;
END;
%]
-<button type="button" class="minor"
- onclick="document.location='page.cgi?id=attachment_bounty_form.html&bug_id=[% bug.id FILTER none %]'">
+<button type="button" class="minor button-link"
+ data-href="page.cgi?id=attachment_bounty_form.html&bug_id=[% bug.id FILTER none %]">
[% has_bounty_attachment ? "Edit" : "Add" %] Bounty Tracking Attachment
</button>
});
}
+$(function() {
+ $('.show_usermenu').on("click", function (event) {
+ var $this = $(this);
+ return show_usermenu($this.data('user-id'), $this.data('user-email'), $this.data('show-edit'));
+ });
+});
[%# === initialise module visibility === %]
-<script>
+<script [% script_nonce FILTER none %]>
init_module_visibility();
</script>
width="[% gravatar_size FILTER none %]" height="[% gravatar_size FILTER none %]">
[% END %]
[% UNLESS gravatar_only %]
- <a class="email [%= "disabled" UNLESS u.is_enabled %]"
+ <a class="email [%= "disabled" UNLESS u.is_enabled %] [%= "show_usermenu" IF user.id %]"
[% IF user.id %]
href="mailto:[% u.email FILTER html %]"
- onclick="return show_usermenu([% u.id FILTER none %], '[% u.email FILTER js %]',
- [% user.in_group('editusers') || user.bless_groups.size > 0 ? "true" : "false" %])"
+ data-user-id="[% u.id FILTER html %]"
+ data-user-email="[% u.email FILTER html %]"
+ data-show-edit="[% user.in_group('editusers') || user.bless_groups.size > 9 ? 'true' : 'false' %]"
title="[% u.identity FILTER html %]"
[% ELSE %]
href="user_profile?user_id=[% u.id FILTER none %]"
$('#lb_overlay, #lb_overlay2, #lb_close_btn, #lb_img, #lb_text').remove();
}
+$(function() {
+ $("button.button-link").on("click", function (event) {
+ event.preventDefault();
+ window.location = $(this).data("href");
+ });
+});
+
// extensions
(function($) {
[% USE Bugzilla %]
[% IF Param('user_info_class').split(',').contains('GitHubAuth') %]
- <script type="text/javascript">
+ <script [% script_nonce FILTER none %] type="text/javascript">
YAHOO.util.Event.addListener('login_link[% qs_suffix FILTER js %]','click', function () {
var login_link = YAHOO.util.Dom.get('github_mini_login[% qs_suffix FILTER js %]');
YAHOO.util.Dom.removeClass(login_link, 'bz_default_hidden');
RETURN UNLESS needinfo_flagtype;
%]
-<script>
+<script [% script_nonce FILTER none%]>
[% IF needinfo_flags.size > 0 %]
$(function() {
[%# Displays NEEDINFO tag in bug header %]
$('#needinfo').change();
}
- function needinfo_from_changed() {
- $('#needinfo').prop('checked', $('#needinfo_from').val() !== '');
- }
-
$(function() {
needinfo_init();
+ $(".needinfo_from_changed").on("change", function (event) {
+ $("#needinfo").prop("checked", $("#needinfo_from").val() !== '');
+ });
});
[% END %]
</script>
value => ""
size => 30
multiple => 5
- onchange => "needinfo_from_changed()"
+ classes => ["needinfo_from_changed"]
field_title => "Enter one or more comma separated users to request more information from"
%]
</span>
[% IF Param('user_info_class').split(',').contains('Persona')
&& Param('persona_includejs_url') %]
<p>
- <img src="extensions/Persona/web/images/persona_sign_in.png" width="185" height="25" onclick="persona_sign_in()">
+ <img src="extensions/Persona/web/images/persona_sign_in.png" width="185" height="25" class="persona_sign_in">
</p>
<p>
<strong>Note:</strong> Persona authentication will be removed on October 25th, 2016 (<a href="page.cgi?id=persona_deprecated.html">more info</a>).
[% IF Param('user_info_class').split(',').contains('Persona')
&& Param('persona_includejs_url') %]
-<script type="text/javascript">
+<script [% script_nonce FILTER none %] type="text/javascript">
YAHOO.util.Event.addListener('login_link[% qs_suffix FILTER js %]','click', function () {
var login_link = YAHOO.util.Dom.get('persona_mini_login[% qs_suffix FILTER js %]');
YAHOO.util.Dom.removeClass(login_link, 'bz_default_hidden');
</script>
<span id="persona_mini_login[% qs_suffix FILTER html %]" class="bz_default_hidden">
<img src="extensions/Persona/web/images/sign_in.png" height="22" width="75" align="absmiddle"
- title="Sign in with Persona" onclick="persona_sign_in()"> or
+ title="Sign in with Persona" class='persona_sign_in'> or
</span>
[% END %]
[% RETURN UNLESS Param('user_info_class').split(',').contains('Persona') %]
Or, use your Persona account:
-<img src="extensions/Persona/web/images/sign_in.png" onclick="persona_sign_in()"
+<img src="extensions/Persona/web/images/sign_in.png" class="persona_sign_in"
width="95" height="25" align="absmiddle">
[% USE Bugzilla %]
[% cgi = Bugzilla.cgi %]
-<script defer src="[% Param('persona_includejs_url') %]" type="text/javascript"></script>
-<script type="text/javascript">
+<script [% script_nonce FILTER none %] defer src="[% Param('persona_includejs_url') %]" type="text/javascript"></script>
+<script [% script_nonce FILTER none %] type="text/javascript">
function createHidden(name, value, form) {
var field = document.createElement('input');
persona_ignore_login = false;
navigator.id.request({ siteName: '[% terms.BugzillaTitle FILTER js %]' });
}
+$(function() {
+ $('.persona_sign_in').on("click", persona_sign_in);
+});
</script>
$cgi->delete('logout');
}
+$cgi->content_security_policy(script_src => ['self', 'nonce']);
+
###############################################################################
# Main Body Execution
###############################################################################
*
*/
+$(function () {
+ $('.show_mini_login_form').on("click", function (event) {
+ return show_mini_login_form($(this).data('qs-suffix'));
+ });
+ $('.hide_mini_login_form').on("click", function (event) {
+ return hide_mini_login_form($(this).data('qs-suffix'));
+ });
+ $('.show_forgot_form').on("click", function (event) {
+ return show_forgot_form($(this).data('qs-suffix'));
+ });
+ $('.hide_forgot_form').on("click", function (event) {
+ return hide_forgot_form($(this).data('qs-suffix'));
+ });
+ $('.check_mini_login_fields').on("click", function (event) {
+ return check_mini_login_fields($(this).data('qs-suffix'));
+ });
+ $('form .quicksearch_check_empty').on("submit", function (event) {
+ if (this.quicksearch.value == '') {
+ alert('Please enter one or more search terms first.');
+ return false;
+ }
+ return true;
+ });
+});
+
function show_mini_login_form( suffix ) {
$('#login_link' + suffix).addClass('bz_default_hidden');
$('#mini_login' + suffix).removeClass('bz_default_hidden');
return false;
}
+
function hide_forgot_form( suffix ) {
$('#forgot_link' + suffix).removeClass('bz_default_hidden');
$('#forgot_form' + suffix).addClass('bz_default_hidden');
# don't leak the enter_bug format param to show_bug
$cgi->delete('format');
+if ($user->setting('ui_experiments') eq 'on') {
+ Bugzilla->cgi->content_security_policy(Bugzilla::CGI::SHOW_BUG_MODAL_CSP());
+}
print $cgi->header();
$template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error());
ctype => scalar $cgi->param('ctype'),
};
Bugzilla::Hook::process('show_bug_format', $format_params);
+if ($format_params->{format} eq 'modal') {
+ $cgi->content_security_policy(Bugzilla::CGI::SHOW_BUG_MODAL_CSP());
+}
my $format = $template->get_format("bug/show",
- $format_params->{format},
- $format_params->{ctype});
+ $format_params->{format},
+ $format_params->{ctype});
if (Bugzilla->usage_mode != USAGE_MODE_EMAIL) {
print $cgi->header();
$template->process("global/footer.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
-
1;
use Bugzilla::Keyword;
use Bugzilla::Bug;
use Bugzilla::Hook;
+use Bugzilla::CGI;
my $cgi = Bugzilla->cgi;
my $template = Bugzilla->template;
$format_params->{format},
$format_params->{ctype});
+if ($format_params->{format} eq 'modal') {
+ $cgi->content_security_policy(Bugzilla::CGI::SHOW_BUG_MODAL_CSP());
+}
+
# Editable, 'single' HTML bugs are treated slightly specially in a few places
my $single = (!$format->{format} || $format->{format} ne 'multiple')
&& $format->{extension} eq 'html';
[% END %]
[% script_url = login_target _ connector _ "GoAheadAndLogIn=1" %]
<a id="login_link[% qs_suffix %]" href="[% script_url FILTER html %]"
- onclick="return show_mini_login_form('[% qs_suffix %]')">Log In</a>
+ class='show_mini_login_form' data-qs-suffix="[% qs_suffix FILTER html %]">Log In</a>
[% Hook.process('additional_methods') %]
<form action="[% login_target FILTER html %]" method="POST"
class="mini_login bz_default_hidden"
id="mini_login[% qs_suffix FILTER html %]"
- onsubmit="return check_mini_login_fields( '[% qs_suffix FILTER html %]' );"
+ class="check_mini_login_fields"
+ data-qs-suffix="[% qs_suffix FILTER html %]"
>
<input id="Bugzilla_login[% qs_suffix FILTER html %]"
<input type="submit" name="GoAheadAndLogIn" value="Log in"
id="log_in[% qs_suffix %]">
<a href="#" id="hide_mini_login[% qs_suffix FILTER html %]"
- onclick="return hide_mini_login_form('[% qs_suffix %]')">[x]</a>
+ class="hide_mini_login_form" data-qs-suffix="[% qs_suffix FILTER html %]">[x]</a>
</form>
</li>
<li id="forgot_container[% qs_suffix %]">
<span class="separator">| </span>
<a id="forgot_link[% qs_suffix %]" href="[% script_url FILTER html %]#forgot"
- onclick="return show_forgot_form('[% qs_suffix %]')">Forgot Password</a>
+ class='show_forgot_form'
+ data-qs-suffix="[% qs_suffix FILTER html %]">Forgot Password</a>
<form action="token.cgi" method="post" id="forgot_form[% qs_suffix %]"
class="mini_forgot bz_default_hidden">
<label for="login[% qs_suffix FILTER html %]">Login:</label>
type="submit">
<input type="hidden" name="a" value="reqpw">
<input type="hidden" id="token[% qs_suffix FILTER html %]" name="token" value="[% issue_hash_token(['reqpw']) FILTER html %]">
- <a href="#" onclick="return hide_forgot_form('[% qs_suffix %]')">[x]</a>
+ <a href="#" class="hide_forgot_form" data-qs-suffix="[% qs_suffix FILTER html %]">[x]</a>
</form>
</li>
%]
[% recipient_count = sent_bugmail.sent.size %]
-<script>
-function toggleBugmailRecipients(bug_id, show) {
- if (show) {
- YAHOO.util.Dom.removeClass('bugmail_summary_' + bug_id, 'bz_default_hidden');
- YAHOO.util.Dom.addClass('bugmail_summary_' + bug_id + '_short', 'bz_default_hidden');
- } else {
- YAHOO.util.Dom.addClass('bugmail_summary_' + bug_id, 'bz_default_hidden');
- YAHOO.util.Dom.removeClass('bugmail_summary_' + bug_id + '_short', 'bz_default_hidden');
+<script [% script_nonce FILTER none %]>
+ function toggleBugmailRecipients(bug_id, show) {
+ if (show) {
+ $("#bugmail_summary_" + bug_id).show();
+ $("#bugmail_summary_" + bug_id + "_short").hide();
+ } else {
+ $("#bugmail_summary_" + bug_id).hide();
+ $("#bugmail_summary_" + bug_id + "_short").show();
+ }
+ $.cookie('show_bugmail_recipients', (show ? 1 : 0), {
+ expires: new Date("January 12, 2025")
+ });
}
- YAHOO.util.Cookie.set('show_bugmail_recipients', (show ? 1 : 0), {
- expires: new Date("January 12, 2025")
- });
- return false;
-}
+ $(function() {
+ $(".toggleBugmailRecipients").on("click", function (event) {
+ event.preventDefault();
+ toggleBugmailRecipients($(this).data('mailing-bugid'), $(this).data('mailing-show'));
+ });
+ });
</script>
<dl id="bugmail_summary_[% mailing_bugid FILTER none %]"
[% ELSE %]
no one
[% END %]
- (<a href="#" onclick="return toggleBugmailRecipients([% mailing_bugid FILTER none %], false)">hide</a>)
+ (<a href="#" class="toggleBugmailRecipients" data-mailing-bugid="[% mailing_bugid FILTER html %]"
+ data-mailing-show="false">hide</a>)
[% ELSE %]
(list of e-mails not available)
[% END %]
class="[% show_recipients ? "bz_default_hidden" : "" %]">
[% IF recipient_count > 0 %]
Email sent to [% recipient_count FILTER html %] recipient[% 's' UNLESS recipient_count == 1 %].
- (<a href="#" onclick="return toggleBugmailRecipients([% mailing_bugid FILTER none %], true)">show</a>)
+ (<a href="#" class="toggleBugmailRecipients" data-mailing-bugid="[% mailing_bugid FILTER html %]"
+ data-mailing-show="true">show</a>)
[% ELSE %]
No emails were sent.
[% END %]
<li class="form quicksearch_form">
<span class="separator">| </span>
<form action="buglist.cgi" method="get"
- onsubmit="if (this.quicksearch.value == '')
- { alert('Please enter one or more search terms first.');
- return false; } return true;">
+ class='quicksearch_check_empty'>
<input class="txt" type="text" id="quicksearch[% qs_suffix FILTER html %]" name="quicksearch"
title="Quick Search" value="[% quicksearch FILTER html %]">
<input class="btn" type="submit" value="Search"
[% PROCESS format_js_link %]
[% END %]
- <script type="text/javascript">
+ <script [% script_nonce FILTER none %] type="text/javascript">
<!--
[% IF NOT no_yui %]
YAHOO.namespace('bugzilla');
+ [% IF 0 %]
YAHOO.util.Event.addListener = function (el, sType, fn, obj, overrideContext) {
if ( ("onpagehide" in window || YAHOO.env.ua.gecko) && sType === "unload") { sType = "pagehide"; };
var capture = ((sType == "focusin" || sType == "focusout") && !YAHOO.env.ua.ie) ? true : false;
return this._addListener(el, this._getType(sType), fn, obj, overrideContext, capture);
};
+ [% END %]
if ( "onpagehide" in window || YAHOO.env.ua.gecko) {
YAHOO.util.Event._simpleRemove(window, "unload",
YAHOO.util.Event._unload);
[%# Migration note: contents of the old Param 'bodyhtml' go in the body tag,
# but set the onload attribute in the DEFAULT directive above.
#%]
-
- <body onload="[% onload %]"
+ [% IF onload %]
+ <script [% script_nonce FILTER none %]>
+ $(function() { [% onload %] });
+ </script>
+ [% END %]
+ <body
class="[% urlbase.replace('^https?://','').replace('/$','').replace('[-~@:/.]+','-') FILTER css_class_quote %]
skin-[% user.settings.skin.value FILTER css_class_quote %]
[% FOREACH class = bodyclasses %]
[% END %]
[% BLOCK format_js_link %]
- <script type="text/javascript" src="[% asset_url FILTER mtime FILTER html %]"></script>
+ <script [% script_nonce FILTER none %] type="text/javascript" src="[% asset_url FILTER mtime FILTER html %]"></script>
[% END %]
[% IF user.id && user.settings.per_bug_queries.value == "on" %]
<li id="links-special">
- <script type="text/javascript">
+ <script [% script_nonce FILTER none %] type="text/javascript">
<!--
function update_text() {
// 'lob' means list_of_bugs.
old_lists.disabled = false;
}
}
+ $(function() {
+ $("#lob_action").on("change", update_text);
+ $("#lob_newqueryname").on("keyup", manage_old_lists);
+ });
//-->
</script>
<input type="hidden" name="remtype" value="asnamed">
<input type="hidden" name="list_of_bugs" value="1">
<input type="hidden" name="token" value="[% issue_hash_token(['savedsearch']) FILTER html %]">
- <select id="lob_action" name="action" onchange="update_text();">
+ <select id="lob_action" name="action" >
<option value="add">Add</option>
[% IF user.tags.size %]
<option value="remove">Remove</option>
<span id="lob_new_query_text">
[% " or create and add the tag" IF user.tags.size %]
<input class="txt" type="text" id="lob_newqueryname"
- size="20" maxlength="64" name="newqueryname"
- onkeyup="manage_old_lists();">
+ size="20" maxlength="64" name="newqueryname">
</span>
<span id="lob_direction">to</span>
[%+ terms.bugs %]
# id: optional; field id
# value: optional; default field value/selection
# classes: optional; an array of classes to be added
- # onchange: optional; onchange attribute value
# disabled: optional; if true, the field is disabled
# accesskey: optional, input only; accesskey attribute value
# size: optional, input only; size attribute value
# mandatory: optional; if true, the field cannot be empty.
#%]
+[% THROW "onchange is not allowed" IF onchange %]
+
[% IF Param("usemenuforusers") %]
<select name="[% name FILTER html %]"
[% IF id %] id="[% id FILTER html %]" [% END %]
[% IF classes %] class="[% classes.join(' ') FILTER html %]" [% END %]
- [% IF onchange %] onchange="[% onchange FILTER html %]" [% END %]
[% IF disabled %] disabled="[% disabled FILTER html %]" [% END %]
[% IF accesskey %] accesskey="[% accesskey FILTER html %]" [% END %]
[% IF multiple %] multiple="multiple" size="[% multiple FILTER html %]" [% END %]
name="[% name FILTER html %]"
value="[% value FILTER html %]"
[% IF classes %] class="[% classes.join(' ') FILTER html %]" [% END %]
- [% IF onchange %] onchange="[% onchange FILTER html %]" [% END %]
[% IF disabled %] disabled="[% disabled FILTER html %]" [% END %]
[% IF accesskey %] accesskey="[% accesskey FILTER html %]" [% END %]
[% IF field_title %] title="[% field_title FILTER html %]" [% END %]
style_urls = [ 'skins/standard/index.css' ]
%]
-<script type="text/javascript">
+<script [% script_nonce FILTER none %] type="text/javascript">
function checkQuicksearch( form ) {
if (form.quicksearch.value == '') {
alert('Please enter one or more search terms first.');
}
return true;
}
+$(function () {
+ $("#quicksearchForm").on("submit", function (event) {
+ return checkQuicksearch(this);
+ });
+});
</script>
<div id="page-index">
href="?GoAheadAndLogIn=1"><span>Log In</span></a>
[% END %]
- <form id="quicksearchForm" name="quicksearchForm" action="buglist.cgi"
- onsubmit="return checkQuicksearch(this);">
+ <form id="quicksearchForm" name="quicksearchForm" action="buglist.cgi">
<div>
<input id="quicksearch_main" type="text" name="quicksearch"
placeholder="Enter [% terms.abug %] number or some search terms"
<p>Type in one or more words (or pieces of words) to search for:</p>
<form name="f" action="buglist.cgi" method="get"
- onsubmit="if (this.quicksearch.value == '')
- { alert('Please enter one or more search terms first.');
- return false; } return true;">
+ class='quicksearch_check_empty'>
<input type="text" size="40" name="quicksearch">
<input type="submit" value="Search" id="find">
</form>
projects / thirdparty / bugzilla.git / commitdiff
