groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-12-31 07:19:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added nonce to scripts to ensure that they are working with enabled CSP

Browse source
This commit is contained in:
Jan Böhmer 2025-09-06 23:24:32 +02:00
parent 76f3c379b5
commit 90f83273da
1 changed files with 19 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

38
templates/projects/import_bom_map_fields.html.twig
View file

@ -15,7 +15,7 @@
show_details: false show_details: false
} %} } %}
{% endif %} {% endif %}
<div class="row mb-3"> <div class="row mb-3">
<div class="col-12"> <div class="col-12">
<div class="alert alert-info"> <div class="alert alert-info">
@ -30,7 +30,7 @@
</div> </div>
{{ form_start(form) }} {{ form_start(form) }}
<div class="row mb-3"> <div class="row mb-3">
<div class="col-md-6"> <div class="col-md-6">
{{ form_row(form.delimiter) }} {{ form_row(form.delimiter) }}
@ -83,10 +83,10 @@
{% endif %} {% endif %}
</td> </td>
<td> <td>
<input type="number" <input type="number"
class="form-control form-control-sm priority-input" class="form-control form-control-sm priority-input"
min="1" min="1"
value="10" value="10"
style="width: 80px;" style="width: 80px;"
data-field="{{ field }}" data-field="{{ field }}"
title="{% trans %}project.bom_import.field_mapping.priority_help{% endtrans %}"> title="{% trans %}project.bom_import.field_mapping.priority_help{% endtrans %}">
@ -96,7 +96,7 @@
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="mt-3"> <div class="mt-3">
<h6>{% trans %}project.bom_import.field_mapping.summary{% endtrans %}:</h6> <h6>{% trans %}project.bom_import.field_mapping.summary{% endtrans %}:</h6>
<div id="mapping-summary" class="alert alert-info"> <div id="mapping-summary" class="alert alert-info">
@ -121,12 +121,12 @@
{{ form_end(form) }} {{ form_end(form) }}
<script> <script nonce="{{ csp_nonce('script') }}">
// Function to initialize the field mapping page // Function to initialize the field mapping page
function initializeFieldMapping() { function initializeFieldMapping() {
const suggestions = {{ suggested_mapping|json_encode|raw }}; const suggestions = {{ suggested_mapping|json_encode|raw }};
const fieldNameMapping = {{ field_name_mapping|json_encode|raw }}; const fieldNameMapping = {{ field_name_mapping|json_encode|raw }};
Object.keys(suggestions).forEach(function(field) { Object.keys(suggestions).forEach(function(field) {
// Use the sanitized field name from the server-side mapping // Use the sanitized field name from the server-side mapping
const sanitizedField = fieldNameMapping[field]; const sanitizedField = fieldNameMapping[field];
@ -135,15 +135,15 @@
select.value = suggestions[field]; select.value = suggestions[field];
} }
}); });
// Update mapping summary // Update mapping summary
updateMappingSummary(); updateMappingSummary();
// Add event listeners for dynamic updates // Add event listeners for dynamic updates
document.querySelectorAll('.field-mapping-select').forEach(function(select) { document.querySelectorAll('.field-mapping-select').forEach(function(select) {
select.addEventListener('change', updateMappingSummary); select.addEventListener('change', updateMappingSummary);
}); });
document.querySelectorAll('.priority-input').forEach(function(input) { document.querySelectorAll('.priority-input').forEach(function(input) {
input.addEventListener('change', updateMappingSummary); input.addEventListener('change', updateMappingSummary);
}); });
@ -158,19 +158,19 @@
initializeFieldMapping(); initializeFieldMapping();
} }
}); });
function updateMappingSummary() { function updateMappingSummary() {
const summary = document.getElementById('mapping-summary'); const summary = document.getElementById('mapping-summary');
const mappings = {}; const mappings = {};
const priorities = {}; const priorities = {};
// Collect all mappings and priorities // Collect all mappings and priorities
document.querySelectorAll('.field-mapping-select').forEach(function(select) { document.querySelectorAll('.field-mapping-select').forEach(function(select) {
const field = select.getAttribute('data-field'); const field = select.getAttribute('data-field');
const target = select.value; const target = select.value;
const priorityInput = document.querySelector('.priority-input[data-field="' + field + '"]'); const priorityInput = document.querySelector('.priority-input[data-field="' + field + '"]');
const priority = priorityInput ? parseInt(priorityInput.value) || 10 : 10; const priority = priorityInput ? parseInt(priorityInput.value) || 10 : 10;
if (target && target !== '') { if (target && target !== '') {
if (!mappings[target]) { if (!mappings[target]) {
mappings[target] = []; mappings[target] = [];
@ -181,19 +181,19 @@
}); });
} }
}); });
// Sort by priority and build summary // Sort by priority and build summary
let summaryHtml = '<div class="row">'; let summaryHtml = '<div class="row">';
Object.keys(mappings).forEach(function(target) { Object.keys(mappings).forEach(function(target) {
const fieldMappings = mappings[target].sort((a, b) => a.priority - b.priority); const fieldMappings = mappings[target].sort((a, b) => a.priority - b.priority);
const fieldList = fieldMappings.map(m => m.field + ' (' + '{{ "project.bom_import.field_mapping.priority_short"|trans }}' + m.priority + ')').join(', '); const fieldList = fieldMappings.map(m => m.field + ' (' + '{{ "project.bom_import.field_mapping.priority_short"|trans }}' + m.priority + ')').join(', ');
summaryHtml += '<div class="col-md-6 mb-2">'; summaryHtml += '<div class="col-md-6 mb-2">';
summaryHtml += '<strong>' + target + ':</strong> ' + fieldList; summaryHtml += '<strong>' + target + ':</strong> ' + fieldList;
summaryHtml += '</div>'; summaryHtml += '</div>';
}); });
summaryHtml += '</div>'; summaryHtml += '</div>';
if (Object.keys(mappings).length === 0) { if (Object.keys(mappings).length === 0) {
summary.innerHTML = '<i class="fa-solid fa-info-circle fa-fw"></i> {{ "project.bom_import.field_mapping.select_to_see_summary"|trans }}'; summary.innerHTML = '<i class="fa-solid fa-info-circle fa-fw"></i> {{ "project.bom_import.field_mapping.select_to_see_summary"|trans }}';
} else { } else {
@ -201,4 +201,4 @@
} }
} }
</script> </script>
{% endblock %} {% endblock %}