Added version check

ckeditor · Jun 27, 2023 · b7b2f47 · b7b2f47
1 parent 2378edb
commit b7b2f47
Show file tree

Hide file tree

Showing 77 changed files with 976 additions and 3 deletions.
diff --git a/core/ckeditor_version-check.js b/core/ckeditor_version-check.js
@@ -0,0 +1,162 @@
+/**
+ * @license Copyright (c) 2003-2023, CKSource Holding sp. z o.o. All rights reserved.
+ * For licensing, see LICENSE.md or https://ckeditor.com/legal/ckeditor-oss-license
+ */
+
+( function() {
+	var apiUrl = 'https://cke4.ckeditor.com/ckeditor4-secure-version/versions.json',
+		upgradeLink = 'https://ckeditor.com/ckeditor-4-support',
+		versionRegex = /^4\.(\d+)\.(\d+)(-lts)?(?: \(?.+?\)?)?$/,
+		isDrupal = 'Drupal' in window,
+		versionInfo = {
+			current: parseVersion( CKEDITOR.version )
+		};
+
+	if ( isDrupal || !versionInfo.current ) {
+		return;
+	}
+
+	CKEDITOR.config.versionCheck = versionInfo.current.isLts ? false : true;
+
+	CKEDITOR.on( 'instanceReady', function( evt ) {
+		var editor = evt.editor;
+
+		if ( !editor.config.versionCheck ) {
+			return;
+		}
+
+		editor.on( 'dialogShow', function( evt ) {
+			var dialog = evt.data;
+
+			if ( dialog._.name !== 'about' ) {
+				return;
+			}
+
+			performVersionCheck( function() {
+				addInfoToAboutDialog( editor, dialog );
+			} );
+		} );
+
+		performVersionCheck( function() {
+			notifyAboutInsecureVersion( editor );
+		} );
+	} );
+
+	function performVersionCheck( callback ) {
+		if ( versionInfo.secure && versionInfo.latest ) {
+			return callback();
+		}
+
+		try {
+			var request = new XMLHttpRequest(),
+				requestUrl = apiUrl + '?version=' + encodeURIComponent( versionInfo.current.original );
+
+			request.onreadystatechange = function() {
+				if ( request.readyState === 4 && request.status === 200 ) {
+					var response = JSON.parse( request.responseText );
+
+					versionInfo.latest = parseVersion( response.latestVersion );
+					versionInfo.secure = parseVersion( response.secureVersion );
+					versionInfo.isLatest = isLatestVersion();
+					versionInfo.isSecure = isSecureVersion();
+
+					callback();
+				}
+			};
+
+			request.responseType = 'text';
+			request.open( 'GET', requestUrl );
+			request.send();
+		} catch ( e ) {
+		}
+	}
+
+	function notifyAboutInsecureVersion( editor ) {
+		if ( versionInfo.isSecure ) {
+			return;
+		}
+
+		var notificationMessage =  editor.lang.versionCheck.notificationMessage.replace( '%current', versionInfo.current.original ).
+				replace( '%latest', versionInfo.latest.original ).
+				replace( /%link/g, upgradeLink ),
+			/* jshint ignore:start */
+			// Apparently ignore for console.error() makes JSHint skip the whole code and it does not
+			// note that this variable is actually used anywhere.
+			consoleMessage =  editor.lang.versionCheck.consoleMessage.replace( '%current', versionInfo.current.original ).
+				replace( '%latest', versionInfo.latest.original ).
+				replace( /%link/g, upgradeLink ),
+			/* jshint ignore:end */
+			isNotificationAvailable = 'notification' in editor.plugins;
+
+		/* jshint ignore:start */
+		console.error( consoleMessage );
+		/* jshint ignore:end */
+
+		if ( isNotificationAvailable ) {
+			editor.showNotification( notificationMessage, 'warning' );
+		}
+	}
+
+	function addInfoToAboutDialog( editor, dialog ) {
+		var container = dialog.getElement().findOne( '.cke_about_version-check' ),
+			message = getAboutMessage( editor );
+
+		container.setHtml( '' );
+
+		if ( editor.config.versionCheck ) {
+			container.setStyle( 'color', versionInfo.isSecure ? '' : '#C83939' );
+			container.setHtml( message );
+		}
+	}
+
+	function getAboutMessage( editor ) {
+		var lang = editor.lang.versionCheck.about,
+			msg = '';
+
+		if ( !versionInfo.isLatest ) {
+			msg = lang.upgradeInfo;
+		}
+
+		if ( !versionInfo.isSecure ) {
+			msg = lang.insecure;
+		}
+
+		return msg.replace( '%current', versionInfo.current.original ).
+				replace( '%latest', versionInfo.latest.original ).
+				replace( /%link/g, upgradeLink );
+	}
+
+	function isLatestVersion() {
+		return versionInfo.current.minor === versionInfo.latest.minor &&
+			versionInfo.current.patch === versionInfo.latest.patch;
+	}
+
+	function isSecureVersion() {
+		if ( versionInfo.current.minor > versionInfo.secure.minor ) {
+			return true;
+		}
+
+		if ( versionInfo.current.minor === versionInfo.secure.minor &&
+			versionInfo.current.patch >= versionInfo.secure.patch ) {
+			return true;
+		}
+
+		return false;
+	}
+
+	function parseVersion( version ) {
+		var parts = version.match( versionRegex );
+
+		if ( !parts ) {
+			return null;
+		}
+
+		return {
+			original: version,
+			major: 4,
+			minor: Number( parts[ 1 ] ),
+			patch: Number( parts[ 2 ] ),
+			isLts: !!parts[ 3 ]
+		};
+	}
+}() );
diff --git a/core/loader.js b/core/loader.js
@@ -29,12 +29,13 @@ if ( !CKEDITOR.loader ) {
 				'dom/comment', 'dom/elementpath', 'dom/text', 'dom/rangelist', 'skin'
 			],
 			'ckeditor': [
-				'ckeditor_basic', 'log', 'dom', 'dtd', 'dom/document', 'dom/element', 'dom/iterator', 'editor', 'event',
-				'htmldataprocessor', 'htmlparser', 'htmlparser/element', 'htmlparser/fragment', 'htmlparser/filter',
-				'htmlparser/basicwriter', 'template', 'tools'
+				'ckeditor_basic', 'ckeditor_version-check', 'log', 'dom', 'dtd', 'dom/document', 'dom/element',
+				'dom/iterator', 'editor', 'event', 'htmldataprocessor', 'htmlparser', 'htmlparser/element',
+				'htmlparser/fragment', 'htmlparser/filter', 'htmlparser/basicwriter', 'template', 'tools'
 			],
 			'ckeditor_base': [],
 			'ckeditor_basic': [ 'editor_basic', 'env', 'event' ],
+			'ckeditor_version-check': [ 'ckeditor_basic', 'config', 'tools' ],
 			'command': [],
 			'config': [ 'ckeditor_base' ],
 			'dom': [],

diff --git a/lang/af.js b/lang/af.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'af' ] = {
 		keyboardShortcut: 'Sleutel kombenasie',
 
 		optionDefault: 'Verstek'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/ar.js b/lang/ar.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'ar' ] = {
 		keyboardShortcut: 'Keyboard shortcut', // MISSING
 
 		optionDefault: 'Default' // MISSING
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/az.js b/lang/az.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'az' ] = {
 		keyboardShortcut: 'Qısayol düymələri',
 
 		optionDefault: 'Standart'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/bg.js b/lang/bg.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'bg' ] = {
 		keyboardShortcut: 'Клавишна комбинация',
 
 		optionDefault: 'По подразбиране'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/bn.js b/lang/bn.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'bn' ] = {
 		keyboardShortcut: 'Keyboard shortcut', // MISSING
 
 		optionDefault: 'Default' // MISSING
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/bs.js b/lang/bs.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'bs' ] = {
 		keyboardShortcut: 'Keyboard shortcut', // MISSING
 
 		optionDefault: 'Zadano'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/ca.js b/lang/ca.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'ca' ] = {
 		keyboardShortcut: 'Keyboard shortcut', // MISSING
 
 		optionDefault: 'Default' // MISSING
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/cs.js b/lang/cs.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'cs' ] = {
 		keyboardShortcut: 'Klávesová zkratka',
 
 		optionDefault: 'Výchozí'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/cy.js b/lang/cy.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'cy' ] = {
 		keyboardShortcut: 'Keyboard shortcut', // MISSING
 
 		optionDefault: 'Default' // MISSING
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/da.js b/lang/da.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'da' ] = {
 		keyboardShortcut: 'Tastatur genvej',
 
 		optionDefault: 'Standard'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/de-ch.js b/lang/de-ch.js
@@ -142,5 +142,14 @@ CKEDITOR.lang[ 'de-ch' ] = {
 		keyboardShortcut: 'Tastaturkürzel',
 
 		optionDefault: 'Standard'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/de.js b/lang/de.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'de' ] = {
 		keyboardShortcut: 'Tastaturkürzel',
 
 		optionDefault: 'Standard'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/el.js b/lang/el.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'el' ] = {
 		keyboardShortcut: 'Συντόμευση πληκτρολογίου',
 
 		optionDefault: 'Προεπιλογή'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };
diff --git a/lang/en-au.js b/lang/en-au.js
@@ -143,5 +143,14 @@ CKEDITOR.lang[ 'en-au' ] = {
 		keyboardShortcut: 'Keyboard shortcut',
 
 		optionDefault: 'Default'
+	},
+
+	versionCheck: {
+		notificationMessage: 'This CKEditor %current version is not secure. Consider <a target="_blank" href="%link">upgrading to the latest secure one</a>, %latest.', // MISSING
+		consoleMessage: 'This CKEditor %current version is not secure. Consider upgrading to the latest secure one, %latest: %link', // MISSING
+		about: {
+			insecure: 'This CKEditor %current version is not secure.<br>Consider upgrading to the latest secure one, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+			upgradeInfo: 'Consider upgrading to the latest editor version, %latest:<br><a target="_blank" href="%link">%link</a>', // MISSING
+		}
 	}
 };