From d42ea5a9d6fb63677e3797f06078880f7f9c81cd Mon Sep 17 00:00:00 2001 From: Ingo Schommer Date: Mon, 14 May 2012 15:13:49 +0200 Subject: [PATCH] BUGFIX Encoding multibyte characters in custom X-Status HTTP headers used in CMS (headers don't allow multibyte data) --- admin/code/LeftAndMain.php | 8 ++++---- admin/javascript/LeftAndMain.BatchActions.js | 4 ++-- admin/javascript/LeftAndMain.Content.js | 3 --- admin/javascript/LeftAndMain.js | 3 ++- 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/admin/code/LeftAndMain.php b/admin/code/LeftAndMain.php index 1916a557a1e..6ae6edc04ff 100644 --- a/admin/code/LeftAndMain.php +++ b/admin/code/LeftAndMain.php @@ -726,7 +726,7 @@ public function save($data, $form) { $this->extend('onAfterSave', $record); $this->setCurrentPageID($record->ID); - $this->response->addHeader('X-Status', _t('LeftAndMain.SAVEDUP')); + $this->response->addHeader('X-Status', rawurlencode(_t('LeftAndMain.SAVEDUP'))); return $this->getResponseNegotiator()->respond($this->request); } @@ -739,7 +739,7 @@ public function delete($data, $form) { $record->delete(); - $this->response->addHeader('X-Status', _t('LeftAndMain.SAVEDUP')); + $this->response->addHeader('X-Status', rawurlencode(_t('LeftAndMain.SAVEDUP'))); return $this->getResponseNegotiator()->respond( $this->request, array('currentform' => array($this, 'EmptyForm')) @@ -809,7 +809,7 @@ public function savetreenode($request) { } } - $this->response->addHeader('X-Status', _t('LeftAndMain.REORGANISATIONSUCCESSFUL', 'Reorganised the site tree successfully.')); + $this->response->addHeader('X-Status', rawurlencode(_t('LeftAndMain.REORGANISATIONSUCCESSFUL', 'Reorganised the site tree successfully.'))); } // Update sorting @@ -830,7 +830,7 @@ public function savetreenode($request) { } } - $this->response->addHeader('X-Status', _t('LeftAndMain.REORGANISATIONSUCCESSFUL', 'Reorganised the site tree successfully.')); + $this->response->addHeader('X-Status', rawurlencode(_t('LeftAndMain.REORGANISATIONSUCCESSFUL', 'Reorganised the site tree successfully.'))); } return Convert::raw2json($statusUpdates); diff --git a/admin/javascript/LeftAndMain.BatchActions.js b/admin/javascript/LeftAndMain.BatchActions.js index f491142655e..f09f108fb58 100644 --- a/admin/javascript/LeftAndMain.BatchActions.js +++ b/admin/javascript/LeftAndMain.BatchActions.js @@ -246,9 +246,9 @@ // Reset action self.find(':input[name=Action]').val('').change(); - // status message + // status message (decode into UTF-8, HTTP headers don't allow multibyte) var msg = xmlhttp.getResponseHeader('X-Status'); - if(msg) statusMessage(msg, (status == 'success') ? 'good' : 'bad'); + if(msg) statusMessage(decodeURIComponent(msg), (status == 'success') ? 'good' : 'bad'); }, success: function(data, status) { var id, node; diff --git a/admin/javascript/LeftAndMain.Content.js b/admin/javascript/LeftAndMain.Content.js index f361e052f80..9c3ceb7f77a 100644 --- a/admin/javascript/LeftAndMain.Content.js +++ b/admin/javascript/LeftAndMain.Content.js @@ -147,9 +147,6 @@ this.trigger('reloadeditform', {form: form, origData: origData, xmlhttp: xmlhttp}); } - - // set status message based on response - var _statusMessage = (xmlhttp.getResponseHeader('X-Status')) ? xmlhttp.getResponseHeader('X-Status') : xmlhttp.statusText; }, /** diff --git a/admin/javascript/LeftAndMain.js b/admin/javascript/LeftAndMain.js index 451e7163193..500e9aff583 100644 --- a/admin/javascript/LeftAndMain.js +++ b/admin/javascript/LeftAndMain.js @@ -55,7 +55,8 @@ jQuery.noConflict(); // Show message (but ignore aborted requests) if(xhr.status !== 0 && msg && $.inArray(msg, ignoredMessages)) { - statusMessage(msg, msgType); + // Decode into UTF-8, HTTP headers don't allow multibyte + statusMessage(decodeURIComponent(msg), msgType); } });