vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
quay/static/js/quay-run.ts
Joseph Schorr 188ea98441 Add new decorator to prevent reflected text attacks 
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00

141 lines
4.4 KiB
TypeScript
Raw Blame History

import { INJECTED_CONFIG } from "./constants/injected-values.constant";
/**
* Provider function for the application runtime configuration.
* See https://hotell.gitbooks.io/ng-metadata/content/docs/recipes/startup-logic.html
*/
provideRun.$inject = [
'$rootScope',
'Restangular',
'PlanService',
'$http',
'CookieService',
'UserService',
'Features',
'$anchorScroll',
'MetaService',
];
export function provideRun($rootScope: QuayRunScope,
restangular: any,
planService: any,
$http: ng.IHttpService,
cookieService: any,
userService: any,
features: any,
$anchorScroll: ng.IAnchorScrollService,
metaService: any): void {
const defaultTitle: string = INJECTED_CONFIG['REGISTRY_TITLE'] || 'Quay Container Registry';
// Handle session security.
restangular.setDefaultRequestParams(['post', 'put', 'remove', 'delete'],
{'_csrf_token': (<any>window).__token || ''});
restangular.setDefaultHeaders({'X-Requested-With': 'XMLHttpRequest'});
// Handle session expiration.
restangular.setErrorInterceptor(function(response) {
if (response !== undefined && response.status == 503) {
(<any>$('#cannotContactService')).modal({});
return false;
}
if (response !== undefined && response.status == 500) {
window.location.href = '/500';
return false;
}
if (response !== undefined && !response.data) {
return true;
}
const invalid_token: boolean = response.data['title'] == 'invalid_token' ||
response.data['error_type'] == 'invalid_token';
if (response !== undefined &&
response.status == 401 &&
invalid_token &&
response.data['session_required'] !== false) {
(<any>$('#sessionexpiredModal')).modal({});
return false;
}
return true;
});
// Check if we need to redirect based on a previously chosen plan.
const result: boolean = planService.handleNotedPlan();
// Check to see if we need to show a redirection page.
const redirectUrl: string = cookieService.get('quay.redirectAfterLoad');
cookieService.clear('quay.redirectAfterLoad');
if (!result && redirectUrl && redirectUrl.indexOf((<any>window).location.href) == 0) {
(<any>window).location = redirectUrl;
return;
}
$rootScope.$watch('description', (description: string) => {
if (!description) {
description = `Hosted private Docker repositories. Includes full user management and history.
Free for public repositories.`;
}
// Note: We set the content of the description tag manually here rather than using Angular binding
// because we need the <meta> tag to have a default description that is not of the form "{{ description }}",
// we read by tools that do not properly invoke the Angular code.
$('#descriptionTag').attr('content', description);
});
$rootScope.$on('$routeChangeSuccess', (event, current, previous) => {
$rootScope.current = current.$$route;
$rootScope.currentPage = current;
$rootScope.pageClass = '';
if (!current.$$route) { return; }
var pageClass: string | Function = current.$$route.pageClass || '';
if (typeof pageClass != 'string') {
pageClass = pageClass(features);
}
$rootScope.pageClass = pageClass;
$rootScope.newLayout = !!current.$$route.newLayout;
$rootScope.fixFooter = !!current.$$route.fixFooter;
$anchorScroll();
});
// Listen for route changes and update the title and description accordingly.
$rootScope.$on('$routeChangeSuccess', async(event, current, previous) => {
const title = await metaService.getTitle(current);
const description = await metaService.getDescription(current);
$rootScope.title = title || defaultTitle;
if ($rootScope.description != description) {
$rootScope.description = description;
}
});
var initallyChecked: boolean = false;
(<any>window).__isLoading = function() {
if (!initallyChecked) {
initallyChecked = true;
return true;
}
return $http.pendingRequests.length > 0;
};
// Load the inital user information.
userService.load();
}
interface QuayRunScope extends ng.IRootScopeService {
currentPage: any;
current: any;
title: any;
description: string;
pageClass: any;
newLayout: any;
fixFooter: any;
}
Reference in a new issue View git blame Copy permalink