Skip to content

Commit

Permalink
[FIXED JENKINS-15617]
Browse files Browse the repository at this point in the history 
Evaluate script in global context.
See http://perfectionkills.com/global-eval-what-are-the-options/ for how
to evaluate JavaScript in global context.
  • Loading branch information
@kohsuke
kohsuke committed Oct 25, 2012
1 parent 11eb4c7 commit 51f508b
Showing 1 changed file with 13 additions and 5 deletions.
18 changes: 13 additions & 5 deletions war/src/main/webapp/scripts/hudson-behavior.js
View file
Expand Up @@ -364,6 +364,14 @@ function parseHtml(html) {
return c.firstChild;
}

/**
* Evaluates the script in global context.
*/
function geval(script) {
// see http://perfectionkills.com/global-eval-what-are-the-options/
(this.execScript || eval)(script);
}

/**
* Emulate the firing of an event.
*
Expand Down Expand Up @@ -396,7 +404,7 @@ var tooltip;
function registerValidator(e) {
e.targetElement = findFollowingTR(e, "validation-error-area").firstChild.nextSibling;
e.targetUrl = function() {
return eval(this.getAttribute("checkUrl"));
return geval(this.getAttribute("checkUrl"));
};
var method = e.getAttribute("checkMethod");
if (!method) method = "get";
Expand Down Expand Up @@ -492,7 +500,7 @@ function isInsideRemovable(e) {
*/
function renderOnDemand(e,callback,noBehaviour) {
if (!e || !Element.hasClassName(e,"render-on-demand")) return;
var proxy = eval(e.getAttribute("proxy"));
var proxy = geval(e.getAttribute("proxy"));
proxy.render(function (t) {
var contextTagName = e.parentNode.tagName;
var c;
Expand Down Expand Up @@ -537,7 +545,7 @@ function evalInnerHtmlScripts(text,callback) {
});
} else {
q.push(function(cont) {
eval(s.match(matchOne)[2]);
geval(s.match(matchOne)[2]);
cont();
});
}
Expand Down Expand Up @@ -708,7 +716,7 @@ var jenkinsRules = {
(function() {
var cmdKeyDown = false;
var mode = e.getAttribute("script-mode") || "text/x-groovy";
var readOnly = eval(e.getAttribute("script-readOnly")) || false;
var readOnly = geval(e.getAttribute("script-readOnly")) || false;

var w = CodeMirror.fromTextArea(e,{
mode: mode,
Expand Down Expand Up @@ -2134,7 +2142,7 @@ function validateButton(checkUrl,paramList,button) {
var s = rsp.getResponseHeader("script");
if(s!=null)
try {
eval(s);
geval(s);
} catch(e) {
window.alert("failed to evaluate "+s+"\n"+e.message);
}
Expand Down

1 comment on commit 51f508b

@jglick
Copy link
Member

@jglick jglick commented on 51f508b Oct 25, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did all of these really need to use geval? I would avoid using it except in cases where it is demonstrably necessary.

(BTW did you ever update the automated test to verify this fix?)

Please sign in to comment.