From fddde5c69711c744cd44fc8cc29dec3c8300a2f9 Mon Sep 17 00:00:00 2001 From: Julien Veyssier Date: Thu, 7 Mar 2019 20:43:28 +0100 Subject: [PATCH] refs #49 allow val script in main page csp --- controller/pagecontroller.php | 14 +++++++------- js/gpxedit.js | 3 ++- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/controller/pagecontroller.php b/controller/pagecontroller.php index b3ca2db..5ff0047 100644 --- a/controller/pagecontroller.php +++ b/controller/pagecontroller.php @@ -157,14 +157,14 @@ class PageController extends Controller { // PARAMS to view - require_once('tileservers.php'); + require_once('tileservers.php'); $params = [ 'username'=>$this->userId, - 'basetileservers'=>$baseTileServers, - 'usertileservers'=>$tss, - 'useroverlayservers'=>$oss, - 'usertileserverswms'=>$tssw, - 'useroverlayserverswms'=>$ossw, + 'basetileservers'=>$baseTileServers, + 'usertileservers'=>$tss, + 'useroverlayservers'=>$oss, + 'usertileserverswms'=>$tssw, + 'useroverlayserverswms'=>$ossw, 'extrasymbols'=>$extraSymbolList, 'gpxedit_version'=>$this->appVersion ]; @@ -175,7 +175,7 @@ class PageController extends Controller { ->addAllowedChildSrcDomain('*') ->addAllowedObjectDomain('*') ->addAllowedScriptDomain('*') - //->allowEvalScript('*') + ->allowEvalScript(true) ->addAllowedConnectDomain('*'); $response->setContentSecurityPolicy($csp); return $response; diff --git a/js/gpxedit.js b/js/gpxedit.js index 510a635..631f264 100644 --- a/js/gpxedit.js +++ b/js/gpxedit.js @@ -985,6 +985,7 @@ e = e || window.event; var kc = e.keyCode; //console.log(kc); + //console.log(e.key); if (kc === 161 || kc === 223) { e.preventDefault(); @@ -994,7 +995,7 @@ e.preventDefault(); $('#sidebar').toggleClass('collapsed'); } - if (kc === 46) { + if (e.key === 'Delete') { if (gpxedit.hovermiddlemarker) { gpxedit.hovermiddlemarker.fire('cut', gpxedit.hovermiddlemarker); }