From 8830f4fb2771661642a7016022d1831b6fa8c798 Mon Sep 17 00:00:00 2001 From: Arik Fraimovich Date: Mon, 12 Aug 2019 10:55:28 +0300 Subject: [PATCH 1/3] Fix: remove inline script to avoid CSP violation Closes #4039. --- client/app/components/empty-state/EmptyState.jsx | 2 +- client/app/components/empty-state/empty-state.less | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/client/app/components/empty-state/EmptyState.jsx b/client/app/components/empty-state/EmptyState.jsx index b53424d1aa..81a7fcf7a3 100644 --- a/client/app/components/empty-state/EmptyState.jsx +++ b/client/app/components/empty-state/EmptyState.jsx @@ -15,7 +15,7 @@ function Step({ show, completed, text, url, urlText, onClick }) { return (
  • - + {urlText} {' '} {text} diff --git a/client/app/components/empty-state/empty-state.less b/client/app/components/empty-state/empty-state.less index 24e8702683..7219df9733 100644 --- a/client/app/components/empty-state/empty-state.less +++ b/client/app/components/empty-state/empty-state.less @@ -48,6 +48,10 @@ margin-bottom: 0; } + a:hover { + cursor: pointer; + } + @media (max-width: 767px) { flex-direction: column; From f154590e43f964a1e818d8c8a35a9df82cffeb8f Mon Sep 17 00:00:00 2001 From: Arik Fraimovich Date: Mon, 12 Aug 2019 11:25:46 +0300 Subject: [PATCH 2/3] Restore eslint rule that prevents javascript href attributes. --- client/.eslintrc.js | 1 - 1 file changed, 1 deletion(-) diff --git a/client/.eslintrc.js b/client/.eslintrc.js index 815fac91fd..4115400825 100644 --- a/client/.eslintrc.js +++ b/client/.eslintrc.js @@ -26,7 +26,6 @@ module.exports = { "consistent-return": "off", "no-control-regex": "off", "no-multiple-empty-lines": "warn", - "no-script-url": "off", // some tags should have href="javascript:void(0)" "no-only-tests/no-only-tests": "error", "operator-linebreak": "off", "react/destructuring-assignment": "off", From 959df7bbd9f2cd7895d98acec077927754f17368 Mon Sep 17 00:00:00 2001 From: Arik Fraimovich Date: Mon, 12 Aug 2019 11:26:45 +0300 Subject: [PATCH 3/3] Remove all inline script links. --- client/app/assets/less/redash/redash-newstyle.less | 6 +++++- client/app/components/FavoritesControl.jsx | 1 - client/app/components/HelpTrigger.jsx | 2 +- client/app/components/HelpTrigger.less | 4 ++++ client/app/components/QuerySelector.jsx | 1 - client/app/components/TagsList.jsx | 1 - client/app/pages/dashboards/dashboard.html | 2 +- client/app/pages/groups/GroupDataSources.jsx | 11 ++++++----- client/app/pages/groups/GroupMembers.jsx | 11 ++++++----- 9 files changed, 23 insertions(+), 16 deletions(-) diff --git a/client/app/assets/less/redash/redash-newstyle.less b/client/app/assets/less/redash/redash-newstyle.less index d43090a2eb..f82457a9d4 100644 --- a/client/app/assets/less/redash/redash-newstyle.less +++ b/client/app/assets/less/redash/redash-newstyle.less @@ -173,6 +173,7 @@ body { &:hover, &:focus { color: @yellow-darker; + cursor: pointer; } .fa-star { @@ -814,11 +815,14 @@ body { } .tags-list { - .badge-light { background: fade(@redash-gray, 10%); color: fade(@redash-gray, 75%); } + + a:hover { + cursor: pointer; + } } .dropdown-menu--profile { diff --git a/client/app/components/FavoritesControl.jsx b/client/app/components/FavoritesControl.jsx index 665d7e7b83..9496737363 100644 --- a/client/app/components/FavoritesControl.jsx +++ b/client/app/components/FavoritesControl.jsx @@ -37,7 +37,6 @@ export class FavoritesControl extends React.Component { const title = item.is_favorite ? 'Remove from favorites' : 'Add to favorites'; return ( this.toggleItem(event, item, onChange)} diff --git a/client/app/components/HelpTrigger.jsx b/client/app/components/HelpTrigger.jsx index dbc437c127..ce2bbd20ad 100644 --- a/client/app/components/HelpTrigger.jsx +++ b/client/app/components/HelpTrigger.jsx @@ -152,7 +152,7 @@ export class HelpTrigger extends React.Component { return ( - + {this.props.children} diff --git a/client/app/components/HelpTrigger.less b/client/app/components/HelpTrigger.less index 602a20750c..cee9f63abf 100644 --- a/client/app/components/HelpTrigger.less +++ b/client/app/components/HelpTrigger.less @@ -4,6 +4,10 @@ .help-trigger { font-size: 15px; + + &:hover { + cursor: pointer; + } } .help-drawer { diff --git a/client/app/components/QuerySelector.jsx b/client/app/components/QuerySelector.jsx index 979ce63a61..5681b367e5 100644 --- a/client/app/components/QuerySelector.jsx +++ b/client/app/components/QuerySelector.jsx @@ -112,7 +112,6 @@ export function QuerySelector(props) {
    {searchResults.map(q => ( selectQuery(q.id)} diff --git a/client/app/components/TagsList.jsx b/client/app/components/TagsList.jsx index 8bd6df7559..e2f63a4f50 100644 --- a/client/app/components/TagsList.jsx +++ b/client/app/components/TagsList.jsx @@ -63,7 +63,6 @@ export class TagsList extends React.Component { {map(allTags, tag => ( this.toggleTag(event, tag.name)} > diff --git a/client/app/pages/dashboards/dashboard.html b/client/app/pages/dashboards/dashboard.html index 9b8ebf4447..cc89ae3e61 100644 --- a/client/app/pages/dashboards/dashboard.html +++ b/client/app/pages/dashboards/dashboard.html @@ -57,7 +57,7 @@