From 1546e77e9b2796f20215caa23f06822c96be27ee Mon Sep 17 00:00:00 2001 From: gebele Date: Mon, 5 Aug 2019 09:48:54 +0000 Subject: ensure xhr requests are https to avoid mixed content issue in browsers --- lib/model.rb | 2 +- views/batch.haml | 12 ++++++------ views/error.haml | 2 +- views/faq.haml | 2 +- views/layout.haml | 10 +++++----- views/model_details.haml | 4 ++-- views/neighbors.haml | 2 +- views/predict.haml | 8 ++++---- views/prediction.haml | 4 ++-- 9 files changed, 23 insertions(+), 23 deletions(-) diff --git a/lib/model.rb b/lib/model.rb index b26447d..55172b0 100644 --- a/lib/model.rb +++ b/lib/model.rb @@ -145,7 +145,7 @@ post "/api/model/:id/?" do @task.save end#main task tid = @task.id.to_s - return 202, to("/task/#{tid}").to_json + return 202, "//#{ENV['VIRTUAL_HOST']}/task/#{tid}".to_json else halt 400, "No accepted content type" end diff --git a/views/batch.haml b/views/batch.haml index ed69819..b03d1c7 100644 --- a/views/batch.haml +++ b/views/batch.haml @@ -3,12 +3,12 @@ window.addEventListener('unload', ktpid, false); function ktpid() { var client = new XMLHttpRequest(); - client.open("GET", "#{to("/prediction/task?ktpid=#{@pid}")}", false); + client.open("GET", '//#{ENV['VIRTUAL_HOST']}/prediction/task?ktpid=#{@pid}', false); client.setRequestHeader("Content-Type", "application/json"); client.send(null); }; %div.card - %a.btn.btn-outline-info{:href => to("/predict?tpid=#{@pid}")} + %a.btn.btn-outline-info{:href => "//#{ENV['VIRTUAL_HOST']}/predict?tpid=#{@pid}"} %span.fa.fa-caret-left{:aria=>{:hidden=>"true"}} New Prediction %div.card.bg-light{:id=>"uploadDataset"} @@ -17,7 +17,7 @@ %img.h2{:src=>"/images/wait30trans.gif", :id=>"circle_upload", :class=>"circle", :alt=>"processing"} :javascript uploadInterval = setInterval(function(){ - uploadDataset('#{to("/prediction/task/?turi=#{@upid}")}'); + uploadDataset('//#{ENV['VIRTUAL_HOST']}/prediction/task/?turi=#{@upid}'); }, 1000 ); %div.card.bg-light @@ -38,10 +38,10 @@ %h5.card-title="#{m.endpoint} (#{m.species})" #pager{:id=>idx} %div.col-6 - %a.btn.btn-outline-info.btn-sm.disabled{:id => "detailsbutton_#{idx}", :data=>{:toggle=>"collapse"}, :href=>"javascript:void(0)", :onclick=>"pagePredictions('#{to("/prediction/task/?predictions=#{task}")}','#{model}','#{idx}','#{to("/prediction/task/?turi=#{task}")}')"} + %a.btn.btn-outline-info.btn-sm.disabled{:id => "detailsbutton_#{idx}", :data=>{:toggle=>"collapse"}, :href=>"javascript:void(0)", :onclick=>"pagePredictions('//#{ENV['VIRTUAL_HOST']}/prediction/task/?predictions=#{task}','#{model}','#{idx}','//#{ENV['VIRTUAL_HOST']}/prediction/task/?turi=#{task}')"} %span.fa.fa-caret-right Details - %a.btn.btn-outline-info.btn-sm.disabled{:id => "downbutton_#{idx}", :href=>"#{to("/predict/batch/download?tid=#{task}")}", :title=>"download"} + %a.btn.btn-outline-info.btn-sm.disabled{:id => "downbutton_#{idx}", :href=>"//#{ENV['VIRTUAL_HOST']}/predict/batch/download?tid=#{task}", :title=>"download"} %span.fa.fa-download CSV %p{:id=>"est_#{idx}"} @@ -49,7 +49,7 @@ %img.h2{:src=>"/images/wait30trans.gif", :id=>"circle_#{idx}", :class=>"circle", :alt=>"wait", :style=>"display:none;"} :javascript $(document).ready(function() { - taskProgress('#{idx}','#{ctimer}','#{to("/prediction/task/?turi=#{task}")}'); + taskProgress('#{idx}','#{ctimer}','//#{ENV['VIRTUAL_HOST']}/prediction/task/?turi=#{task}'); }); #data-container.card.d-none.table-responsive{:id=>idx} :javascript diff --git a/views/error.haml b/views/error.haml index ca6a0b2..b1adee9 100644 --- a/views/error.haml +++ b/views/error.haml @@ -1,5 +1,5 @@ %div.card - %a.btn.btn-warning{:href => to('/predict')} + %a.btn.btn-warning{:href => "//#{ENV['VIRTUAL_HOST']}/predict"} %i.fa.fa-caret-left Back %div.card-body diff --git a/views/faq.haml b/views/faq.haml index 63479e2..b058de8 100644 --- a/views/faq.haml +++ b/views/faq.haml @@ -1,5 +1,5 @@ %div.card - %a.btn.btn-warning{:href => to('/predict')} + %a.btn.btn-warning{:href => "//#{ENV['VIRTUAL_HOST']}/predict"} %i.fa.fa-caret-left Back %div.card-body diff --git a/views/layout.haml b/views/layout.haml index 38b4b4f..790c647 100644 --- a/views/layout.haml +++ b/views/layout.haml @@ -37,14 +37,14 @@ Problems, bugs, ideas for improvements ? Please report at our %a{:href => 'https://github.com/opentox/lazar-gui/issues', :rel => "external"} issue tracker , check out the - %a{:href=> to("/predict/faq")} FAQ + %a{:href=> "//#{ENV['VIRTUAL_HOST']}/predict/faq"} FAQ page or send us an email. %a{ :href=>"mailto:info@in-silico.ch?subject=[lazar v#{@version}]", :target=>"_top"} %span.fa.fa-envelope [version: #{@version}] %p A graphical overview of the service API can be found - %a{:href => "#{to('/api')}", :rel => "external"} here. + %a{:href => "//#{ENV['VIRTUAL_HOST']}/api", :rel => "external"} here. Please cite %a{ :href=>"https://doi.org/10.3389/fphar.2013.00038", :rel=>"external"} %img{ :src=>"https://zenodo.org/badge/DOI/10.3389/zenodo.10.3389.svg", :alt=>"DOI"} @@ -66,15 +66,15 @@ © %a{:href => 'http://www.in-silico.ch', :rel => "external"} in silico toxicology gmbh 2004 - #{Time.now.year.to_s} | - %a{:href => to("/predict/license"), :rel => "external"} GPL3 License + %a{:href => "//#{ENV['VIRTUAL_HOST']}/predict/license", :rel => "external"} GPL3 License %supporters.row %div.card-body.text-center %div.card-title Financial support by %div.card-text - %a{:href=>"http://www.bfr.bund.de/de/start.html", :rel=>"external"} + %a{:href=>"https://www.bfr.bund.de/de/start.html", :rel=>"external"} %img{:src=>"/images/bfr_logo.gif"} - %a{:href=>"http://www.opentox.org/", :rel=>"external"} + %a{:href=>"https://www.opentox.org/", :rel=>"external"} %img{:src=>"/images/ot_logo.png"} %a{:href=>"https://enanomapper.net/", :rel=>"external"} %img{:src=>"/images/enm_logo.png"} diff --git a/views/model_details.haml b/views/model_details.haml index 7049ee8..1fcc624 100644 --- a/views/model_details.haml +++ b/views/model_details.haml @@ -13,7 +13,7 @@ = data_entries.count/3 %br = "Training dataset:\t" - %a{:href=>"#{to("/predict/dataset/#{training_dataset.name}")}"} + %a{:href=>"//#{ENV['VIRTUAL_HOST']}/predict/dataset/#{training_dataset.name}"} = training_dataset.name %div.card.bg-light @@ -190,7 +190,7 @@ %div.card.bg-light %div.card-body %h6.card-title QMRF: - %a.btn.btn-outline-info{:href=>"#{to("/predict/report/#{model.id}")}", :id=>"report#{model.id}", :style=>"font-size:small;"} + %a.btn.btn-outline-info{:href=>"//#{ENV['VIRTUAL_HOST']}/predict/report/#{model.id}", :id=>"report#{model.id}", :style=>"font-size:small;"} %span.fa.fa-download XML %br diff --git a/views/neighbors.haml b/views/neighbors.haml index 8f8e186..687f0ab 100644 --- a/views/neighbors.haml +++ b/views/neighbors.haml @@ -34,7 +34,7 @@ / Compound - c = Compound.find(neighbor) %td - %a.btn.btn-link{:href => "#details#{j+1}", data: { toggle: "modal", remote: to("/prediction/#{CGI.escape(c.id.to_s)}/details"), :id=>"link#{j+1}#{count}"}} + %a.btn.btn-link{:href => "#details#{j+1}", data: { toggle: "modal", remote: "//#{ENV['VIRTUAL_HOST']}/prediction/#{CGI.escape(c.id.to_s)}/details", :id=>"link#{j+1}#{count}"}} = embedded_svg(c.svg, :title=>"click for details") / Measured Activity diff --git a/views/predict.haml b/views/predict.haml index cca2147..966ffd2 100644 --- a/views/predict.haml +++ b/views/predict.haml @@ -1,7 +1,7 @@ %link{ :href=>"/jsme/jsa.css", :rel=>"stylesheet", :property=>"stylesheet"} %script{:src=>"/jsme/jsme.nocache.js"} -// whole site content needs to be in one form. Input and checkboxes are proofed by js functions. -%form{:name => "form", :action => to('/predict'), :method => "post", :enctype => "multipart/form-data", :onsubmit => "return !!(showcircle())" } +// whole site content needs to be in one form. Input and checkboxes are proofed by js functions. +%form{:name => "form", :action => "//#{ENV['VIRTUAL_HOST']}/predict", :method => "post", :enctype => "multipart/form-data", :onsubmit => "return !!(showcircle())" } %fieldset#top.card.bg-light #insert.card-body %h2.card-title 1. Draw a chemical structure @@ -20,7 +20,7 @@ %br %span.btn.btn-file{:style=>"background-color:white;"} %input.form-control-file{:type=>"file", :name=> "fileselect", :id=>"fileselect", :accept=>"text/csv"} - %a.btn.btn-outline-info{:href => to("/predict/help"), :rel => "external", :style=>"margin-left: 1em;"} Help + %a.btn.btn-outline-info{:href => "//#{ENV['VIRTUAL_HOST']}/predict/help", :rel => "external", :style=>"margin-left: 1em;"} Help %fieldset#middle.card.bg-light #models.card-body @@ -37,7 +37,7 @@ %label{:for => "selection[#{model.species.gsub(/\s+/, "_")}]"} = model.species %span.col-6 - %a.btn.btn-outline-info{:role=>"button", :data=>{:toggle=>"collapse"}, :href=>"#details#{model.id}", :aria=>{:expanded=>"false", :controls=>"details#{model.id}"}, :onclick=>"loadDetails('#{model.id}','#{to("/predict/modeldetails/#{model.id}")}')", :id => "link#{model.id}", :style=>"font-size:small;"} + %a.btn.btn-outline-info{:role=>"button", :data=>{:toggle=>"collapse"}, :href=>"#details#{model.id}", :aria=>{:expanded=>"false", :controls=>"details#{model.id}"}, :onclick=>"loadDetails('#{model.id}','//#{ENV['VIRTUAL_HOST']}/predict/modeldetails/#{model.id}')", :id => "link#{model.id}", :style=>"font-size:small;"} %span.fa.fa-caret-right Details | Validation %img.h2{:src=>"/images/wait30trans.gif", :id=>"circle#{model.id}", :class=>"circle#{model.id}", :alt=>"wait", :style=>"display:none;"} diff --git a/views/prediction.haml b/views/prediction.haml index 3631f10..19f5caf 100644 --- a/views/prediction.haml +++ b/views/prediction.haml @@ -1,5 +1,5 @@ %div.card - %a.btn.btn-outline-info{:href => to('/predict')} + %a.btn.btn-outline-info{:href => "//#{ENV['VIRTUAL_HOST']}/predict"} %span.fa.fa-caret-left New Prediction %div.card.bg-light @@ -10,7 +10,7 @@ %tbody %tr %td.align-items-center{:id=>"compound"} - %a.btn.btn-link{:href => "#details0", data: { toggle: "modal", remote: to("/prediction/#{@compound.id}/details"), :id=>"link01"}} + %a.btn.btn-link{:href => "#details0", data: { toggle: "modal", remote: "//#{ENV['VIRTUAL_HOST']}/prediction/#{@compound.id}/details", :id=>"link01"}} = embedded_svg(@compound.svg, :title=>"click for details") %p= @compound.smiles - if @compound.cid && @compound.cid != "0" -- cgit v1.2.3