Commit Graph

4 Commits (c40c67748fe18d8c2cae246b6b8310142e088eda)

Author SHA1 Message Date
Brett Zamir 8fd81d158f Indicate new config for exportWindowType
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2856 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-05-22 07:39:13 +00:00
Brett Zamir a506f6c02f Minor clarification of preventAllURLConfig
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2803 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-04-09 01:35:28 +00:00
Brett Zamir 1e2e6529d2 Critical privacy/data integrity fix: Move cross-domain capable message listener into own extension (ext-xdomain-messaging.js) and do not include by default (the extension now won't work anyways without an allowedOrigins config first being set (in config.js) for security reasons (and not via URL)); add allowedOrigins config and demo use in config-sample.js; JSLint; update embedapi.html to supply the xdomain extension in case running xdomain (again, allowedOrigins must be supplied in the local copy of config.js for this to work); modify embedapi.js to allow reuse of cross-domain API with same-domain usage, but without the intermediate JSON parsing which could lose some non-JSONable arguments or response.
git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2714 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-22 04:08:24 +00:00
Brett Zamir e463b43220 1. Reference config.js in the editor (and remove encouragement for adding extensions to HTML) but ignore config.js in SVN (let user configure) but supply config-sample.js to indicate config/pref/extension possibilities;
2. Move ext-overview_window.js to default but overridable list of extensions (as with other extensions);
3. Allow extensions to avoid problems if failing to return an object (in svgcanvas.js);
4. Support new langReady callback to ensure extension always called when locale info is ready (and always load locale, even English);
5. Move localStorage storing to a new (i18n-ized and available-by-default) storage extension which adds a dialog asking user for whether to store prefs and/or SVG content; $.pref() now falls back to checking defaultPrefs (which may have been expanded at runtime to include URL or storage settings); use new config "forceStorage" to get old (bad) behavior
6. Remove initial cap from "Editor" to reflect singleton nature of object (as compared to JSLint conventions for initial cap constructors);
7. Begin a little JSDoc, clearer grouping of properties/methods; JSLint/clean-up
8. Omit values for lang and iconsize to be successfully auto-detected; 9. Document "save_notice_done" and "export_notice_done" within list of prefs; document "showlayers" and "no_save_warning" as config
10. Add "preventAllURLConfig" and "preventURLContentLoading" config for URL security; 
11. Add "lockExtensions" and "noDefaultExtensions" config for URL behavior re: extension loading
12. Document "showGrid", and new "noStorageOnLoad" and "emptyStorageOnDecline" extension-related config
13. Change setConfig to allow a second object with "overwrite" and "allowInitialUserOverride" properties and to behave accordingly (with URL config acting with overwrite=false to act under lower priority given security concern), along with checking "preventAllURLConfig" and "lockExtensions" config.
14. Remove any dupe extensions
15. Strip all path config from URL setting in addition to extPath (imgPath, langPath, jGraduatePath)
16. Support select+checkbox type dialog (used for storage ext.)
17. Ensure clickSelect is public so can be properly used by ext-connector.js
18. Reinstate 'in' checks just to be safe
19. Fix broken linkControlPoints() and addSubPath() functions
20. Fix problem when position returned by extension object was too high (e.g., if too few other extensions were included).

git-svn-id: http://svg-edit.googlecode.com/svn/trunk@2705 eee81c28-f429-11dd-99c0-75d572ba1ddd
2014-02-18 15:06:27 +00:00