bug: google maps js, translation xss bug

2022-09-26 11:53:45 +05:00 · 2022-09-26 11:53:45 +05:00 · b3d176738e
parent eae599cca4
commit b3d176738e
5 changed files with 28 additions and 9 deletions
--- a/src/i18n/en.js
+++ b/src/i18n/en.js
@ -6,4 +6,9 @@ export const locale = {
  REQUIRED: "Required",
  ACCOUNT: "Account",
  SUPPORT: "Support",
+  FILE_MAX_SIZE: "File max size is {size} Kb.",
+  FILE_ALLOWED_TYPES: "File type must be {file_types}.",
+  APPLICATION_PROCESS_DESCRIPTION: "Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever. When an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. To download the questionnaire, please <a href=\"{questionnaire_ref}\" class=\"text-primary font-bold\">download this doc</a>.",
+  tos: 'Term of Service',
+  term: 'I accept xxx {0}.'
 };
--- a/src/i18n/ru.js
+++ b/src/i18n/ru.js
@ -6,5 +6,9 @@ export const locale = {
  REQUIRED: "Обязательное поле",
  ACCOUNT: "Account RU",
  SUPPORT: "Поддержка",
-  
+  FILE_MAX_SIZE: "Максимальный размер файла {size} Kb.",
+  FILE_ALLOWED_TYPES: "Тип файла должен быть {file_types}.",
+  APPLICATION_PROCESS_DESCRIPTION: "Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever. When an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. To download the questionnaire, please <a href=\"{questionnaire_ref}\" class=\"text-primary font-bold\">download this doc</a>.",
+  tos: 'Term of Service',
+  term: 'I accept xxx {0}.'
 };
--- a/src/i18n/tm.js
+++ b/src/i18n/tm.js
@ -6,4 +6,9 @@ export const locale = {
  REQUIRED: "Hökmany",
  ACCOUNT: "Hasabym",
  SUPPORT: "Goldaw",
+  FILE_MAX_SIZE: "Faýl {size} Kb-dan uly bolmaly däl.",
+  FILE_ALLOWED_TYPES: "Faýlyň görnüşi {file_types} bolmaly.",
+  APPLICATION_PROCESS_DESCRIPTION: "Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever. When an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. To download the questionnaire, please <a href=\"{questionnaire_ref}\" class=\"text-primary font-bold\">download this doc</a>.",
+  tos: 'Term of Service',
+  term: 'I accept xxx {0}.'
 };
--- a/src/views/document/Main.vue
+++ b/src/views/document/Main.vue
@ -8,12 +8,9 @@
        Please upload all documents
      </h4>
      <div class="pb-6">
-        Lorem Ipsum is simply dummy text of the printing and typesetting
-        industry. Lorem Ipsum has been the industry's standard dummy text ever.
-        When an unknown printer took a galley of type and scrambled it to make a
-        type specimen book. It has survived not only five centuries, but also
-        the leap into electronic typesetting, remaining essentially unchanged.
-        To download the questionnaire, please <a href="#" class="text-primary font-bold">download this doc</a>.
+        <i18n-t keypath="term" path="term" tag="label" for="tos">
+          <a :href="'https://orient.tm'" target="_blank">{{ $t('tos') }}</a>
+        </i18n-t>
      </div>
    </div>
    <div class="intro-y col-span-3">
@ -65,6 +62,9 @@ import { onBeforeMount, watch, ref } from "vue";
 import { useApplicationStore } from '@/stores'
 import { storeToRefs } from 'pinia';
 import { BYTES_IN_KB, ALLOWED_FILE_TYPES } from "@/helpers";
+import { useI18n } from 'vue-i18n';
+
+const { t } = useI18n({});

 const applicationStore = useApplicationStore();

@ -94,11 +94,11 @@ const fileIsValid = (index, attachment) => {
  validationError.value = {};

  if(docFile.value.size > attachment.document_max_size * BYTES_IN_KB) {
-    validationError.value[index] = `File max size is ${attachment.document_max_size} Kb.`;
+    validationError.value[index] =  t('FILE_MAX_SIZE', {size: attachment.document_max_size});
    return false;
  }
  if(ALLOWED_FILE_TYPES.indexOf(docFile.value.type) < 0) {
-    validationError.value[index] = `File type must be ${ALLOWED_FILE_TYPES.join(', ')}.`;
+    validationError.value[index] =  t('FILE_ALLOWED_TYPES', {file_types: ALLOWED_FILE_TYPES.join(', ')});
    return false;
  }

--- a/vite.config.js
+++ b/vite.config.js
@ -10,4 +10,9 @@ export default defineConfig({
      "@": path.resolve(__dirname, "./src"),
    },
  },
+  // define: {
+  //   __VUE_I18N_FULL_INSTALL__: true,
+  //   __VUE_I18N_LEGACY_API__: false,
+  //   __INTLIFY_PROD_DEVTOOLS__: false,
+  // },
 });