From cfa978fa37489283b574b38fc6c4d7c3b990ad0e Mon Sep 17 00:00:00 2001 From: Reuben Date: Thu, 11 Jan 2024 21:18:41 +1000 Subject: [PATCH 01/10] add edit-note param This commits start work to enable adding edit notes https://tickets.metabrainz.org/browse/MBS-6048 --- index.html | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 58b82f7..8379228 100644 --- a/index.html +++ b/index.html @@ -52,6 +52,8 @@ var anyISRCsValid = false; // State from the most recently popped history var poppedState = null; +// edit comment +var editNote = ""; // Simple JavaScript Templating // John Resig - http://ejohn.org/ - MIT Licensed @@ -90,10 +92,10 @@ })(window); (function(self) { - var entityMap = { "&": "&", "<": "<", ">": ">", '"': '"', "'": ''', "/": '/' }; + var entityMap = { "&": "&", "<": "<", ">": ">", '"': '"', "'": ''', "/": '/' , "\n": '
' }; self.escapeHtml = function escapeHtml(string) { - return String(string).replace(/[&<>"'\/]/g, function (s) { + return String(string).replace(/[&<>"'\/\n]/g, function (s) { return entityMap[s]; }); }; @@ -493,7 +495,14 @@ }); } +function getEditNote(params) { + if (params.has("edit-note")) { + editNote = params.get("edit-note"); + } +} + function handleRelease(params) { + getEditNote(params); renderReleaseProgress(); fetchRelease(mbid) .then(release => { @@ -952,6 +961,10 @@

(no tracks)

<% } %> <% } %> +
+ + +
@@ -976,6 +989,14 @@

Edit Preview

+
+
+ Edit note: +
+
+ <%= escapeHtml(editNote) %>
+
+
<% if (login.userInfo) { %> From 5045ba208f46289b1406f56ba701994cf4974048 Mon Sep 17 00:00:00 2001 From: Reuben Date: Fri, 12 Jan 2024 01:07:42 +1000 Subject: [PATCH 02/10] submit edit-note add edit-note to submitted xml --- index.html | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/index.html b/index.html index 8379228..3c3b947 100644 --- a/index.html +++ b/index.html @@ -695,7 +695,11 @@ isrcList.appendChild(isrcEl); } } - + if (editNote != "" && editNote != null) { + let editnoteTag = doc.createElementNS(xmlns, "edit-note"); + editnoteTag.textContent = editNote; + doc.appendChild(editnoteTag); + } return doc; } From 636f5ff5fd1e0e5397a45d272888ff4979cade35 Mon Sep 17 00:00:00 2001 From: Reuben Date: Fri, 12 Jan 2024 01:16:37 +1000 Subject: [PATCH 03/10] don't escape edit-data in textarea and added child to metadata tag per https://github.com/reosarevok/musicbrainz-server/blob/master/t/lib/t/MusicBrainz/Server/Controller/WS/2/SubmitRecording.pm --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 3c3b947..e56a8d9 100644 --- a/index.html +++ b/index.html @@ -698,7 +698,7 @@ if (editNote != "" && editNote != null) { let editnoteTag = doc.createElementNS(xmlns, "edit-note"); editnoteTag.textContent = editNote; - doc.appendChild(editnoteTag); + metadata.appendChild(editnoteTag); } return doc; } @@ -967,7 +967,7 @@

<% } %>
- +
From b814fb694a8f4fb4483c678d0638b9ec82b832ba Mon Sep 17 00:00:00 2001 From: reubot Date: Fri, 12 Jan 2024 12:08:36 +1000 Subject: [PATCH 04/10] Create README.md --- README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..8beb6d9 --- /dev/null +++ b/README.md @@ -0,0 +1,15 @@ +# MagicISRC +---------------------------------------------------------------------------------------- +## Documentation +---------------------------------------------------------------- + +### Query parameters: + +mbid +: musicbrainz release id or url + +isrc[medium number]-[track nunmber] +: track position eg `isrc1-1` + +edit-node +: edit note to annotate submission From eff081e45aa600455c7ec61b249ea77599595466 Mon Sep 17 00:00:00 2001 From: reuben Date: Fri, 14 Jun 2024 10:10:08 +1000 Subject: [PATCH 05/10] fix label sryle --- index.html | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/index.html b/index.html index e56a8d9..0b9d2a1 100644 --- a/index.html +++ b/index.html @@ -966,7 +966,9 @@

<% } %> <% } %>
- +
@@ -977,8 +979,8 @@

<% if (anyISRCsValid) { %>

Edit Preview

-
- Additions: +
+ Additions
    @@ -994,8 +996,8 @@

    Edit Preview

-
- Edit note: +
+ Edit note
<%= escapeHtml(editNote) %>
From 12a06887ac4916411434f4aef538b5876751be45 Mon Sep 17 00:00:00 2001 From: reuben Date: Fri, 14 Jun 2024 10:45:26 +1000 Subject: [PATCH 06/10] fix edit note preview style --- index.html | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index 0b9d2a1..3680f3b 100644 --- a/index.html +++ b/index.html @@ -92,7 +92,7 @@ })(window); (function(self) { - var entityMap = { "&": "&", "<": "<", ">": ">", '"': '"', "'": ''', "/": '/' , "\n": '
' }; + var entityMap = { "&": "&", "<": "<", ">": ">", '"': '"', "'": ''', "/": '/' }; self.escapeHtml = function escapeHtml(string) { return String(string).replace(/[&<>"'\/\n]/g, function (s) { @@ -999,9 +999,7 @@

Edit Preview

Edit note
-
- <%= escapeHtml(editNote) %>
-
+
<%=editNote%>
From d7c4e3234f80a4be2ef4b7db2b3d94b5922da7af Mon Sep 17 00:00:00 2001 From: reuben Date: Fri, 14 Jun 2024 11:14:07 +1000 Subject: [PATCH 07/10] fix cross-site HTML injection attack --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 3680f3b..76b06ec 100644 --- a/index.html +++ b/index.html @@ -95,7 +95,7 @@ var entityMap = { "&": "&", "<": "<", ">": ">", '"': '"', "'": ''', "/": '/' }; self.escapeHtml = function escapeHtml(string) { - return String(string).replace(/[&<>"'\/\n]/g, function (s) { + return String(string).replace(/[&<>"'\/]/g, function (s) { return entityMap[s]; }); }; @@ -497,7 +497,7 @@ function getEditNote(params) { if (params.has("edit-note")) { - editNote = params.get("edit-note"); + editNote = escapeHtml(params.get("edit-note")); } } From 8eb9cf0bbe8d8ffa16276f6377188babe9107915 Mon Sep 17 00:00:00 2001 From: reuben Date: Sat, 15 Jun 2024 01:53:19 +1000 Subject: [PATCH 08/10] use class="form-control" --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 76b06ec..1ce826c 100644 --- a/index.html +++ b/index.html @@ -969,7 +969,7 @@

- +

From afd1ae7d510caa2d85410eec2d27d74d2ba8313a Mon Sep 17 00:00:00 2001 From: Calvin Walton Date: Sun, 22 Sep 2024 11:27:59 -0400 Subject: [PATCH 09/10] Update documentation for edit-note submission. --- README.md | 15 --------------- privacy.html | 2 +- seeding.html | 4 ++++ 3 files changed, 5 insertions(+), 16 deletions(-) delete mode 100644 README.md diff --git a/README.md b/README.md deleted file mode 100644 index 8beb6d9..0000000 --- a/README.md +++ /dev/null @@ -1,15 +0,0 @@ -# MagicISRC ----------------------------------------------------------------------------------------- -## Documentation ----------------------------------------------------------------- - -### Query parameters: - -mbid -: musicbrainz release id or url - -isrc[medium number]-[track nunmber] -: track position eg `isrc1-1` - -edit-node -: edit note to annotate submission diff --git a/privacy.html b/privacy.html index ae9b64c..eca47ec 100644 --- a/privacy.html +++ b/privacy.html @@ -30,7 +30,7 @@

Data sent to MusicBrainz

  • MusicBrainz access token. (when submitting ISRCs)
  • Code verifier. (when logging in)
  • Release MBID. (when loading a release)
    • -
  • Recording MBIDs and ISRCs. (when submitting ISRCs)
    • +
  • Recording MBIDs, ISRCs, and Edit Note. (when submitting ISRCs)

    • Web access logs

    Like many other web services, I keep logs of all web requests made to this service. These logs are used for diagnostic and traffic management purposes, and no information from them is sent to any third party or made available publicly. The logs are deleted after 14 days, although anonymized aggregate traffic data may be preserved indefinitely. The following personal data is logged:

    diff --git a/seeding.html b/seeding.html index 8cdcc67..2ecf079 100644 --- a/seeding.html +++ b/seeding.html @@ -62,6 +62,10 @@

    Documentation

    An ISRC, specified by sequential position.

    If you just have a list of ISRCs but you do not know how they are split between media, use this format. This parameter format is primarily supported for backwards compatibility with older ISRC submission tools – please use the Medium & Track format instead if possible. Within the name of the parameter, N is replaced with the position (counting from 1). CD pregap tracks are not supported; they will be skipped in the numbering sequence.

    +
    edit-note
    +
    +

    An edit note to include with the ISRC addition edit.

    +
    From edbd134e6e6e641cca1e3431584507b0c46a016b Mon Sep 17 00:00:00 2001 From: Calvin Walton Date: Sun, 22 Sep 2024 12:14:43 -0400 Subject: [PATCH 10/10] Code and visual style updates. Rename a few functions to match other other functions with similar functionality. Don't double-escape the edit note when submitting. Move the edit note field down below the edit preview and add a copy of the MusicBrainz edit note field description. --- index.html | 58 +++++++++++++++++++--------------------------------- seeding.html | 1 + 2 files changed, 22 insertions(+), 37 deletions(-) diff --git a/index.html b/index.html index 1ce826c..081303f 100644 --- a/index.html +++ b/index.html @@ -48,12 +48,12 @@ // Object, with properties: // (same as in `isrcs`) var pregapISRCs = null; +// Edit note to include with ISRC submission edit +var editNote = ""; // True if any ISRCs are valid, and the edit preview should be shown var anyISRCsValid = false; // State from the most recently popped history var poppedState = null; -// edit comment -var editNote = ""; // Simple JavaScript Templating // John Resig - http://ejohn.org/ - MIT Licensed @@ -495,15 +495,13 @@ }); } -function getEditNote(params) { - if (params.has("edit-note")) { - editNote = escapeHtml(params.get("edit-note")); - } +function checkEditNote(params) { + editNote = params.get("edit-note") || ""; } function handleRelease(params) { - getEditNote(params); renderReleaseProgress(); + checkEditNote(params); fetchRelease(mbid) .then(release => { checkISRCs(release, params); @@ -695,11 +693,13 @@ isrcList.appendChild(isrcEl); } } - if (editNote != "" && editNote != null) { - let editnoteTag = doc.createElementNS(xmlns, "edit-note"); - editnoteTag.textContent = editNote; - metadata.appendChild(editnoteTag); + + if (editNote) { + const editNoteEl = doc.createElementNS(xmlns, "edit-note"); + editNoteEl.textContent = editNote; + metadata.appendChild(editNoteEl); } + return doc; } @@ -965,17 +965,7 @@

    (no tracks)

    <% } %> <% } %> -
    - - -
    -
    -
    - -
    -
    + <% if (anyISRCsValid) { %>

    Edit Preview

    @@ -995,21 +985,15 @@

    Edit Preview

    -
    -
    - Edit note -
    -
    <%=editNote%>
    -
    -
    -
    - <% if (login.userInfo) { %> - - <% } else { %> - - <% } %> -
    -
    + <% } %> +

    +

    Entering an edit note that describes where you got your information is highly recommended. Not only does it make your sources clear (both now and to users who see the edit years later), but it can also encourage other users to vote on the edit — thus making it get applied faster.

    +

    Even just providing a URL or two is helpful! For more suggestions, see the MusicBrainz guide for writing good edit notes.

    + + <% if (!login.userInfo) { %> + + <% } else if (anyISRCsValid) { %> + <% } %> diff --git a/seeding.html b/seeding.html index 2ecf079..38df8d4 100644 --- a/seeding.html +++ b/seeding.html @@ -65,6 +65,7 @@

    Documentation

    edit-note

    An edit note to include with the ISRC addition edit.

    +

    See the MusicBrainz Edit Note documentation for detail on the use and formatting of an edit note, and How to Write Edit Notes for more information on what a good edit note should include.