mirror of
https://github.com/iv-org/invidious
synced 2024-11-30 15:03:30 +01:00
70cbe91776
So attacks such as XSS (see [0]) will no longer be of an issue. [0]: https://github.com/omarroth/invidious/issues/1022
91 lines
2.9 KiB
JavaScript
91 lines
2.9 KiB
JavaScript
var subscribe_data = JSON.parse(document.getElementById('subscribe_data').innerHTML);
|
|
|
|
var subscribe_button = document.getElementById('subscribe');
|
|
subscribe_button.parentNode['action'] = 'javascript:void(0)';
|
|
|
|
if (subscribe_button.getAttribute('data-type') === 'subscribe') {
|
|
subscribe_button.onclick = subscribe;
|
|
} else {
|
|
subscribe_button.onclick = unsubscribe;
|
|
}
|
|
|
|
function subscribe(retries = 5) {
|
|
if (retries <= 0) {
|
|
console.log('Failed to subscribe.');
|
|
return;
|
|
}
|
|
|
|
var url = '/subscription_ajax?action_create_subscription_to_channel=1&redirect=false' +
|
|
'&c=' + subscribe_data.ucid;
|
|
var xhr = new XMLHttpRequest();
|
|
xhr.responseType = 'json';
|
|
xhr.timeout = 10000;
|
|
xhr.open('POST', url, true);
|
|
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
|
|
|
|
var fallback = subscribe_button.innerHTML;
|
|
subscribe_button.onclick = unsubscribe;
|
|
subscribe_button.innerHTML = '<b>' + subscribe_data.unsubscribe_text + ' | ' + subscribe_data.sub_count_text + '</b>';
|
|
|
|
xhr.onreadystatechange = function () {
|
|
if (xhr.readyState == 4) {
|
|
if (xhr.status != 200) {
|
|
subscribe_button.onclick = subscribe;
|
|
subscribe_button.innerHTML = fallback;
|
|
}
|
|
}
|
|
}
|
|
|
|
xhr.onerror = function () {
|
|
console.log('Subscribing failed... ' + retries + '/5');
|
|
setTimeout(function () { subscribe(retries - 1) }, 1000);
|
|
}
|
|
|
|
xhr.ontimeout = function () {
|
|
console.log('Subscribing failed... ' + retries + '/5');
|
|
subscribe(retries - 1);
|
|
}
|
|
|
|
xhr.send('csrf_token=' + subscribe_data.csrf_token);
|
|
}
|
|
|
|
function unsubscribe(retries = 5) {
|
|
if (retries <= 0) {
|
|
console.log('Failed to subscribe');
|
|
return;
|
|
}
|
|
|
|
var url = '/subscription_ajax?action_remove_subscriptions=1&redirect=false' +
|
|
'&c=' + subscribe_data.ucid;
|
|
var xhr = new XMLHttpRequest();
|
|
xhr.responseType = 'json';
|
|
xhr.timeout = 10000;
|
|
xhr.open('POST', url, true);
|
|
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
|
|
|
|
var fallback = subscribe_button.innerHTML;
|
|
subscribe_button.onclick = subscribe;
|
|
subscribe_button.innerHTML = '<b>' + subscribe_data.subscribe_text + ' | ' + subscribe_data.sub_count_text + '</b>';
|
|
|
|
xhr.onreadystatechange = function () {
|
|
if (xhr.readyState == 4) {
|
|
if (xhr.status != 200) {
|
|
subscribe_button.onclick = unsubscribe;
|
|
subscribe_button.innerHTML = fallback;
|
|
}
|
|
}
|
|
}
|
|
|
|
xhr.onerror = function () {
|
|
console.log('Unsubscribing failed... ' + retries + '/5');
|
|
setTimeout(function () { unsubscribe(retries - 1) }, 1000);
|
|
}
|
|
|
|
xhr.ontimeout = function () {
|
|
console.log('Unsubscribing failed... ' + retries + '/5');
|
|
unsubscribe(retries - 1);
|
|
}
|
|
|
|
xhr.send('csrf_token=' + subscribe_data.csrf_token);
|
|
}
|