Auto merge of #4314 - Turbo87:fix-back-link, r=Turbo87

bors · bors · commit 9fbb03c86c39 · 2021-12-22T19:13:36.000Z
catch-all: Fix broken "Go back" and "Reload" links > Refused to run the JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'sha256-n1+BB7Ckjcal1Pr7QNBh/dKRTtBQsIytFodRiIosXdE='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. This PR fixes the above error, that is triggered from hitting the "Go back" link on e.g. https://crates.io/crates/jdfgkjsdfjksnd
diff --git a/app/controllers/catch-all.js b/app/controllers/catch-all.js
@@ -2,8 +2,11 @@ import Controller from '@ember/controller';
 import { action } from '@ember/object';
 
 export default class CatchAllController extends Controller {
-  @action reload(event) {
-    event.preventDefault();
+  @action reload() {
     this.model.transition.retry();
   }
+
+  @action back() {
+    history.back();
+  }
 }
diff --git a/app/styles/application.module.css b/app/styles/application.module.css
@@ -57,9 +57,10 @@ h1 {
     }
 }
 
-a {
+a, .link {
     color: var(--link-color);
     text-decoration: none;
+    cursor: pointer;
 
     &:hover {
         color: var(--link-hover-color);
diff --git a/app/styles/catch-all.module.css b/app/styles/catch-all.module.css
@@ -15,5 +15,7 @@
 }
 
 .link {
+    composes: button-reset from '../styles/shared/buttons.module.css';
+    composes: link from '../styles/application.module.css';
     font-weight: 500;
 }
diff --git a/app/templates/catch-all.hbs b/app/templates/catch-all.hbs
@@ -5,9 +5,9 @@
     <h1 local-class="title" data-test-title>{{or @model.title "Page not found"}}</h1>
 
     {{#if @model.tryAgain}}
-      <a href="javascript:location.reload()" local-class="link" data-test-try-again {{on "click" this.reload}}>Try Again</a>
+      <button type="button" local-class="link" data-test-try-again {{on "click" this.reload}}>Try Again</button>
     {{else}}
-      <a href="javascript:history.back()" local-class="link" data-test-go-back>Go Back</a>
+      <button type="button" local-class="link" data-test-go-back {{on "click" this.back}}>Go Back</button>
     {{/if}}
   </div>
 </div>

Original file line number	Diff line number	Diff line change
`@@ -2,8 +2,11 @@ import Controller from '@ember/controller';`
`2`	`2`	`import { action } from '@ember/object';`
`3`	`3`
`4`	`4`	`export default class CatchAllController extends Controller {`
`5`		`- @action reload(event) {`
`6`		`- event.preventDefault();`
	`5`	`+ @action reload() {`
`7`	`6`	`this.model.transition.retry();`
`8`	`7`	`}`
	`8`	`+`
	`9`	`+ @action back() {`
	`10`	`+ history.back();`
	`11`	`+ }`
`9`	`12`	`}`
Original file line number	Diff line number	Diff line change
`@@ -57,9 +57,10 @@ h1 {`
`57`	`57`	`}`
`58`	`58`	`}`
`59`	`59`
`60`		`-a {`
	`60`	`+a, .link {`
`61`	`61`	`color: var(--link-color);`
`62`	`62`	`text-decoration: none;`
	`63`	`+ cursor: pointer;`
`63`	`64`
`64`	`65`	`&:hover {`
`65`	`66`	`color: var(--link-hover-color);`
Original file line number	Diff line number	Diff line change
`@@ -15,5 +15,7 @@`
`15`	`15`	`}`
`16`	`16`
`17`	`17`	`.link {`
	`18`	`+ composes: button-reset from '../styles/shared/buttons.module.css';`
	`19`	`+ composes: link from '../styles/application.module.css';`
`18`	`20`	`font-weight: 500;`
`19`	`21`	`}`