CSP for bookmarklet (subscription)

https://github.com/FreshRSS/FreshRSS/issues/1075

2 files changed, 8 insertions, 1 deletions

diff --git a/app/layout/aside_subscription.phtml b/app/layout/aside_subscription.phtml
index 8a54e2dc2..fa10d63e8 100644
--- a/app/layout/aside_subscription.phtml
+++ b/app/layout/aside_subscription.phtml
@@ -10,7 +10,7 @@
 	</li>
 
 	<li class="item">
-		<a onclick="return false;" href="javascript:(function(){var%20url%20=%20location.href;window.open('<?php echo Minz_Url::display(array('c' => 'feed', 'a' => 'add'), 'html', true); ?>&amp;url_rss='+encodeURIComponent(url), '_blank');})();">
+		<a class="bookmarkClick" href="javascript:(function(){var%20url%20=%20location.href;window.open('<?php echo Minz_Url::display(array('c' => 'feed', 'a' => 'add'), 'html', true); ?>&amp;url_rss='+encodeURIComponent(url), '_blank');})();">
 			<?php echo _t('sub.menu.bookmark'); ?>
 		</a>
 	</li>
diff --git a/p/scripts/main.js b/p/scripts/main.js
index f07cdafd7..cfde5fd4e 100644
--- a/p/scripts/main.js
+++ b/p/scripts/main.js
@@ -1245,6 +1245,12 @@ function init_configuration_alert() {
 	});
 }
 
+function init_subscription() {
+	$('body').on('click', '.bookmarkClick', function (e) {
+		return false;
+	});
+}
+
 function parseJsonVars() {
 	var jsonVars = document.getElementById('jsonVars'),
 		json = JSON.parse(jsonVars.innerHTML);
@@ -1281,6 +1287,7 @@ function init_all() {
 		init_notifs_html5();
 		window.setInterval(refreshUnreads, 120000);
 	} else {
+		init_subscription();
 		init_crypto_form();
 		init_share_observers();
 		init_remove_observers();