CSP: Use inline JSON instead of one-time cookie

Simpler, lighter https://github.com/FreshRSS/FreshRSS/issues/1075
author: Alexandre Alapetite <alexandre@alapetite.fr> 2016-02-21 14:23:24 +0100
committer: Alexandre Alapetite <alexandre@alapetite.fr> 2016-02-21 14:23:24 +0100
commit: e3dc7d46e15d97f8bd008acf3489d5e6c22b8daa (patch)
tree: b7db25c8d0b5d617fa03b5584c193c5576488dea /p/scripts
parent: 64ec0708a1404e1f39a5fdc0131c89b2e4038bee (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/p/scripts/main.js b/p/scripts/main.js
index 31b07721a..f07cdafd7 100644
--- a/p/scripts/main.js
+++ b/p/scripts/main.js
@@ -1245,10 +1245,10 @@ function init_configuration_alert() {
 	});
 }
 
-function parseJavaScriptCookie() {
-	var vars = decodeURIComponent(document.cookie.replace(/(?:(?:^|.*;\s*)FreshRSS-vars\s*\=\s*([^;]*).*$)|^.*$/, "$1"));
-	document.cookie = 'FreshRSS-vars=; expires=Thu, 01 Jan 1970 00:00:00 GMT';
-	var json = JSON.parse(vars);
+function parseJsonVars() {
+	var jsonVars = document.getElementById('jsonVars'),
+		json = JSON.parse(jsonVars.innerHTML);
+	jsonVars.outerHTML = '';
 	window.context = json.context;
 	window.shortcuts = json.shortcuts;
 	window.url = json.url;
@@ -1264,7 +1264,7 @@ function init_all() {
 		window.setTimeout(init_all, 50);
 		return;
 	}
-	parseJavaScriptCookie();
+	parseJsonVars();
 	init_notifications();
 	init_confirm_action();
 	$stream = $('#stream');
author	Alexandre Alapetite <alexandre@alapetite.fr>	2016-02-21 14:23:24 +0100
committer	Alexandre Alapetite <alexandre@alapetite.fr>	2016-02-21 14:23:24 +0100
commit	e3dc7d46e15d97f8bd008acf3489d5e6c22b8daa (patch)
tree	b7db25c8d0b5d617fa03b5584c193c5576488dea /p/scripts
parent	64ec0708a1404e1f39a5fdc0131c89b2e4038bee (diff)