Hacktoberfesting!

heymarkkop

Mark Kop

Posted on October 20, 2019

Hacktoberfesting!

As my first participation in Hacktoberfest, I've created 4 great pull requests this month:

1) Fixed Habitica's Chat Extension for Firefox

As I wanted to have my first open source contribution accepted as soon as possible, I also had to fix this firefox extension.

Fix firefox extension #50

Markkop avatar
Markkop commented on Oct 02, 2019

Fixes #49 (partially)

This version contains minified, concatenated or otherwise machine-generated code. Please provide the original sources, together with instructions on how to generate the final XPI. Source code must be provided as an archive and uploaded using the source code upload field, which can be done during submission or on the version page in the developer hub. Please read through the instructions at https://developer.mozilla.org/en-US/Add-ons/Source_Code_Submission. Here are some examples that were discovered: resources\habitica-markdown.min.js

I've used this tool to unminify habitica-markdown.min.js I had to update manifest.json and chat.json with the new habitica-markdown.js file

Please remove all unused permissions from your manifest. Here are some examples that were discovered: https://ajax.googleapis.com/

I've removed this permission from manifest.json

This add-on is creating DOM nodes from HTML strings containing potentially unsanitized data, by assigning to innerHTML, jQuery.html, or through similar means. Aside from being inefficient, this is a major security risk. For more information, see https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Safely_inserting_external_content_into_a_page . Here are some examples that were discovered: mainChat\chat_inPage.js line 147, 194, 199 and possible more.

This was more troublesome. I believe it has 2 solutions: convert HTML strings to proper html elements being created with Javascript or using a DOMPurifier as recommend by Firefox This lib is imported at chat.js and applied in several parts of chat_inPage.js

All changes were ported to Chrome's version and tested.

The privacy policy is still needed and have to be handled by Habitica Staff.

PS: some formatting have been changed, sorry about that

2) Fixed a weird class name in Habitica

I wanted to contribute more with the project and fixed a strange class name that was appearing because of VueRouter. This led me to the 4º contribution tier in Habitica, hurray!

fix(chat): change class name because of active route #11405

Markkop avatar
Markkop commented on Oct 06, 2019

Fixes #11404

Changes

Renamed like active class name to activeLike, so it is not get confused with current active route class.

The bug in the issue was occurring because Vue Router applies a class name to links that are active routes. This class name is not applied when the route is activated by a link - which are 90% of the cases -, but it is when accessed from a new tab or url. Also, by default, this active route class name is router-link-active, but in the Habitica's project it is replaced via the linkActiveClass router constructor option in router/index.js.

linkActiveClass

The active class name was being applied to the like button likebutton when the user has liked someone's post and also when displaying a user's chat message while visiting its profile directly (new tab/direct url).

activeLike

The fix is changing this active like class name to activeLike, so it doens't get "triggered" by active route class name.


UUID: 40387571-91ee-489e-960f-278bf8fd503a

3) Created a Pomodoro's Timer for Habitica

This is not actually a Habitica's feature, but a script that creates a small timer as task while on the website. It's open source, so feel free to contribute!

GitHub logo Markkop / habiticaPomodoro

A userscript that displays a pomodoro timer as a task in Habitica




4) Added 'About Hacker Culture' section in TarrafaHC's webpage

I've added a new section in the Tarrafa's HackerClub page to explain a little more about the context which this hackerspace is inserted.

💖 💪 🙅 🚩
heymarkkop
Mark Kop

Posted on October 20, 2019

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

Hacktoberfest - PR#3
javascript Hacktoberfest - PR#3

October 22, 2022

Pure JS is Hard
javascript Pure JS is Hard

December 17, 2021

OpenSource Contribution - Live Coding
javascript OpenSource Contribution - Live Coding

April 14, 2020

Hacktoberfesting!
javascript Hacktoberfesting!

October 20, 2019