From 587e83f6b1d9c10ae2d380dacd31fe91058e2055 Mon Sep 17 00:00:00 2001
From: cdtank <cdtank@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Wed, 5 Jan 2011 19:15:24 +0000
Subject: [PATCH] 1. Modified code so that external script includes from a
 secure (https) source in a template are also accepted. 2. Removed include of
 google vis  api form individual template & moved it to sparkline template.

---
 .../web/templatemodels/files/Files.java       | 20 +++++++++++++++++--
 .../freemarker/body/individual/individual.ftl |  1 -
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/files/Files.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/files/Files.java
index e0c2b3152..85dc413a8 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/files/Files.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/files/Files.java
@@ -2,7 +2,9 @@
 
 package edu.cornell.mannlib.vitro.webapp.web.templatemodels.files;
 
+import java.util.HashSet;
 import java.util.LinkedHashSet;
+import java.util.Set;
 
 import edu.cornell.mannlib.vitro.webapp.web.templatemodels.BaseTemplateModel;
 
@@ -11,6 +13,12 @@ public abstract class Files extends BaseTemplateModel {
     protected LinkedHashSet<String> list = null;
     private String themeDir = null;
     
+    @SuppressWarnings("serial")
+	private static final Set<String> allowedExternalUrlPatterns = new HashSet<String>() {{
+    	add("http://");
+    	add("https://");
+    }};  
+    
     public Files() {
         this.list = new LinkedHashSet<String>();
     }
@@ -25,9 +33,17 @@ public abstract class Files extends BaseTemplateModel {
     }
     
     public void add(String path) {
+
     	// Allow for an external url
-    	String url = path.startsWith("http://") ? path : getUrl(path);
-        list.add(url);
+    	for (String currentPattern : allowedExternalUrlPatterns) {
+    		if (path.startsWith(currentPattern)) {
+    			list.add(path);
+    			return;
+    		}
+    	}
+
+    	// If an external url pattern was not found. 
+        list.add(getUrl(path));
     }
     
     public void add(String... paths) {
diff --git a/webapp/web/templates/freemarker/body/individual/individual.ftl b/webapp/web/templates/freemarker/body/individual/individual.ftl
index 65f765257..1eb185f56 100644
--- a/webapp/web/templates/freemarker/body/individual/individual.ftl
+++ b/webapp/web/templates/freemarker/body/individual/individual.ftl
@@ -108,7 +108,6 @@ ${headScripts.add("/js/jquery_plugins/getUrlParam.js",
                   "/js/jquery_plugins/jquery.form.js",
                   "/js/tiny_mce/tiny_mce.js", 
                   "/js/controls.js",
-                  "http://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22visualization%22%2C%22version%22%3A%221%22%2C%22packages%22%3A%5B%22areachart%22%2C%22imagesparkline%22%5D%7D%5D%7D",
                   "/js/toggle.js")}
                   
 ${scripts.add("/js/imageUpload/imageUploadUtils.js")}
\ No newline at end of file