Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix plagiarism detection from evaluation #5957

Merged
merged 1 commit into from
Nov 25, 2024
Merged

Fix plagiarism detection from evaluation #5957

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion app/views/evaluations/_exercises_progress_table.html.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@
</a>
<script>
dodona.ready.then(() =>{
dodona.initDolosBtn('dolos-btn-<%= meta[:exercise].id %>', "<%= series_exports_path(@evaluation.series, token: (@evaluation.series.access_token if @evaluation.series.hidden?), selected_ids: [meta[:exercise].id], evaluation: true) %>", "<%= meta[:exercise].programming_language&.renderer_name %>");
dodona.initDolosBtn('dolos-btn-<%= meta[:exercise].id %>', "<%= raw series_exports_path(@evaluation.series, token: (@evaluation.series.access_token if @evaluation.series.hidden?), selected_ids: [meta[:exercise].id], evaluation: true) %>", "<%= meta[:exercise].programming_language&.renderer_name %>");
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Similar URL encoding patterns found - needs consistent fixes

The search results reveal that there are similar patterns of URL encoding in the codebase that should be handled consistently:

  1. In submissions/index.html.erb:
dodona.initDolosBtn("dolos-btn", "<%= series_exports_path(@series, token: (@series.access_token if @series.hidden?), selected_ids: [@activity.id]) %>", ...)
  1. In visualizations/_punchcard.html.erb and _heatmap.html.erb:
dodona.initPunchcard('<%= raw punchcard_path(...) %>');
dodona.initHeatmap('<%= raw heatmap_path(...) %>');

The raw helper is already being used correctly in the visualization templates, but missing in the submissions view's Dolos button initialization, which likely suffers from the same double-encoding issue.

  • submissions/index.html.erb: Add raw helper to prevent double encoding of the URL parameters
🔗 Analysis chain

LGTM! The fix appropriately prevents URL double encoding.

The use of raw here is safe as all parameters are from trusted sources and properly escaped by Rails path helpers. This resolves the issue of URL parameters not being transmitted correctly to the backend.

Let's verify if there are other similar patterns that might need the same fix:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Find similar patterns of JavaScript initialization with path helpers
# that might need the same fix to prevent double encoding

# Look for similar JavaScript initializations with path helpers
rg -g '*.erb' "dodona\.init.*Path.*\""

# Look for other potential URL encoding issues in JavaScript
ast-grep --pattern 'dodona.init$_($_, $_)'

Length of output: 84

Script:

#!/bin/bash
# Let's try a broader search to find similar patterns

# Look for all dodona.init calls in erb files
rg -g '*.erb' 'dodona\.init' -B 1 -A 1

# Look for series_exports_path usage
rg -g '*.erb' 'series_exports_path'

# Look for other potential raw usage with paths
rg -g '*.erb' 'raw.*_path'

Length of output: 13966

})
</script>
</td>
Expand Down