Mercurial Repository: p/roundup/code: share/roundup/templates/classic/html/page.html history

bug: make web page follow login_empty_passwords setting.

2026-03-18T17:49:16-04:00

changeset	4184173d364f
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	bug: make web page follow login_empty_passwords setting. remove the required attribute from password input in the the html templates if login_empty_passwords is enabled in config.ini. Also document in upgrading.txt.
files

fix: make user_src_input generate valid javascript

2025-09-25T23:30:07-04:00

changeset	15a92b0a9b79
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	fix: make user_src_input generate valid javascript user_src_input used to generate False if edit_ok == False in this statement: tal:attributes="onblur python:edit_ok and 'split_name(this)'; but False isn't a boolean in javascript, so it throws an error in the console. Changed to use: tal:attributes="onblur python:'split_name(this)' if edit_ok else ''; which generates an empty onblur if the field is not editable.
files

fix: issue2551390 - Replace text input/calendar popup with native date input

2025-01-18T12:23:23-05:00

changeset	2bf0c4e7795e
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	fix: issue2551390 - Replace text input/calendar popup with native date input Docs, code and test changes for the changeover to a native date element. See issue for details.
files

fix: disable spellchecking for password fields

2024-07-07T10:49:40-04:00

changeset	0e382e97f0e3
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	fix: disable spellchecking for password fields Some browser can send password to a server for spellchecking. This gives the browser a strong hint that they should not spellcheck a password. Since a Password is not supposed to be a real word in any language, spellchecking is worthless.
files

feat: add to templates - issue 2551353 - add roundup-classhelper

2024-05-25T19:13:29-04:00

rather than the expression editor if you wanted.

Note that the search_* macros are not documented AFAICT. I can't
find search_multiselect and search_popup used in any of the stock
templates.

issue.item.html:

Wrap classhelp links with roundup-classhelper. Configure
data-search-with to emulate (or enhance) original classhelper
popups.

For user classhelpers show roles search only if he user has an Admin
role.

_generic.translation, classhelper.css:

import from https://github.com/UMB-CS-682-Team-03/tracker
rev: 1b897b1

classhelper.js:

import from https://github.com/UMB-CS-682-Team-03/tracker
rev: 1b897b1

with one change. Change roles endpoint from "/rest/roles" to
"/rest/data/user/roles" to match new endpoint added to Roundup.

changeset	8c47672acc33
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	feat: add to templates - issue 2551353 - add roundup-classhelper Incorporate roundup-classhelper into templates. page.html: add script tag to load classhelper.js Wrap classhelp links in the macros: search_popup and search_multiselect with roundup-classhelper. Implement mechanism to set data-search-with using data_search_with variable defined in tal in the scope enclosing the macro call. E.G. in issue.search.html you could use:
Keyword:
files

fix: duplicate password id generated for user.item.html

2023-10-26T13:17:52-04:00

changeset	a27f30709d46
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	fix: duplicate password id generated for user.item.html Fix the user_confirm_input macro at the end of html/page.html to modify the id so it doesn't duplicate the one used for the regular password.
files

Make username/password required in login form

2021-07-31T20:37:31-04:00

changeset	d067b089b90b
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	Make username/password required in login form On login form, require both password and login name. Neither can be empty. Addeing required to both input field will invoke browser validation (where available) indicating a problem when logging in.
files

Replace http:....roundup-tracker.org with https. Also fix wiki links.

2020-09-09T21:30:03-04:00

changeset	7f661d431a80
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	Replace http:....roundup-tracker.org with https. Also fix wiki links.
files

Templates: (minor) removes leading tabs.

2018-03-14T15:49:04+01:00

changeset	2cf1ef385d0d
branch
bookmark
tag
user	Bernhard Reiter <bernhard@intevation.de>
description	Templates: (minor) removes leading tabs. * Removes tabs in classic and minimal templates that have been introduced with the csrf improvements of 5204:c8bf4e9912ed and 5205:9cd95b1ead8e and probably some more in the same files. So the indentation is more consistent and no leading tabs are used. No entry in CHANGES.txt because the cleanup change is unsignificant whitespace only and does no require an update of the templates when upgrading roundup.
files

convert classic template for csrf defense

2017-03-18T22:55:50-04:00

changeset	c8bf4e9912ed
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	convert classic template for csrf defense
files

issue2550795: @dispname query args in page.html search links

2016-07-22T15:48:57-04:00

changeset	882fa4d9bead
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	issue2550795: @dispname query args in page.html search links not valid html. Some queries with names that include spaces are not properly url encoded/quoted. I.E. a space should be replaced with %20. Fixes to allow a url_query method to be applied to HTMLStringProperty to properly quote string values passed as part of a url.
files

issue2550785: Using login from search (or logout) fails. when

2016-07-03T12:32:35-04:00

changeset	894aa07be6cb
branch
bookmark
tag
user	John Rouillard <rouilj@ieee.org>
description	issue2550785: Using login from search (or logout) fails. when logging in from a search page or after a logout it fails with an error. The fix also keeps the user on the same page they started from (e.g. search results) before the login. There are two parts to this: 1) changes to the templates to properly define the __came_from form element. 2) code changes to the LoginAction code in roundup/cgi/actions.py. New test code added. Needed some additional functions from urllib so urllib_.py got a change.
files

Different approach to fix XSS in issue2550817

2014-03-31T18:19:23+02:00

changeset	ca692423e401
branch
bookmark
tag
user	Ralf Schlatterbeck <rsc@runtux.com>
description	Different approach to fix XSS in issue2550817 Encapsulate the error/ok message append method as add_ok_message and add_error_message. The new approach escapes the messages when appending -- at a point in the code where we still know where the message comes from. Escaping is the default but can bei turned off. This also fixes issue2550836 where certain messages may contain links. Another advantage of the new fix is that users don't need to change installed trackers and are secure by default.
files

Fix XSS in issue2550817

2013-12-20T18:24:10+01:00

changeset	24b8011cd2dc
branch
bookmark
tag
user	Ralf Schlatterbeck <rsc@runtux.com>
description	Fix XSS in issue2550817 Note that the code that triggers that particular bug is no longer in roundup core. But the change to the templates we suggest is a lot safer as it always escapes the error and ok messages now. If you are upgrading: you MUST read doc/upgrading.txt and do the necessary changes to your templates, the escaping now happens in the template and not in the roundup code. So if you don't make the necessary changes you are vulnerable.
files

Nicer display of multi-line error messages.

2012-05-14T13:04:20+02:00

changeset	9d5825bf0b2d
branch
bookmark
tag
user	Ralf Schlatterbeck <rsc@runtux.com>
description	Nicer display of multi-line error messages.
files

Multilinks can be filtered by combining elements with AND, OR and NOT now.

2010-11-08T16:21:02+00:00

changeset	f1fe6fd0aa61
branch
bookmark
tag
user	Bernhard Reiter <Bernhard.Reiter@intevation.de>
description	Multilinks can be filtered by combining elements with AND, OR and NOT now. A javascript gui was added for "keywords", see issue2550648. Developed by Sascha Teichmann; funded by Intevation. (Bernhard Reiter)
files

Allow search_popup macro to work with all db classes, issue2550567

2010-10-07T02:30:46+00:00

changeset	c114843fcfbc
branch
bookmark
tag
user	Richard Jones <richard@users.sourceforge.net>
description	Allow search_popup macro to work with all db classes, issue2550567 (thanks John Kristensen)
files

Small CSS improvements regarding the search box

2009-09-14T20:34:50+00:00

changeset	49e3f85e9feb
branch
bookmark
tag
user	Bernhard Reiter <Bernhard.Reiter@intevation.de>
description	Small CSS improvements regarding the search box (thanks Thomas Arendsan Hein)(issue 2550589)
files

Fix issue2550553.

2009-06-30T01:41:11+00:00

changeset	42331c201b02
branch
bookmark
tag
user	Stefan Seefeld <stefan@seefeld.name>
description	Fix issue2550553.
files

Fix 'help' links.

2009-06-17T15:07:18+00:00

changeset	fc046d006c79
branch
bookmark
tag
user	Stefan Seefeld <stefan@seefeld.name>
description	Fix 'help' links.
files

Move templates/ to share/roundup/templates/

2009-02-23T15:31:29+00:00

changeset	a6fdaaa3a8bd
branch
bookmark
tag
user	Stefan Seefeld <stefan@seefeld.name>
description	Move templates/ to share/roundup/templates/
files