Mercurial > p > roundup > code
comparison website/issues/html/page.html @ 6218:7146b68ac263
Add client_nonce to all scripts
Add:
tal:attributes="nonce request/client/client_nonce"
to script tags.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 02 Jul 2020 20:05:02 -0400 |
| parents | 11e1dd818a8f |
| children | 461a322a79af |
comparison
equal
deleted
inserted
replaced
| 6217:10d7700ff6ad | 6218:7146b68ac263 |
|---|---|
| 5 <title metal:define-slot="head_title">title goes here</title> | 5 <title metal:define-slot="head_title">title goes here</title> |
| 6 <link media="screen" href="@@file/defaultfonts.css" type="text/css" rel="alternate stylesheet" title="default fonts" /> | 6 <link media="screen" href="@@file/defaultfonts.css" type="text/css" rel="alternate stylesheet" title="default fonts" /> |
| 7 <link rel="stylesheet" type="text/css" href="@@file/style.css" /> | 7 <link rel="stylesheet" type="text/css" href="@@file/style.css" /> |
| 8 <meta http-equiv="Content-Type" | 8 <meta http-equiv="Content-Type" |
| 9 tal:attributes="content string:text/html;; charset=${request/client/charset}" /> | 9 tal:attributes="content string:text/html;; charset=${request/client/charset}" /> |
| 10 <script tal:replace="structure request/base_javascript"> | 10 <script tal:attributes="nonce request/client/client_nonce" |
| 11 tal:replace="structure request/base_javascript"> | |
| 11 </script> | 12 </script> |
| 12 <metal:x define-slot="more-javascript" /> | 13 <metal:x define-slot="more-javascript" /> |
| 13 | 14 |
| 14 </head> | 15 </head> |
| 15 <body | 16 <body |
| 360 property being searched; the "edit_ok" variable tells whether the | 361 property being searched; the "edit_ok" variable tells whether the |
| 361 current user is allowed to edit. | 362 current user is allowed to edit. |
| 362 | 363 |
| 363 See user.item.html in the classic template for examples. | 364 See user.item.html in the classic template for examples. |
| 364 --> | 365 --> |
| 365 <script metal:define-macro="user_utils" type="text/javascript" src="@@file/user_utils.js"></script> | 366 <script metal:define-macro="user_utils" type="text/javascript" |
| 367 src="@@file/user_utils.js" | |
| 368 tal:attributes="nonce request/client/client_nonce"></script> | |
| 366 | 369 |
| 367 <!-- src: value will be re-used for other input fields --> | 370 <!-- src: value will be re-used for other input fields --> |
| 368 <input metal:define-macro="user_src_input" | 371 <input metal:define-macro="user_src_input" |
| 369 type="text" tal:attributes="onblur python:edit_ok and 'split_name(this)'; | 372 type="text" tal:attributes="onblur python:edit_ok and 'split_name(this)'; |
| 370 id name; name name; value value; readonly not:edit_ok" | 373 id name; name name; value value; readonly not:edit_ok" |