Mercurial > p > roundup > code
view website/issues/html/keyword.item.html @ 5211:f4b6a2a3e605
Fix expiration dates and expire csrf tokens properly
In client.py: add explicit expiration of csrf tokens to
handle_csrf. There is a clean_up() that runs on every client
connection before handle)csrf is invoked, but it only cleans every
hour. With short lived tokens this is insufficient. Also remove
debugging.
In templating.py fix values for seconds/week and minutes per week. The
original values were shifted/transposed and an order of magnitude off.
In test_templating.py again fix seconds/week constant.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 19 Mar 2017 17:10:13 -0400 |
| parents | c2d0d3e9099d |
| children | eff9c5435acc |
line wrap: on
line source
<tal:doc metal:use-macro="templates/page/macros/icing" define="edit_ok context/is_edit_ok" > <title metal:fill-slot="head_title"> <tal:if condition="context/id" i18n:translate="" >Keyword <span tal:replace="context/id" i18n:name="id" />: <span tal:replace="context/name" i18n:name="title" /> - <span tal:replace="config/TRACKER_NAME" i18n:name="tracker" /></tal:if> <tal:if condition="not:context/id" i18n:translate="" >New Keyword - <span tal:replace="config/TRACKER_NAME" i18n:name="tracker" /></tal:if> </title> <metal:slot fill-slot="more-javascript"> <script type="text/javascript" src="@@file/help_controls.js"></script> </metal:slot> <tal:block metal:fill-slot="body_title" define="edit_ok context/is_edit_ok"> <span tal:condition="python: not (context.id or edit_ok)" tal:omit-tag="python:1" i18n:translate="">New Keyword</span> <span tal:condition="python: not context.id and edit_ok" tal:omit-tag="python:1" i18n:translate="">New Keyword Editing</span> <span tal:condition="python: context.id and not edit_ok" tal:omit-tag="python:1" i18n:translate="">Keyword<tal:x replace="context/id" i18n:name="id" /></span> <span tal:condition="python: context.id and edit_ok" tal:omit-tag="python:1" i18n:translate="">Keyword<tal:x replace="context/id" i18n:name="id" /> Editing</span> </tal:block> <td class="content" metal:fill-slot="content"> <p tal:condition="python:not (context.is_view_ok() or request.user.hasRole('Anonymous'))" i18n:translate=""> You are not allowed to view this page.</p> <p tal:condition="python:not context.is_view_ok() and request.user.hasRole('Anonymous')" i18n:translate=""> Please login with your username and password.</p> <div tal:condition="context/is_view_ok"> <form method="POST" tal:define="required python:'name description'.split()" enctype="multipart/form-data" tal:attributes="action context/designator;"> <table class="form"> <tr> <th class="required" i18n:translate="">Keyword:</th> <td tal:content="structure python:context.name.field(size=60)">title</td> </tr> <tr> <th class="required" i18n:translate="">Description:</th> <td tal:content="structure python:context.description.field(size=60)">description</td> </tr> <tr tal:condition="context/is_edit_ok"> <td> <input type="hidden" name="@template" value="item"> <input type="hidden" name="@required" value="name,description" tal:attributes="value python:','.join(required)"> </td> <td><input type="submit" value="save" tal:replace="structure context/submit"><!--submit button here--> <input type="reset"> </td> </tr> </table> </form> </div> </td> </tal:doc>