• last updated 17 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Removed inline event handlers from form fields and put them into body event handlers to comply with CSP

Fixed typo: kernel_id instead of $::acs::kernel_id, not yet defined.

- added new function template::add_acs_confirm_handler for standardized confirm interactions ("are you sure") in order to get rid of onclick handlers

- bump version numbers to reflect dependencies

- internationalize member confirm dialog

- replace "javascript:" urls by event listeners

- fix indentation

    • -17
    • +27
    /openacs-4/packages/dotlrn/www/members.tcl
- replace onclick/onkeypress handler with listeners

- make expressions more sane

Fixed typo mime_time -> mime_type

- turn javascript: url into an event listener

- use event listener instead of onclick handler

- hint based on "fs_title_msg" is probably not shown since many years.

- remove javascript: urls

- replace onclick/onkeypress handler with listeners

    • -4
    • +17
    /openacs-4/packages/calendar/www/mini-calendar.tcl
- replace javascript: urls by event listeners

- replace javascript: urls by event listeners

- get rid of javascript: links

- adding 'unsafe-inline' to list templates until need for "onclick" is removed

- remvoving code that was commented out

- adding nonce values to script tags

- use class = 'button' for non-navigational links

- add nonce

- add validator for forum_ids

    • -7
    • +27
    /openacs-4/packages/forums/tcl/forums-procs.tcl
    • -14
    • +13
    /openacs-4/packages/forums/www/message-post.tcl
Fixed typo - Thanks to Felix Mödritscher

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/package-procs.tcl
Fix path in commit-hook script

Provide a commit-hook script

- generalize unknown mime-type handling for form-field "file" (untested)

- use action button like on other pages

- flag success/error more prominent

- fix construction of utl when head channel is used

- handle error when opening psql and error from withing psql the same way

- improve line reaks in source control

- improve comments

Execute security::csrf::validate only for non __batch_mode requests - Many thanks to Günter Ernst.

Reactivate commit hooks

- move deprecated proc lmap (since this conflicts with the built-in function of tcl 8.6) to acs-outdated

- use dicts for default ports