• last updated 13 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
added value checker from page filters to slots: "nohtml" and "html"

Made flowplayer more secure by reject markup in argument

  1. … 3 more files in changeset.
perform checking on input variable

remove colons before object_id, otherwise there is an error from general comments

Use common interface for object reference in bulk actions

- use same interface in child-resources and form-usages (when bulk-actions are used)

- move "get_ids_for_bulk_actions" from page to package (to make in usable in www/admin)

- use consistently "get_ids_for_bulk_actions" (also in www/admin/*.tcl)

- provide backward compatibility (still support "name" and "-parent_id")

  1. … 8 more files in changeset.
don't rely on uppercase header field names

  1. … 10 more files in changeset.
no need to subst

improve spelling

fix comment and missing arguemnt

make "instantiate_forms" a method of packages

this reads better than the previous variant based on the Weblog class.

  1. … 14 more files in changeset.
fix broken variable reference (pg changed?)

replace array by dict

  1. … 1 more file in changeset.
improve wording

  1. … 2 more files in changeset.
add modification_date as default hidden field for sorting of form-usages

improve spelling

  1. … 19 more files in changeset.
fix overquoting

improve SQL quoting

  1. … 5 more files in changeset.
improve spelling

  1. … 3 more files in changeset.
factor out table-widget-procs from includelet procs

  1. … 1 more file in changeset.
split up large method into three

  1. … 1 more file in changeset.
encode includelet key to achieve higher robustness and preserve url-parameter checking

  1. … 1 more file in changeset.
the includelet_key (as defined) may contain arbitraty characters.

Maybe, the key should be encoded in the future, but for now we keep this

for compatibility with potential applications

  1. … 1 more file in changeset.
includelet form-usages: support additional button "slim_publish_status" for display similar to child-resource

ensure nonce is substituted in subst

Prefer api to retrieve csp nonce, as it performs useful existance checks

  1. … 3 more files in changeset.
- Page.create_raw_form_field:

+ add flag to control nls_language (if not used, behave like before)

- form-usages:

+ add "-date_format" flag to control formatting of dates

+ use nls_language of embedding page for form-fields in includelet

- break overlong lines

  1. … 1 more file in changeset.
Improve comments

prevent double encoding

Rename clock_to_ansi to lc_clock_to_ansi to comply with naming convention, replace occurrences, create deprecated wrapper

  1. … 5 more files in changeset.
add duplicate button support to form-usages

correct links to multiple form pages (when provided)