Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move inline JS/CSS to files #467

Merged
merged 13 commits into from
Oct 7, 2023
Merged

Move inline JS/CSS to files #467

merged 13 commits into from
Oct 7, 2023

Conversation

FestplattenSchnitzel
Copy link
Member

  • Run the tests and see them pass
  • Rebase your branch on top of develop
  • Include tests for features you introduced / bugs you fixed

Closes #453 .

@lukasjuhrich
Copy link
Collaborator

I don't understand the commit message in 3a4246fb1a017ff4810e622a357318e094f8e676 – what is the content repository?

@FestplattenSchnitzel
Copy link
Member Author

I don't understand the commit message in 3a4246fb1a017ff4810e622a357318e094f8e676 – what is the content repository?

The repository for documents, documents_restricted the news, the (flat) pages etc.
https://git.agdsn.de/sipa-content/content in our case.

@lukasjuhrich
Copy link
Collaborator

Ah, nevermind. I forgot to translate „content“ to „sipa-content.git repo“ in my head. Of course I know that. Thanks for clarifying.

@FestplattenSchnitzel FestplattenSchnitzel force-pushed the move_CSS/JS_to_files branch 3 times, most recently from 00b0a97 to cc8d4d8 Compare October 1, 2023 14:16
agmes4 and others added 8 commits October 7, 2023 10:41
@agmes4 @FestplattenSchnitzel
refactor templates
157f456 
moving css to the css file
moved some js to the js file
Problem: some js code need to be rendered by jinja to get the unsupported dorms

#453
@FestplattenSchnitzel
Move style elements and inline styles to their own files
f8b636e
@FestplattenSchnitzel
Move script elements to their own files
7f7fc8e
@FestplattenSchnitzel
Remove useless trailing '#' from templates
2d548a3
@FestplattenSchnitzel
Remove unused JS, CSS files
79661e1 
* The required leaflet* files are now included in the 'content'
  repository.
* raphael.2.1.0.min.js was seemingly used for the traffic limit gauge in
  the past.
@FestplattenSchnitzel
Remove unnecessary type="text/javascript"
1d6ab3c
@FestplattenSchnitzel
Remove unused error.log
61f059e
@FestplattenSchnitzel
Remove dynamic content remains
0f244e2
@FestplattenSchnitzel FestplattenSchnitzel marked this pull request as ready for review October 7, 2023 09:48
@FestplattenSchnitzel
Copy link
Member Author

@lukasjuhrich it seems you forgot to add the changes in sipa/initialization.py that added the other CSP headers.

@FestplattenSchnitzel FestplattenSchnitzel marked this pull request as draft October 7, 2023 10:05
@FestplattenSchnitzel FestplattenSchnitzel marked this pull request as ready for review October 7, 2023 16:27
@lukasjuhrich
Add custom nonces to inline scripts and styles returned by pygal
1d9c4a3 
This sets a hard-coded `script_src` and `style_src` CSP that is only
returned in the usersuite index, which is the only location where we
use `pygal`.

This allows us to forbid un-tagged inline scripts and styles via CSP.

`flask.g` is used because we (unfortunately) render the traffic graph
indirectly via global jinja callable instead of passing it directly to
the template as an argument.
@lukasjuhrich
Improve whitespace control around locale script in layout
ade8a63
@lukasjuhrich
Set reasonable CSP values by default
fa2dfb9
@lukasjuhrich
Apply nonces to CSP in central module
c663224
@lukasjuhrich
Improve usersuite scrollspy JS
4555372
@lukasjuhrich lukasjuhrich merged commit e6d341d into develop Oct 7, 2023
7 checks passed
@lukasjuhrich lukasjuhrich deleted the move_CSS/JS_to_files branch October 18, 2023 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukasjuhrich lukasjuhrich lukasjuhrich approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move inline CSS / JS to files
3 participants
@FestplattenSchnitzel @lukasjuhrich @agmes4