• last updated 1 hour ago
Constraints: committers
Constraints: files
Constraints: dates
- save dirty buffer

- replace on-click handler by event listener

- add CSP directives

- use subst instead of doublequotes

- replace "javascript:*" urls with event listeners

remove javascript urls and onclick handlers from xowiki menubar (yui and bootstrap)

- add nonce attribute to javascript created via tdom

- add HTML IDs to menu items

- add ability to add listener (list with 2 elements: type (such as

"click") and script (body of a function to be executed).

    • -1
    • +1
    • -11
    • +48
- replace onclick handle by event listener

- remove onlick handler be event listener

- avoid event bubbling for click listener

- add nonce to inline javascript

- use "-force" flag for CSP "script-src 'unsafe-inline'" for ckeditor4

- update version dependency to acs-tcl

- bump version number to 0.7

- use "-force" flag for CSP "script-src 'unsafe-inline'" for ckeditor4

- update version dependency to acs-tcl

- bump version number to 5.9.1d13

    • -3
    • +3
- adding "-force" parameter to security::csp::require

- bump version number to 5.9.1d12

    • -2
    • +2
- add conditional name normalization to simple_item_ref

    • -1
    • +4
- use "www-" prefix

-- handle ie 11 (uses a different header field for CSP)

- move CSP generation to the end

- update security settings

- use maxcdn rather than netdna CDN

    • -2
    • +2
- use maxcdn rather than netdna cdn

    • -2
    • +2
- use attribute "placeholder" rather than onfocus handler

- replace deprecated "cc_email_from_party ..." by "party::email -party_id ..."

- replace deprecated "cc_email_from_party ..." by "party::email -party_id ..."

- replace deprecated "cc_lookup_email_user ..." by "party::get_by_email -email ..."

    • -2
    • +2
- use "file rootname ..." rather than "file root ..."

- shorten export_vars argument list

- use "info procs" rather than "info proc"

- replace deprecated "cc_lookup_email_user ..." by "party::get_by_email -email ..."

- replace deprecated "cc_email_from_party ..." by "party::email -party_id ..."

    • -2
    • +2
    • -2
    • +2
- fix escaped change

- replace deprecated "cc_email_from_party ..." by "party::email -party_id ..."

- replace deprecated "cc_lookup_email_user ..." by "party::get_by_email -email ..."

- use export_vars to generate full URL

- use explicit "create" statement