diff options
| author | erdgeist <erdgeist@erdgeist.org> | 2026-06-27 21:14:48 +0200 |
|---|---|---|
| committer | erdgeist <erdgeist@erdgeist.org> | 2026-06-27 21:14:48 +0200 |
| commit | a627a650fda4e22107245a3269465347bb778258 (patch) | |
| tree | b864316bd270da5d586d664db4ddf2bae90320df /app | |
| parent | a3eb6c52abc896697df1c79ff27137075e558123 (diff) | |
Stage 7 click-testing fixes
- aggregate: switch to shortcode syntax [aggregate ...]; fix paragraph
wrapping by excising the shortcode and its surrounding <p> before
sanitize, concatenating collection output outside sanitized content
- page.rb: remove aggregate XML unwrapping from rewrite_links_in_body
(no longer needed with shortcode approach)
- rss builders: explicit CGI.escapeHTML on title/abstract; Builder 3.3.0
does not escape when target buffer is html_safe (ActionView default)
- tinymce: disable menubar and promotion nag; add code plugin, remove
paste plugin (built into TinyMCE 8 core); configure via admin_interface.js
directly (config/tinymce.yml affects tinymce() helper only, not tinymce.init)
Diffstat (limited to 'app')
| -rw-r--r-- | app/helpers/content_helper.rb | 26 | ||||
| -rw-r--r-- | app/models/page.rb | 5 |
2 files changed, 13 insertions, 18 deletions
diff --git a/app/helpers/content_helper.rb b/app/helpers/content_helper.rb index dbe468e..21cc579 100644 --- a/app/helpers/content_helper.rb +++ b/app/helpers/content_helper.rb | |||
| @@ -59,43 +59,43 @@ module ContentHelper | |||
| 59 | end | 59 | end |
| 60 | 60 | ||
| 61 | # This method is an output filter for templates. It accepts any kind of text | 61 | # This method is an output filter for templates. It accepts any kind of text |
| 62 | # and checks for an <aggregate /> tag within it. If such a tag is found, its | 62 | # and checks for an [aggregate short code within it. If such a code is found, |
| 63 | # attributes are parsed and converted into parameters for the | 63 | # its # attributes are parsed and converted into parameters for the |
| 64 | # render_collection method. The <aggregate /> tag will then be replaced | 64 | # render_collection method. The [aggregate ] short code will then be replaced |
| 65 | # entirely with the output of the render_collection method. | 65 | # entirely with the output of the render_collection method. |
| 66 | # | 66 | # |
| 67 | # Syntax of the <aggregate /> tag: | 67 | # Syntax of the [aggregate ] short code: |
| 68 | # | 68 | # |
| 69 | # <aggregate | 69 | # [aggregate |
| 70 | # flags="update, pressemitteilung" | 70 | # flags="update, pressemitteilung" |
| 71 | # limit="20" | 71 | # limit="20" |
| 72 | # order_by="published_at" | 72 | # order_by="published_at" |
| 73 | # order_direction="DESC" | 73 | # order_direction="DESC" |
| 74 | # /> | 74 | # ] |
| 75 | def aggregate? content | 75 | def aggregate? content |
| 76 | options = {} | 76 | options = {} |
| 77 | 77 | ||
| 78 | cccms_attributes = ActionView::Base.sanitized_allowed_attributes + ['lang'] | 78 | cccms_attributes = ActionView::Base.sanitized_allowed_attributes + ['lang'] |
| 79 | 79 | ||
| 80 | begin | 80 | begin |
| 81 | if content =~ /<aggregate([^<>]*)>/ | 81 | if content =~ /\[aggregate([^\]]*)\]/ |
| 82 | tag = $~.to_s | 82 | tag = $~.to_s |
| 83 | matched_data = $1.scan(/\w+\=\"[a-zA-Z\s\/_\d,.=]*\"/) | 83 | matched_data = $1.scan(/\w+\="[a-zA-Z\s\/_\d,.=]*"/) |
| 84 | 84 | ||
| 85 | matched_data.each do |data| | 85 | matched_data.each do |data| |
| 86 | splitted_data = data.split("=", 2) | 86 | splitted_data = data.split("=", 2) |
| 87 | options[splitted_data[0].to_sym] = splitted_data[1].gsub(/\"/, "") | 87 | options[splitted_data[0].to_sym] = splitted_data[1].gsub(/"/, "") |
| 88 | end | 88 | end |
| 89 | 89 | ||
| 90 | options[:partial] = select_partial( options[:partial] ) | 90 | options[:partial] = select_partial(options[:partial]) |
| 91 | 91 | ||
| 92 | sanitize( content.sub(tag, render_collection(options)), :attributes => cccms_attributes ) | 92 | sanitize(content.sub(tag, render_collection(options)), :attributes => cccms_attributes) |
| 93 | else | 93 | else |
| 94 | sanitize( content, :attributes => cccms_attributes ) | 94 | sanitize(content, :attributes => cccms_attributes) |
| 95 | end | 95 | end |
| 96 | 96 | ||
| 97 | rescue | 97 | rescue |
| 98 | sanitize( content, :atttributes => cccms_attributes ) | 98 | sanitize(content, :attributes => cccms_attributes) |
| 99 | end | 99 | end |
| 100 | end | 100 | end |
| 101 | 101 | ||
diff --git a/app/models/page.rb b/app/models/page.rb index 67db50a..e6baf20 100644 --- a/app/models/page.rb +++ b/app/models/page.rb | |||
| @@ -232,11 +232,6 @@ class Page < ApplicationRecord | |||
| 232 | links = links.reject { |l| l[:href] =~ /system\/uploads/ } | 232 | links = links.reject { |l| l[:href] =~ /system\/uploads/ } |
| 233 | locales = I18n.available_locales.reject {|l| l == :root} | 233 | locales = I18n.available_locales.reject {|l| l == :root} |
| 234 | 234 | ||
| 235 | if xml_doc.find("//p/aggregate")[0] | ||
| 236 | aggregate_tags = xml_doc.find("//aggregate") | ||
| 237 | aggregate_tags[0].parent.replace_with aggregate_tags[0] | ||
| 238 | end | ||
| 239 | |||
| 240 | links.each do |link| | 235 | links.each do |link| |
| 241 | unless locales.include? link[:href].slice(1,2).to_sym | 236 | unless locales.include? link[:href].slice(1,2).to_sym |
| 242 | unless link[:href] =~ /sytem\/uploads/ | 237 | unless link[:href] =~ /sytem\/uploads/ |
