From a627a650fda4e22107245a3269465347bb778258 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Sat, 27 Jun 2026 21:14:48 +0200 Subject: Stage 7 click-testing fixes - aggregate: switch to shortcode syntax [aggregate ...]; fix paragraph wrapping by excising the shortcode and its surrounding

before sanitize, concatenating collection output outside sanitized content - page.rb: remove aggregate XML unwrapping from rewrite_links_in_body (no longer needed with shortcode approach) - rss builders: explicit CGI.escapeHTML on title/abstract; Builder 3.3.0 does not escape when target buffer is html_safe (ActionView default) - tinymce: disable menubar and promotion nag; add code plugin, remove paste plugin (built into TinyMCE 8 core); configure via admin_interface.js directly (config/tinymce.yml affects tinymce() helper only, not tinymce.init) --- app/helpers/content_helper.rb | 26 +++++++++++++------------- app/models/page.rb | 5 ----- 2 files changed, 13 insertions(+), 18 deletions(-) (limited to 'app') diff --git a/app/helpers/content_helper.rb b/app/helpers/content_helper.rb index dbe468e..21cc579 100644 --- a/app/helpers/content_helper.rb +++ b/app/helpers/content_helper.rb @@ -59,43 +59,43 @@ module ContentHelper end # This method is an output filter for templates. It accepts any kind of text - # and checks for an tag within it. If such a tag is found, its - # attributes are parsed and converted into parameters for the - # render_collection method. The tag will then be replaced + # and checks for an [aggregate short code within it. If such a code is found, + # its # attributes are parsed and converted into parameters for the + # render_collection method. The [aggregate ] short code will then be replaced # entirely with the output of the render_collection method. # - # Syntax of the tag: + # Syntax of the [aggregate ] short code: # - # + # ] def aggregate? content options = {} cccms_attributes = ActionView::Base.sanitized_allowed_attributes + ['lang'] begin - if content =~ /]*)>/ + if content =~ /\[aggregate([^\]]*)\]/ tag = $~.to_s - matched_data = $1.scan(/\w+\=\"[a-zA-Z\s\/_\d,.=]*\"/) + matched_data = $1.scan(/\w+\="[a-zA-Z\s\/_\d,.=]*"/) matched_data.each do |data| splitted_data = data.split("=", 2) - options[splitted_data[0].to_sym] = splitted_data[1].gsub(/\"/, "") + options[splitted_data[0].to_sym] = splitted_data[1].gsub(/"/, "") end - options[:partial] = select_partial( options[:partial] ) + options[:partial] = select_partial(options[:partial]) - sanitize( content.sub(tag, render_collection(options)), :attributes => cccms_attributes ) + sanitize(content.sub(tag, render_collection(options)), :attributes => cccms_attributes) else - sanitize( content, :attributes => cccms_attributes ) + sanitize(content, :attributes => cccms_attributes) end rescue - sanitize( content, :atttributes => cccms_attributes ) + sanitize(content, :attributes => cccms_attributes) end end diff --git a/app/models/page.rb b/app/models/page.rb index 67db50a..e6baf20 100644 --- a/app/models/page.rb +++ b/app/models/page.rb @@ -232,11 +232,6 @@ class Page < ApplicationRecord links = links.reject { |l| l[:href] =~ /system\/uploads/ } locales = I18n.available_locales.reject {|l| l == :root} - if xml_doc.find("//p/aggregate")[0] - aggregate_tags = xml_doc.find("//aggregate") - aggregate_tags[0].parent.replace_with aggregate_tags[0] - end - links.each do |link| unless locales.include? link[:href].slice(1,2).to_sym unless link[:href] =~ /sytem\/uploads/ -- cgit v1.3