p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Refs #25706 - Removed inline JavaScript from OpenLayers template. 

This allows setting a Content-Security-Policy HTTP header.
This commit is contained in:
Claude Paroz 2021-11-30 06:35:15 +01:00 committed by GitHub
parent 3ff7f6cf07
commit 322a1a037d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
django/contrib/gis/static/gis/js/OLMapWidget.js
View File

@ -107,6 +107,13 @@ ol.inherits(GeometryTypeControl, ol.control.Control);
if (initial_value && !this.options.is_collection) {
this.disableDrawing();
}
const clearNode = document.getElementById(this.map.getTarget()).nextElementSibling;
if (clearNode.classList.contains('clear_features')) {
clearNode.querySelector('a').addEventListener('click', (ev) => {
ev.preventDefault();
self.clearFeatures();
});
}
this.ready = true;
}

2
django/contrib/gis/templates/gis/openlayers.html
View File

@ -9,7 +9,7 @@
<div id="{{ id }}_div_map">
<div id="{{ id }}_map"></div>
{% if not disabled %}<span class="clear_features"><a href="javascript:{{ module }}.clearFeatures()">{% translate "Delete all Features" %}</a></span>{% endif %}
{% if not disabled %}<span class="clear_features"><a href="">{% translate "Delete all Features" %}</a></span>{% endif %}
{% if display_raw %}<p>{% translate "Debugging window (serialized value)" %}</p>{% endif %}
<textarea id="{{ id }}" class="vSerializedField required" cols="150" rows="10" name="{{ name }}">{{ serialized }}</textarea>
<script>