Ticket #914: admin_modify.py.patch

File admin_modify.py.patch, 912 bytes (added by gandalf@…, 19 years ago)

add checking for / and url's for js in admin media

  • admin_modify.py

     
    1616    return '_'.join([s.lower() for s in word_re.findall(name)[:-1]])
    1717
    1818def include_admin_script(script_path):
    19     return '<script type="text/javascript" src="%s%s"></script>' % (ADMIN_MEDIA_PREFIX, script_path)
     19    url_pattern = (r'''(?x)((http|https|ftp)://(\w+[:.]?){2,}(/?|[^ \n\r"']+[\w/!?.=#])
     20                     (?=[\s\.,>)"'\]]))''')
     21    if re.match(url_pattern, script_path) or script_path[0] == '/':
     22        return '<script type="text/javascript" src="%s"></script>' % (script_path)
     23    else:
     24        return '<script type="text/javascript" src="%s%s"></script>' % (ADMIN_MEDIA_PREFIX, script_path)
    2025include_admin_script = register.simple_tag(include_admin_script)
    2126
    2227def submit_row(context, bound_manipulator):
Back to Top