#25165 closed Cleanup/optimization (fixed)
Move JavaScript calls out of HTML to fix JavaScript "no-script-eval" warnings
Reported by: | Tim Graham | Owned by: | |
---|---|---|---|
Component: | contrib.admin | Version: | dev |
Severity: | Release blocker | Keywords: | |
Cc: | Triage Stage: | Accepted | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
Run the JavaScript tests and you'll see some warnings about "Script URL is a form of eval". These should be replaced with click handlers (href="#" and then use id or class attributes to select the element in the JavaScript and register a click handler there, with "return false" to stop event propagation).
Change History (14)
comment:1 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:4 by , 9 years ago
Has patch: | unset |
---|---|
Resolution: | fixed |
Severity: | Normal → Release blocker |
Status: | closed → new |
Hi Thomas, I noticed a regression due to this change. Go to the admin change form of an object with a foreign key and use the "Add another" button on the foreign key field. After creating a new object using the popup, the popup doesn't close and the JavaScript console displays TypeError: text.replace is not a function
. Are you able to investigate?
comment:5 by , 9 years ago
The selenium test added in f18b08748abaecb171fdcbcdfdcd7e4d95d931d1 can likely be extended for this fix.
comment:6 by , 9 years ago
Another regression: when using the "Add another" button on a foreign key to a UUIDField
in the admin, the JSON serialization will fail with TypeError: UUID('f9cd8eb4-7c00-407b-bc35-17a8a8d0b9f0') is not JSON serializable
.
comment:7 by , 9 years ago
PR for the second regression (waiting to corporate the tests from a patch for the stable/1.9.x
branch as noted there).
comment:11 by , 9 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Will take a look.