]> git.openstreetmap.org Git - osqa.git/blob - forum/skins/default/templates/answer_edit.html
projects / osqa.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / skins / default / templates / answer_edit.html
1 {% extends "base.html" %}
2 <!-- template answer_edit.html -->
3 {% load i18n %}
4 {% load extra_tags %}
5 {% block title %}{% spaceless %}{% trans "Edit answer" %}{% endspaceless %}{% endblock %}
6 {% block forejs %}
7         <script type='text/javascript' src='{% media  "/media/js/wmd/showdown.js" %}'></script>
8         <script type='text/javascript' src='{% media  "/media/js/wmd/wmd.js" %}'></script>
9         <script type='text/javascript' src='{% media  "/media/js/html_sanitizer.js" %}'></script>
10         <link rel="stylesheet" type="text/css" href="{% media  "/media/js/wmd/wmd.css" %}" />
11         <script type="text/javascript">
12         
13         $().ready(function(){
14             $("#nav_questions").attr('className',"on");
15             $('#editor').TextAreaResizer();
16
17
18             //toggle preview of editor
19             var display = true;
20             var txt = "{% trans "hide preview" %}";
21             $('#pre-collapse').text(txt);
22             $('#pre-collapse').bind('click', function(){
23                 txt = display ? "{% trans "show preview" %}" : "{% trans "hide preview" %}";
24                 display = !display;
25                 $('#previewer').toggle();
26                 $('#pre-collapse').text(txt);
27             });
28
29
30             $('#id_revision').unbind().change(function(){
31                 $("#select_revision").click();
32             });
33
34
35             answer = $("textarea#editor")[0].value;
36         });
37
38
39         function submitClicked(e, f) {
40             if(!(browserTester('chrome') || browserTester('safari'))) {
41                 $("input.submit")[0].disabled=true;
42                 $("input.submit")[1].disabled=true;
43             }
44             window.removeEventListener('beforeunload', beforeUnload, true);
45             if (f) {
46                 f.submit();
47             }
48         }
49
50         function beforeUnload(e) {
51             if($("textarea#editor")[0].value != answer) {
52                  return yourWorkWillBeLost(e);
53             }
54         }
55         window.addEventListener('beforeunload', beforeUnload, true);
56
57         var answer = "";
58         </script>
59 {% endblock %}
60         
61 {% block content %}
62 <div id="main-bar" class="headNormal">
63     {% trans "Edit answer" %} [<a href="{{ answer.question.get_absolute_url }}#{{ answer.id }}">{% trans "back" %}</a>]
64 </div>
65 <div id="main-body" class="ask-body">
66     <div id="askform">
67         <form id="fmedit" action="{% url edit_answer answer.id %}" method="post">
68             {% csrf_token %}
69             <label for="id_revision" ><strong>{% trans "revision" %}:</strong></label> <br/> 
70             {% if revision_form.revision.errors %}{{ revision_form.revision.errors.as_ul }}{% endif %}
71             <div>
72             {{ revision_form.revision }} <input type="submit" style="display:none" id="select_revision" name="select_revision" value="{% trans "select revision" %}">
73             </div>
74             <div class="form-item">
75                 <div id="wmd-button-bar" class="wmd-panel"></div>
76                 {{ form.text }}
77                 <span class="form-error"></span>
78                 <div class="preview-toggle"><span id="pre-collapse" 
79                                         title="{% trans "Toggle the real time Markdown editor preview" %}">{% trans "toggle preview" %}</span>
80                             <span style="text-align: right; margin-left: 200px;" id="editor-metrics"></span>
81                                 {% if settings.WIKI_ON %}
82                     <div style="float:right;">
83                         {{ form.wiki }} <span style="color:#000;cursor:help" title="{{form.wiki.help_text}}">{{ form.wiki.label_tag }} </span>
84                     </div>
85                     {% endif %}
86                 </div>
87                 <div id="previewer" class="wmd-preview"></div>
88             </div>
89             
90             <strong>{{ form.summary.label_tag }}</strong> <br/>
91             {{ form.summary }}  {{ form.summary.errors }}
92             <div class="title-desc">
93                 {{ form.summary.help_text }}
94             </div>
95             
96             {% if form.recaptcha %}
97             <div class="question-captcha">
98                 {{ form.recaptcha.errors }}
99                 {{ form.recaptcha }}
100             </div>
101             {% endif %}
102             
103             <input type="button" value="{% trans "Save edit" %}" class="submit" onclick="submitClicked(event, this.form)" />
104             <input type="button" value="{% trans "Cancel" %}" class="submit" onclick="submitClicked(event, this.form);history.back(-1);" />
105         </form>
106     </div>
107 </div>
108 {% endblock %}
109
110 {% block sidebar %}
111 {% include "answer_edit_tips.html" %}
112 {% endblock %}
113
114 {% block endjs %}
115 {% endblock %}
116 <!-- end template answer_edit.html -->
OSQA