def add_front_resources(context, content): view_class = getattr(context["view"], "__class__", None) if context.get("view") else None if not view_class: return view_name = getattr(view_class, "__name__", "") if view_name in ["AddressesPhase", "CheckoutMethodPhase", "CompanyRegistrationView"]: # For front add_resources( context, fields=[ ("initializeBillingRegion", "#id_billing"), ("initializeShippingRegion", "#id_shipping") ] ) elif view_name in ["ContactEditView", "OrderAddressEditView"]: # For admin views add_resources( context, fields=[ ("initializeBillingRegion", "#id_billing_address"), ("initializeShippingRegion", "#id_shipping_address") ] ) elif view_name == "OrderEditView": # For admin order editor only regions is enough add_resource(context, "body_end", InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)})) elif view_name in ["AddressBookEditView"]: add_resources(context, fields=[("initializeRegion", "#id_address")]) elif view_name in ["WizardView"]: add_resource(context, "body_end", InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)}))
def add_front_resources(context, content): view_class = getattr(context["view"], "__class__", None) if context.get("view") else None if not view_class: return if getattr(view_class, "__name__", "") == "AddressesPhase": # For front add_resource( context, "body_end", InlineScriptResource( REGION_CHANGER_JS % { "billing_field_prefix": "#id_billing", "shipping_field_prefix": "#id_shipping", "regions": json.dumps(regions_data) })) if getattr(view_class, "__name__", "") == "ContactEditView": # For admin contact edit add_resource( context, "body_end", InlineScriptResource( REGION_CHANGER_JS % { "billing_field_prefix": "#id_billing_address", "shipping_field_prefix": "#id_shipping_address", "regions": json.dumps(regions_data) })) if getattr( view_class, "__name__", "" ) == "OrderEditView": # For admin order editor only regions is enough add_resource( context, "body_end", InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)}))
def add_resources(context, placement="body_end", fields=None): add_resource(context, placement, InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)})) add_resource(context, placement, InlineScriptResource(REGION_CHANGER_JS)) for function_name, field in fields or []: add_resource( context, placement, InlineScriptResource( CHANGER_FUNCTIONS % {"initialize_function": function_name, "region_field_prefix": field}) )
def add_resources(context, placement="body_end", fields=[""]): add_resource( context, placement, InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)})) add_resource(context, placement, InlineScriptResource(REGION_CHANGER_JS)) for field in fields: add_resource( context, placement, InlineScriptResource(CHANGER_FUNCTIONS % {"region_field_prefix": field}))
def render(self, context): add_resource(context, "body_start", "://example.com/js.js") add_resource(context, "body_start", "://foo/fuzz.png") add_resource(context, "head_end", "://example.com/css.css") add_resource(context, "body_end", InlineScriptResource("alert('xss')")) add_resource(context, "head_end", InlineScriptResource.from_vars("foos", {"bars": (1, 2, 3)})) add_resource(context, "head_end", InlineMarkupResource(self.meta_markup)) add_resource(context, "head_end", InlineMarkupResource(self.meta_markup)) # Test duplicates add_resource(context, "head_end", "") # Test the no-op branch add_resource(context, "content_start", InlineMarkupResource("START")) add_resource(context, "content_end", InlineMarkupResource("END")) return self.message
def add_front_resources(context, content): view_class = getattr(context["view"], "__class__", None) if context.get("view") else None if not view_class: return view_name = getattr(view_class, "__name__", "") if view_name in ["AddressesPhase", "SingleCheckoutPhase"]: # For front add_resources(context, fields=["#id_billing", "#id_shipping"]) elif view_name == "ContactEditView": # For admin contact edit add_resources(context, fields=["#id_billing_address", "#id_shipping_address"]) elif view_name == "OrderEditView": # For admin order editor only regions is enough add_resource( context, "body_end", InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)})) elif view_name in ["AddressBookEditView"]: add_resources(context, fields=["#id_address"]) elif view_name in ["WizardView"]: add_resource( context, "body_end", InlineScriptResource(REGIONS % {"regions": json.dumps(regions_data)}))
def add_test_injection(context, content): add_resource(context, "body_end", InlineScriptResource("window.injectedFromAddon=true;"))