Exemple #1
0
def test_injecting_into_weird_places():
    request = get_request()
    (template, layout, gibberish, ctx) = get_test_template_bits(request, **{
        RESOURCE_CONTAINER_VAR_NAME: ResourceContainer()
    })
    with pytest.raises(ValueError):
        add_resource(ctx, "yes", "hello.js")
Exemple #2
0
def add_edit_resources(context):
    """
    Possibly inject Xtheme editor injection resources into the given
    context's resources.

    :param context: Jinja rendering context
    :type context: jinja2.runtime.Context
    """
    request = context.get("request")
    if not (request and could_edit(request) and may_inject(context)):
        return
    from .rendering import get_view_config  # avoid circular import
    from .theme import get_current_theme
    view_config = get_view_config(context)
    theme = get_current_theme(request=request)
    if not theme:
        return
    add_resource(context, "body_end", InlineScriptResource.from_vars("XthemeEditorConfig", {
        "commandUrl": "/xtheme/",  # TODO: Use reverse("shoop:xtheme")?
        "editUrl": "/xtheme/editor/",  # TODO: Use reverse("shoop:xtheme")?
        "themeIdentifier": theme.identifier,
        "viewName": view_config.view_name,
        "edit": is_edit_mode(request),
        "csrfToken": get_token(request),
    }))
    add_resource(context, "body_end", staticfiles_storage.url("xtheme/editor-injection.js"))
Exemple #3
0
def add_edit_resources(context):
    """
    Possibly inject Xtheme editor injection resources into the given
    context's resources.

    :param context: Jinja rendering context
    :type context: jinja2.runtime.Context
    """
    request = context.get("request")
    if not (request and could_edit(request) and may_inject(context)):
        return
    from .rendering import get_view_config  # avoid circular import
    from .theme import get_current_theme
    view_config = get_view_config(context)
    theme = get_current_theme(request=request)
    if not theme:
        return
    add_resource(
        context,
        "body_end",
        InlineScriptResource.from_vars(
            "XthemeEditorConfig",
            {
                "commandUrl": "/xtheme/",  # TODO: Use reverse("shoop:xtheme")?
                "editUrl":
                "/xtheme/editor/",  # TODO: Use reverse("shoop:xtheme")?
                "themeIdentifier": theme.identifier,
                "viewName": view_config.view_name,
                "edit": is_edit_mode(request),
                "csrfToken": get_token(request),
            }))
    add_resource(context, "body_end",
                 staticfiles_storage.url("xtheme/editor-injection.js"))
Exemple #4
0
    def render(self, context):
        """
        Custom render for to add css resource for carousel

        :param context: current context
        :return: html content for the plugin
        """
        add_resource(context, "head_end", "%sshoop_carousel/css/style.css" % settings.STATIC_URL)
        return super(CarouselPlugin, self).render(context)
Exemple #5
0
def test_without_rc():
    request = get_request()
    (template, layout, gibberish, ctx) = get_test_template_bits(request)
    assert not add_resource(ctx, "yes", "hello.js")
    content1 = "<html>"
    content2 = inject_resources(ctx, content1)
    assert content1 == content2
Exemple #6
0
def test_without_rc():
    request = get_request()
    (template, layout, gibberish, ctx) = get_test_template_bits(request)
    assert not add_resource(ctx, "yes", "hello.js")
    content1 = "<html>"
    content2 = inject_resources(ctx, content1)
    assert content1 == content2
Exemple #7
0
def add_test_injection(context, content):
    add_resource(context, "body_end",
                 InlineScriptResource("window.injectedFromAddon=true;"))
def add_test_injection(context, content):
    add_resource(context, "body_end", InlineScriptResource("window.injectedFromAddon=true;"))
Exemple #9
0
 def render(self, context):
     add_resource(context, "body_start", "://example.com/js.js")
     add_resource(context, "body_start", "://foo/fuzz.png")
     add_resource(context, "head_end", "://example.com/css.css")
     add_resource(context, "body_end", InlineScriptResource("alert('xss')"))
     add_resource(context, "head_end", InlineScriptResource.from_vars("foos", {"bars": (1, 2, 3)}))
     add_resource(context, "head_end", InlineMarkupResource(self.meta_markup))
     add_resource(context, "head_end", InlineMarkupResource(self.meta_markup))  # Test duplicates
     add_resource(context, "head_end", "")  # Test the no-op branch
     return self.message
Exemple #10
0
def test_injecting_into_weird_places():
    request = get_request()
    (template, layout, gibberish, ctx) = get_test_template_bits(
        request, **{RESOURCE_CONTAINER_VAR_NAME: ResourceContainer()})
    with pytest.raises(ValueError):
        add_resource(ctx, "yes", "hello.js")
Exemple #11
0
 def render(self, context):
     add_resource(context, "body_start", "://example.com/js.js")
     add_resource(context, "body_start", "://foo/fuzz.png")
     add_resource(context, "head_end", "://example.com/css.css")
     add_resource(context, "body_end", InlineScriptResource("alert('xss')"))
     add_resource(
         context, "head_end",
         InlineScriptResource.from_vars("foos", {"bars": (1, 2, 3)}))
     add_resource(context, "head_end",
                  InlineMarkupResource(self.meta_markup))
     add_resource(context, "head_end",
                  InlineMarkupResource(self.meta_markup))  # Test duplicates
     add_resource(context, "head_end", "")  # Test the no-op branch
     return self.message
Exemple #12
0
 def render(self, context):
     for location, __ in self.fields:
         if location in resources.KNOWN_LOCATIONS:
             resource = self.config.get(location, "")
             add_resource(context, location, InlineMarkupResource(resource))
     return self.config.get("in_place", "")
Exemple #13
0
 def render(self, context):
     for location, __ in self.fields:
         if location in resources.KNOWN_LOCATIONS:
             resource = self.config.get(location, "")
             add_resource(context, location, InlineMarkupResource(resource))
     return self.config.get("in_place", "")