[ajax] use a custom tag to handle dynamically loaded js
Using <pre class="script"> makes it trivial for a malicious user to
inject arbitrary javascript into a html or rest text element (because it
looks innocent to the html sanitizer). Using a custom tag we can be
sure that it actually comes from our code and not from untrusted user
data. IE ignores custom tags, though, so we put it in its own namespace.
https://extranet.logilab.fr/1530578
CSS Coding Standards
--------------------
(Draft, to be continued)
:Naming: camelCase
Indentation rules
~~~~~~~~~~~~~~~~~
- 2 espaces avant les propriétés
- pas d'espace avant les ":", un espace après
- 1 seul espace entre les différentes valeurs pour une même propriété
Documentation
~~~~~~~~~~~~~
Please keep rules semantically linked grouped together, with a comment about
what they are for.
Recommendation
~~~~~~~~~~~~~~
- Try to use existing classes rather than introduce new ones
- Keep things as simple as possible while in the framework
- Think about later customization by application
- Avoid introducing a new CSS file for a few lines of CSS, at least while the
framework doesn't include packing functionalities