[ajax] use a custom tag to handle dynamically loaded js
Using <pre class="script"> makes it trivial for a malicious user to
inject arbitrary javascript into a html or rest text element (because it
looks innocent to the html sanitizer). Using a custom tag we can be
sure that it actually comes from our code and not from untrusted user
data. IE ignores custom tags, though, so we put it in its own namespace.
https://extranet.logilab.fr/1530578
# for el5, force use of python2.6
%%if 0%%{?el5}
%%define python python26
%%define __python /usr/bin/python2.6
%%else
%%define python python
%%define __python /usr/bin/python
%%endif
%%{!?_python_sitelib: %%define _python_sitelib %%(%%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: %(distname)s
Version: 0.1.0
Release: logilab.1%%{?dist}
Summary: %(shortdesc)s
Group: Applications/Internet
License: %(license)s
Source0: %(distname)s-%%{version}.tar.gz
BuildArch: noarch
BuildRoot: %%{_tmppath}/%%{name}-%%{version}-%%{release}-buildroot
BuildRequires: %%{python} %%{python}-setuptools
Requires: cubicweb >= %(version)s
%%description
%(longdesc)s
%%prep
%%setup -q -n %(distname)s-%%{version}
%%if 0%%{?el5}
# change the python version in shebangs
find . -name '*.py' -type f -print0 | xargs -0 sed -i '1,3s;^#!.*python.*$;#! /usr/bin/python2.6;'
%%endif
%%install
NO_SETUPTOOLS=1 %%{__python} setup.py --quiet install --no-compile --prefix=%%{_prefix} --root="$RPM_BUILD_ROOT"
# remove generated .egg-info file
rm -rf $RPM_BUILD_ROOT/usr/lib/python*
%%clean
rm -rf $RPM_BUILD_ROOT
%%files
%%defattr(-, root, root)
/*