Fri, 14 Feb 2014 14:46:25 +0100 [web/data] fix treeview regression (closes #3526466)
Julien Cristau <julien.cristau@logilab.fr> [Fri, 14 Feb 2014 14:46:25 +0100] rev 9529
[web/data] fix treeview regression (closes #3526466) Changeset 68cde7431c2c "[js] remove 3.9 bw compat (where apparently unused)" removed the use of form.callback from loadxhtml, which treeview relied on. Update to add a callback on the loadxhtml return value instead.
Fri, 14 Feb 2014 10:39:16 +0100 backout 8f3e963501e2, which is not ready yet stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Fri, 14 Feb 2014 10:39:16 +0100] rev 9528
backout 8f3e963501e2, which is not ready yet
Thu, 13 Feb 2014 19:29:20 +0100 [pkg] also bump it there stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Thu, 13 Feb 2014 19:29:20 +0100] rev 9527
[pkg] also bump it there
Mon, 10 Feb 2014 18:00:26 +0100 [pkg] prepare 3.17.13 stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 10 Feb 2014 18:00:26 +0100] rev 9526
[pkg] prepare 3.17.13
Tue, 11 Feb 2014 13:50:29 +0100 [navigation] use add_onload instead of inline javascript href stable
Julien Cristau <julien.cristau@logilab.fr> [Tue, 11 Feb 2014 13:50:29 +0100] rev 9525
[navigation] use add_onload instead of inline javascript href This way our javascript code isn't thrown out by the html cleaner e.g. when using the rql rest directive and a table view. Closes #3501626
Wed, 05 Feb 2014 15:50:36 +0100 [uilib] allow canvas tags in the html cleaner stable
Julien Cristau <julien.cristau@logilab.fr> [Wed, 05 Feb 2014 15:50:36 +0100] rev 9524
[uilib] allow canvas tags in the html cleaner Used by the iprogress cube. Closes #3524254.
Wed, 05 Feb 2014 16:34:21 +0100 [ajax] use a custom tag to handle dynamically loaded js stable
Julien Cristau <julien.cristau@logilab.fr> [Wed, 05 Feb 2014 16:34:21 +0100] rev 9523
[ajax] use a custom tag to handle dynamically loaded js Using <pre class="script"> makes it trivial for a malicious user to inject arbitrary javascript into a html or rest text element (because it looks innocent to the html sanitizer). Using a custom tag we can be sure that it actually comes from our code and not from untrusted user data. IE ignores custom tags, though, so we put it in its own namespace. https://extranet.logilab.fr/1530578
Mon, 03 Feb 2014 19:07:58 +0100 [dataimport] fix comment stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Mon, 03 Feb 2014 19:07:58 +0100] rev 9522
[dataimport] fix comment
Wed, 12 Feb 2014 18:15:32 +0100 [hooks/security, devtools/fill] silence yams 0.38.0 warnings stable
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 12 Feb 2014 18:15:32 +0100] rev 9521
[hooks/security, devtools/fill] silence yams 0.38.0 warnings
Mon, 03 Feb 2014 16:30:07 +0100 Drop 3.13 incomplete backward compat in edit controller.
Florent Cayré <florent.cayre@logilab.fr> [Mon, 03 Feb 2014 16:30:07 +0100] rev 9520
Drop 3.13 incomplete backward compat in edit controller. It is very old and broken (there is another non-backward-copmpatible usage of `_cw_entity_fields`), better to remove it instead of fixing. Closes #3515223.
(0) -3000 -1000 -300 -100 -10 +10 +100 +300 +1000 +3000 tip