Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 25 May 2011 11:42:31 +0200] rev 7433
merge default heads
Arthur Lutz <arthur.lutz@logilab.fr> [Wed, 25 May 2011 11:41:16 +0200] rev 7432
[ui messages, xss] Start migration towards use of _msgid instead of __message (prone to XSS injection) closes #1698245
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 25 May 2011 11:40:10 +0200] rev 7431
backport stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 25 May 2011 11:39:54 +0200] rev 7430
[ui messages] make application message component works when request has no cnx set and support for explicit message given through render argument
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 25 May 2011 10:59:26 +0200] rev 7429
backport stable
Sylvain Thénault <sylvain.thenault@logilab.fr> [Wed, 25 May 2011 10:58:43 +0200] rev 7428
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
fix several pbs:
* we need a session id and a session cookie anyway, else subsequent http queries are unrelated
* this imply some changes in the session attribution workflow for session without a cnx
* some views/selectors must be fixed for cases where session has no cnx
On the way, avoid unnecessary Redirect on successful login.
closes #750543
Aurelien Campeas <aurelien.campeas@logilab.fr> [Wed, 25 May 2011 11:28:58 +0200] rev 7427
[ajax js/css] modconcat fix: load code exactly once (auc, fcayre)
* introduces cw.ajax namespace (currently hosts only recent modconcat functionality)
* handle load-one/load-many-at-once edge case
* properly handle already-loaded js resource
* avoid .appendTo to trigger script evaluation since from jquery 1.5 this results in uncached ajax calls