prevents xss inside:
* awesome bar
* base template
the base template rendering issue causes site-wide xss, which can be
prevented by html-escaping the canonical url that is placed inside <head>
Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>
The default `base_template` for any web route was `templates/web.html`
by default. Now, you can set the `base_template` for routes by a regex
pattern via hooks (using the key `base_template_map`). For e.g, you can
set `templates/doc.html` for routes that match the pattern `docs.*`
- Website Theme based on: Bootstrap 4, Tailwind
- Web Page: Page Builder
- Web Template: Create templates for web pages
- Added some common Web Templates
- Components: Standard components directly usable in Jinja
- Purge Tailwind Classes in Production
- PostCSS Config to support tailwind
- Extract title from h1 if it doesn't contain jinja
- Add _context_dict to context to be able to inspect it in templates
- Add inspect macro to inspect any variable
- Better defaults for controller_row template
Co-Authored-By: Suraj Shetty <surajshetty3416@gmail.com>
BREAKING CHANGE
A route is added to the sitemap if no_sitemap is not set.
This PR reverses this design. Because sitemap should contain publicly accessible pages and not utility pages.
Also, having lots of utility pages on sitemap does more harm than good.
Meta Tags are now decoupled from docs and are maintained per route basis
They will be tracked in Website Route Meta doctype where the `name`
is the `route`, it keeps track of a list of `key` and `value` in a table
Remove Meta Tag table from Web Page, add Set Meta Tag button helper.
- Child Table to store meta tags with key and value
- Used in Web Page
- Remove redundant description field in Web Page
and patch it into Website Meta Tag
* fix(login): redirect user from login page if already logged in
the user should not be able to access the login page if a user session already exists. closes#6500.
Signed-off-by: Chinmay Pai <chinmaydpai@gmail.com>
* fix(test-website): fix website test
what is the point in writing tests if they don't really work/function as intended?
Signed-off-by: Chinmay Pai <chinmaydpai@gmail.com>
* fix(regex): do not replace '\' in rules
that defeats the entire purpose of creating rules, wtf?
Signed-off-by: Chinmay Pai <chinmaydpai@gmail.com>
* fix(test_website): change user using set_user()
Signed-off-by: Chinmay Pai <chinmaydpai@gmail.com>
* redirect: prefix string with r to escape string literals
Signed-off-by: Chinmay Pai <chinmaydpai@gmail.com>
* make changes in the blog templates
* Add the inline styles to website.less
I also tweaked the design a bit, added h1 for header and increased the spacing a bit.
* Remove inline style and add css to less file
also added some spacing to make the blogpost look good by default.
* make the headings bold
* Add meta tags for social media in blog post page
