dani/django-ram
1
0
Fork 0
mirror of https://github.com/daniviga/django-ram.git synced 2026-02-03 17:40:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove the need of inline scripting

Browse Source
This commit is contained in:
Daniele Viganò
2026-01-15 12:42:12 +01:00
parent 650a93676e
commit d1e741ebfd
7 changed files with 59 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ram/portal/admin.py
View File

@@ -35,7 +35,8 @@ class SiteConfigurationAdmin(SingletonModelAdmin):
"fields": (
"show_version",
"use_cdn",
"extra_head",
"extra_html",
"extra_js",
"rest_api",
"version",
),

34
ram/portal/migrations/0022_rename_siteconfiguration_extra_head_and_more.py Normal file
View File

@@ -0,0 +1,34 @@
# Generated by Django 6.0.1 on 2026-01-15 11:32
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("portal", "0021_siteconfiguration_featured_items_ordering_and_more"),
]
operations = [
migrations.RenameField(
model_name="siteconfiguration",
old_name="extra_head",
new_name="extra_html",
),
migrations.AlterField(
model_name="siteconfiguration",
name="extra_html",
field=models.TextField(
blank=True,
help_text="Extra HTML to be dinamically loaded into the site.",
),
),
migrations.AddField(
model_name="siteconfiguration",
name="extra_js",
field=models.TextField(
blank=True,
help_text="Extra JS to be dinamically loaded into the site."
),
),
]

9
ram/portal/models.py
View File

@@ -39,7 +39,14 @@ class SiteConfiguration(SingletonModel):
disclaimer = tinymce.HTMLField(blank=True)
show_version = models.BooleanField(default=True)
use_cdn = models.BooleanField(default=True)
extra_head = models.TextField(blank=True)
extra_html = models.TextField(
blank=True,
help_text="Extra HTML to be dinamically loaded into the site.",
)
extra_js = models.TextField(
blank=True,
help_text="Extra JS to be dinamically loaded into the site.",
)
class Meta:
verbose_name = "Site Configuration"

3
ram/portal/templates/base.html
View File

@@ -25,7 +25,8 @@
<link href="{% static "css/main.min.css" %}?v={{ site_conf.version }}" rel="stylesheet">
<script src="{% static "js/main.min.js" %}?v={{ site_conf.version }}"></script>
{% block extra_head %}
{{ site_conf.extra_head | safe }}
{% if site_conf.extra_html %}{{ site_conf.extra_html | safe }}{% endif %}
{% if site_conf.extra_js %}<script src="{% url 'extra_js' %}"></script>{% endif %}
{% endblock %}
</head>
<body>

2
ram/portal/urls.py
View File

@@ -1,6 +1,7 @@
from django.urls import path
from portal.views import (
RenderExtraJS,
GetHome,
GetRoster,
GetObjectsFiltered,
@@ -24,6 +25,7 @@ from portal.views import (
urlpatterns = [
path("", GetHome.as_view(), name="index"),
path("extra.js", RenderExtraJS.as_view(), name="extra_js"),
path("roster", GetRoster.as_view(), name="roster"),
path("roster/page/<int:page>", GetRoster.as_view(), name="roster"),
path(

12
ram/portal/views.py
View File

@@ -7,7 +7,7 @@ from urllib.parse import unquote
from django.conf import settings
from django.views import View
from django.urls import Resolver404
from django.http import Http404, HttpResponseBadRequest
from django.http import Http404, HttpResponse, HttpResponseBadRequest
from django.db.utils import OperationalError, ProgrammingError
from django.db.models import F, Q, Count
from django.db.models.functions import Lower
@@ -78,6 +78,16 @@ class Render404(View):
)
class RenderExtraJS(View):
def get(self, request):
try:
extra_js = get_site_conf().extra_js
except (OperationalError, ProgrammingError):
extra_js = ""
return HttpResponse(extra_js, content_type="application/javascript")
class GetData(View):
title = None
template = "pagination.html"

1
ram/ram/settings.py
View File

@@ -116,7 +116,6 @@ SECURE_CSP = {
"img-src": ["data:", "*"],
"script-src": [
CSP.SELF,
CSP.UNSAFE_INLINE,
"https://www.googletagmanager.com/",
]
+ CDN_WHITELIST_CSP,