Ralf Becker
43e1bfcc12
switching on Content-Security-Policy: script-src 'self' 'unsafe-eval' for all templates, old non-et2 apps can call egw_framework::csp_script_src_attrs('unsafe-inline') to enable inline scripts in their scope, et2 does it for CK editor which does not support CSP currently and old etemplate does it for all apps using it
2013-10-05 13:33:28 +00:00
Ralf Becker
f8a0db06fc
completly remove preferences menu from sidebox and tiled preferences index in favoir of app-sensitive entries in top-menu
2013-10-03 09:23:18 +00:00
Ralf Becker
6f162f144e
add context sensitive link to ACL/grant access to top-menu, same is to be happen for cats and preferences itself and preferences in sidebox will be removed
2013-10-02 16:29:08 +00:00
Ralf Becker
1590d02816
new egw_framework::message($msg, $msg_type="success") method and fixing nextmatch filter-change to return app-header
2013-09-05 11:53:25 +00:00
Ralf Becker
aa8a848871
optional parameter for egw_framework::window_close() to specify an alert message, which get shown/alerted, before closing the window
2013-08-26 10:24:11 +00:00
Ralf Becker
b2ba685edd
remove inline javascript from idots and jerryr templates
2013-08-21 20:22:53 +00:00
Ralf Becker
73aa652c41
missing egw.js from last commit and egw_framework::window_focus() method
2013-08-20 13:25:36 +00:00
Ralf Becker
1c4f65120c
new egw_framework methods refresh_opener and window_close to call egw_refresh on opener or close popup window in a content security save way
2013-08-20 12:06:41 +00:00
Ralf Becker
8ce9969ece
we need to double encode (html::htmlspecialchars( , TRUE)), as otherwise we get invalid json, eg. for quotes, fixes not working display in filemanager for some directories containing directories with quotes in their name
2013-08-01 06:36:18 +00:00
Ralf Becker
8ec5425c5a
disable minify-ing of javascript, until I find time to fix it, as it stalls testers (css still get minifyed, if debug minify is off in site config)
2013-07-24 07:42:27 +00:00
Ralf Becker
16191d4db4
rendering quick-add menu on clientside and content-security safe, thought not yet in idots template, also removed not used inline javascript from idots
2013-07-22 19:20:13 +00:00
Ralf Becker
4ed52a2b16
get notifications-popup ready for content-security, install as object in app.notifications and use data-poll-intervall of script tag to pass poll frequency
2013-07-22 13:29:20 +00:00
Nathan Gray
67d6775f54
Use htmlspecialchars to escape data-attributes
2013-07-19 18:03:47 +00:00
Ralf Becker
5e3c0192d3
$extra parameter for framework->header()
2013-07-19 17:07:05 +00:00
Ralf Becker
f55a668bdf
include user-data and common prefs like we already do it with eg. server config
2013-07-19 15:22:00 +00:00
Ralf Becker
d16c426fb6
first step towards content-security by passing parameters to egw.js script via data-attributes of script tag instead of using inline scripts in page
2013-07-19 08:45:26 +00:00
Ralf Becker
792f1b26cc
replacing egw.LAB with egw_LAB, as egw object is shared by all iframes and popups, while LAB has to work on document
2013-07-17 12:47:21 +00:00
Ralf Becker
a23205060b
use new eTemplate preferences
2013-05-10 16:39:42 +00:00
Ralf Becker
ad4776c78e
allways using filemtime for timestamps appended to urls to force loading of current version, as mixed use of file{c,m}time causes wired errors due to double loading eg. on OS X where they are different
2013-04-13 07:17:36 +00:00
Ralf Becker
a1d90ea237
get regexp to play nice with opening script tag without attributes
2013-04-09 12:47:44 +00:00
Ralf Becker
6e28933f18
missing onLoad attibute in body tag, causing all sorts of things to fail
2013-04-02 08:13:37 +00:00
Nathan Gray
a20f7651a0
Wrap some more js
2013-04-01 22:19:10 +00:00
Nathan Gray
ef2a5d377d
Use LABjs throughout framework to load javascript - prevents a lot of undefined / timing errors
2013-04-01 19:14:52 +00:00
Nathan Gray
68529ce692
Load et2 CSS in at the top level so it's available for sidebox
2013-03-12 22:45:58 +00:00
Ralf Becker
52ea94cbee
using LABjs to load javascript files in order via egw.includeJS
2013-02-15 15:30:35 +00:00
Ralf Becker
5f1c76ae91
refactored js loading a bit, to be able to get files to load for et2
2013-02-13 16:28:39 +00:00
Nathan Gray
f72a582532
Use chosen plugin for to get fancy selectboxes. Selectboxes with more than 12 options get it turned on automatically
2012-11-12 19:29:23 +00:00
Ralf Becker
f7cc51ad18
do NOT minify ckeditor, as it breaks it (it is already minifyed anyway)
2012-10-26 10:00:05 +00:00
Ralf Becker
18fe5c1d4b
fixed minify issues: installation in docroot is now handeled, as well as problems with jscalendar and email
2012-10-26 09:24:39 +00:00
Ralf Becker
b6a2d9591f
koping with EGroupware installed direct in docroot (webserver_url "", "/" or "http(s)://domain.com/")
2012-10-24 06:27:56 +00:00
Ralf Becker
6996efe50b
use minify on javascript files: for now minify does NOT support query parameters, nor php files generating javascript, therefore these are excluded
2012-10-15 17:22:44 +00:00
Ralf Becker
4e8f54268c
fix for typo: path_url --> parse_url
2012-10-15 06:51:54 +00:00
Ralf Becker
71ec92a777
cache, concat and minify all css resources to speed up requests, javascript files planned too
2012-10-14 19:38:32 +00:00
Ralf Becker
5100dfcc71
* Password: fixed not working check, if user has right to change password, causing password link in topmenu to be displayed when not in preferences app
2012-06-29 07:14:46 +00:00
Ralf Becker
3e4ef81080
load wz_tooltips only if required: $GLOBALS[egw_info][flags][include_wz_tooltip] set or html::tooltip() called before calling common::egw_header(), calling header again as end of home page to allow apps to load stuff into the header (not only wz_tooltip)
2012-04-04 13:05:58 +00:00
Andreas Stöckel
c525cadcdb
Reverted accidently made commit for class.egw_framework.inc.php
2012-03-23 13:43:20 +00:00
Andreas Stöckel
eadeb57f28
Fixed problem with registered data callbacks, when the window the callback belongs to is closed
2012-03-23 13:39:27 +00:00
Klaus Leithoff
3abeb7c464
add onbeforeunload as action
2012-03-21 08:25:17 +00:00
Andreas Stöckel
dc017ed889
Now again using a local etemplate2 instance on the client
2012-03-12 12:05:14 +00:00
Andreas Stöckel
d486e50a57
phpgwapi:
...
* Changed way of how "webserverUrl" gets set - any type of data can now be
injected into the egw object by creating an object with the data and an
entry "prefsOnly" set to true. This allows to ensure, that "webserverUrl"
is the first thing that is being set in the egw object (as needed when
including new JS/CSS files at runtime)
jsapi:
* Fixed including JS/CSS files at runtime in other windows than the root
window
* Added "ready" function/module, which provides an alternative to the
$j("ready") function. The ready module provides the functionality to
postpone calling the "ready" until certain events happened.
* using jQuery calendar object instead of jscalendar in the calendar
function.
* added "jquery" module which takes care of including all jQuery modules
in all windows
* added possibility for modules to update constants using the "constant"
function.
* added possibility for modules to access certain other modules using
the "module" function
etemplate:
* Using new egw(window).ready function to build the template first if
loading has finished.
2012-03-09 15:32:29 +00:00
Andreas Stöckel
df06f6657c
Now always including egw and etemplate2 javascript code if we are in the top window
2012-03-08 14:05:00 +00:00
Ralf Becker
000b74bded
framework->isTop($consider_navbar_not_yet_called_as_true=true): true if we are rendering the top-level EGroupware window
2012-03-07 08:45:57 +00:00
Ralf Becker
f676a23821
fixes for PHP 5.4 warnings and strict warnings, thought disabled E_STRICT for now, because of various strict warnings in working code, which could not be easy fixed in all areas (see comment in phpgwapi/inc/functions.inc.php)
2012-03-04 13:33:10 +00:00
Klaus Leithoff
d37ee80161
mending Warnings: Cannot use a scalar value as an array
2011-12-20 15:57:03 +00:00
Ralf Becker
e9ba37173a
remove old ISS specific redirect code and default of $_SERVER[PHP_SELF] for $url parameter of egw::redirect (not used in current EGroupware)
2011-11-30 20:32:45 +00:00
Nathan Gray
c3abca67db
Return an array, not null, if there are no preferences for the app
2011-11-09 16:32:42 +00:00
Ralf Becker
046c0919cc
make basic data of current user available via egw.user(_field)
2011-08-31 12:17:34 +00:00
Ralf Becker
7868b684cd
using php5 constructors
2011-08-31 07:50:28 +00:00
Ralf Becker
ea7ad6318d
new clientside image-name to url map: egw.image(_name, _app="phpgwapi")
...
eg. egw.image('favicon') returns '/egroupware/phpgwapi/templates/default/favicon.ico'
--> pondon to serverside common::image($app,$name) method
2011-08-30 22:19:38 +00:00
Ralf Becker
be6fd87783
- sending EGroupware configuration (non-sensible stuff) to browser and make it available via egw.config(_name, _app="phpgwapi")
...
- sending link-registry in the same file
- used javascript file uses etag to ensure there's no need to load it on each request
2011-08-26 16:27:57 +00:00