Commit Graph

9 Commits

Author SHA1 Message Date
Tim Abbott a2767e8c50 CVE-2020-14194: Use noopener/noreferrer for external links.
We fixed the main issue of this form in CVE-2020-9444, but the audit
done at that time only included links found in rendered_markdown; this
change completes our audit for links with target=_blank anywhere in
the codebase.
2020-06-16 23:35:39 -07:00
Pragati Agrawal 441f9f43e7 templates: Extract help link widget.
This block of html is used at many places so it's a good idea to create a
template for it.
2020-05-24 16:32:36 -07:00
Wyatt Hoodes 2204f33936 data exports: Switch to solely using a status column. 2020-04-30 13:00:59 -07:00
Wyatt Hoodes 82e7ad8e25 data exports: Handle pending and failed exports.
Prior to this change, there were reports of 500s in
production due to `export.extra_data` being a
Nonetype.  This was reproducible using the s3
backend in development when a row was created in
the `RealmAuditLog` table, but the export failed in
the `DeferredWorker`.  This left an entry lying
about that was never updated with an `extra_data`
field.

To fix this, we catch any exceptions in the
`DeferredWorker`, and then update `extra_data` to
encode the failure.  We also fix the fact that we
never updated the export UI table with pending exports.

These changes also negated the use for the somewhat
hacky `clear_success_banner` logic.
2020-04-30 13:00:59 -07:00
Steve Howell 19cf6d0e04 list_render: Remove data-list-render markup.
We already know which list widget a `<th>`
tag is associated with when we set up the
event handler, so it's silly to read data
from the DOM to find that widget again
when the handler runs.

This commit eliminates a whole class of possible
errors and busy work.
2020-04-15 15:13:26 -07:00
Wyatt Hoodes 2a020fa6cc data export: Fix sort feature regression.
02cfb47 removed a couple HTML tags that were
being used to sort the table.  We fix this,
but disable filtering exports by marking the
input type as `hidden`.  We use this approach as
it seems `list_render` doesn't like an
undefined `opts.filter.element`, which is
what happens if we simply remove the `filter`
key.
2019-08-28 15:23:39 -07:00
Rishi Gupta 02cfb47315 exports: Update wording on settings page, /help and /features. 2019-08-22 13:17:03 -07:00
Thomas Ip 39aceb9d93 org settings: Make data exports table sortable. 2019-08-22 13:13:24 -07:00
Wyatt Hoodes f623540409 data export: Add UI to trigger data export.
This commit serves as the frontend piece for the "public export"
webapp feature.

Fixes: #11930
2019-08-12 18:21:38 -07:00