Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,450 Commits 1 Branch 0 Tags
079f43f40d399cfc0da17039b6dede4e06bda2fb
Commit Graph

2460 Commits

Author SHA1 Message Date
AlasdairSwan
a9971ef2ba FEDX-118 Adding header to test page 2016-04-25 10:56:28 -04:00
Chris Rodriguez
2a23757fbc Sending skip links to single main, making more relevant 2016-04-25 10:00:45 -04:00
Awais Jibran
34b06932e5 Safe tempaltes 2016-04-25 16:30:09 +05:00
muzaffaryousaf
c0fef0b0e0 Js test fixes for cms and cms-squire. 2016-04-22 19:09:33 +05:00
attiyaishaque
002ad84d4d Safe Templates 2016-04-21 17:55:29 +05:00
Dmitry Viskov
1836065754 Dynamic values for the selectboxes with tags (tags are stored in the database tables) 2016-04-20 16:07:32 +03:00
Andy Armstrong
9290c52b33 Introduce Pattern Library test pages (take two) 
FEDX-93

These are developer only pages, so can not be seen in production
environment. On devstack, you can access these pages in LMS and
Studio at:

    /template/ux/reference/pattern-library-test.html

This is the second attempt to enable the Pattern Library. The
first attempt broke Django Templates and didn't work correctly
with right-to-left styling.
 2016-04-11 00:45:31 -04:00
Brian Jacobel
4671970f86 Revert "Introduce Pattern Library test pages" 
This reverts commit 845e3708f3.
 2016-04-08 14:25:41 -04:00
Andy Armstrong
845e3708f3 Introduce Pattern Library test pages 
FEDX-93

These are developer only pages, so can not be seen in production
environment. On devstack, you can access these pages in LMS and
Studio at:

    /template/ux/reference/pattern-library-test.html
 2016-04-05 09:22:14 -04:00
Brian Jacobel
1ed5b4bda9 Remove usage of Underscore.string in edit-chapter.underscore 2016-04-04 10:18:44 -04:00
Andy Armstrong
db62db295c Upgrade Underscore.string 
FEDX-117
 2016-04-04 10:18:43 -04:00
Nimisha Asthagiri
0c604da9ee Merge pull request #11900 from edx/nasthagiri/css-template 
XSS Safe by default: dashboard, header, footer, navigation, help_modal
 2016-03-31 17:25:30 -04:00
Nimisha Asthagiri
432c570628 XSS Safe default - header.html, navigation.html, help_modal.html 2016-03-31 16:34:33 -04:00
sanfordstudent
fd37948726 Merge pull request #11989 from edx/release 
Release
 2016-03-30 11:22:23 -04:00
Carol Tong
4ab75c7c00 Update help text on Grading Assignment Types page 2016-03-29 15:39:24 -04:00
Calen Pennington
37813d1820 Merge pull request #11958 from cpennington/cale/xss 
Make (some) Mako templates HTML escaped by default
 2016-03-29 11:03:31 -04:00
Calen Pennington
683151a238 XSS escape cms/templates/course-create-rerun.html 2016-03-29 08:51:22 -04:00
Calen Pennington
b81a15d57f XSS escape cms/templates/course_outline.html 2016-03-29 08:51:22 -04:00
cahrens
39dc8a5915 Perform esacaping in the templates. 
Use new best practices.
 2016-03-28 15:05:40 -04:00
Sanford Student
ed7237b671 fixing typo in template 2016-03-25 16:50:28 -04:00
Daniel Friedman
a0654f93a2 Merge pull request #11890 from edx/dan-f/make-cms-500-safe 
Make CMS 500 template safe by default
 2016-03-24 11:24:12 -04:00
Daniel Friedman
32f6bc0791 Merge pull request #11887 from edx/dan-f/make-cms-404-safe 
Make CMS 404 template safe by default
 2016-03-24 11:23:13 -04:00
Daniel Friedman
c210d918b2 Make CMS 404 template safe by default 2016-03-24 10:31:42 -04:00
Daniel Friedman
0fd137c271 Make CMS 500 template safe by default 2016-03-24 09:51:55 -04:00
Renzo Lucioni
40ef82d513 Merge pull request #11911 from edx/renzo/safe-templates 
Secure templates used to inject Segment and Optimizely
 2016-03-23 17:15:11 -04:00
Calen Pennington
ac951c4bd2 XSS escape cms/templates/course_info.html 2016-03-23 16:12:41 -04:00
Calen Pennington
53a2960941 XSS escape cms/templates/component.html 2016-03-23 16:12:40 -04:00
Calen Pennington
7922dcbb9c XSS escape cms/templates/js/asset.underscore 2016-03-23 16:12:40 -04:00
Calen Pennington
485c542838 XSS escape cms/templates/js/asset-library.underscore 2016-03-23 16:12:40 -04:00
Calen Pennington
b91d1f2256 XSS escape cms/templates/asset_index.html 2016-03-23 16:12:40 -04:00
Daniel Friedman
56b1196246 Fix accidental extra escaping 2016-03-23 14:46:35 -04:00
Renzo Lucioni
a104d82e70 Secure templates used to inject Segment and Optimizely 2016-03-23 14:40:24 -04:00
Daniel Friedman
679cdc3775 Merge pull request #11893 from edx/dan-f/make-cms-activation_invalid-safe 
Make CMS activation_invalid template safe by default
 2016-03-23 13:55:51 -04:00
Daniel Friedman
0b6faee467 Merge pull request #11891 from edx/dan-f/make-cms-activation_complete-safe 
Make CMS activation_complete template safe by default
 2016-03-23 13:55:11 -04:00
Jesse Zoldak
6f0d1157f1 Add h filter page directive to cms mako templates without variables 
The files to change were found with:
`ack --literal --type=html --match '${' --files-without-matches cms/templates`
 2016-03-23 12:05:12 -04:00
Daniel Friedman
48e2299e47 Make CMS activation_invalid template safe by default 2016-03-23 11:21:50 -04:00
Calen Pennington
2607f8a98c XSS escape cms/templates/activation_active.html 2016-03-23 11:17:17 -04:00
Daniel Friedman
ea347c7a9b Make CMS activation_complete template safe by default 2016-03-23 11:11:08 -04:00
cahrens
358ed2559a Fix improper escaping. 2016-03-21 16:01:04 -04:00
cahrens
dd2a203677 Upgrade underscore to newest version. 
FEDX-24
 2016-03-16 17:08:27 -04:00
Andy Armstrong
06daf79b94 Upgrade RequireJS 
FEDX-105
 2016-03-16 12:42:00 -04:00
Calen Pennington
f092550945 Merge pull request #11562 from CredoReference/tags-selectbox-in-studio-based-on-xblockasides 
XBlockAside improvement. Difficulty selectbox in Studio (based on new XBlockAside functionality)
 2016-03-10 10:32:22 -05:00
Jonathan Piacenti
f1c1c7c146 Fix escaping issue in studio xblock wrapper for display name. 2016-03-04 13:38:20 -06:00
Andrew Gaylard
2fe0bf5a98 Fix TNL-3429. 2016-03-04 13:38:20 -06:00
Robert Raposa
8e1e4a4715 Use markup HTML helper with Text 
TNL-4160
 2016-03-04 10:44:41 -05:00
Dmitry Viskov
209ddc700d Difficulty selectbox in Studio (based on new XBlockAside functionality). Include: 
- adaptation asides to be imported from the XML
- updating SplitMongo to handle XBlockAsides (CRUD operations)
- updating Studio to handle XBlockAsides handler calls
- updating xblock/core.js to properly init XBlockAsides JavaScript
 2016-03-02 03:37:13 +03:00
clrux
650c95f9c3 Merge pull request #11501 from edx/clrux/ac-328-uxpl 
AC-328 adding UXPL classnames to headings
 2016-03-01 07:23:07 -05:00
Chris Rodriguez
c619e1ec6b Adding UXPL classnames to headings 2016-02-29 15:43:17 -05:00
Mushtaq Ali
3dc73c655b Display studio name properly on empty course page. 2016-02-29 17:11:55 +05:00
Christine Lytwynec
41febaa875 Merge pull request #11565 from edx/clytwynec/ac-234 
Remove hgroup usage
 2016-02-19 16:06:22 -05:00