Commit e266d79f authored by Robert Lyon's avatar Robert Lyon Committed by Aaron Wells
Browse files

Removing clean_html() from additionalhtml (Bug #1073625)



Now that the admin interface has been removed we can allow
the code in the db to be displayed 'as is' rather than
stripping out potentially bad code. (The feature is useless if
we strip out JavaScript, because most tracking cookies require
it)

Change-Id: Id5665afa75ee8fe229baea65332a09b32d827a54
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 41c4fada
......@@ -6,7 +6,7 @@
<!--[if (gt IE 9)|!(IE)]><!--><html{if $LANGDIRECTION == 'rtl'} dir="rtl"{/if}><!--<![endif]-->
{include file="header/head.tpl"}
<body class="no-js">
{if $ADDITIONALHTMLTOPOFBODY}{$ADDITIONALHTMLTOPOFBODY|clean_html|safe}{/if}
{if $ADDITIONALHTMLTOPOFBODY}{$ADDITIONALHTMLTOPOFBODY|safe}{/if}
{if $USERMASQUERADING || !$PRODUCTIONMODE || $SITECLOSED || $SITETOP}<div class="sitemessages">{/if}
{if $USERMASQUERADING}<div class="sitemessage"><img src="{theme_url filename='images/failure.png'}" alt="">{$masqueradedetails} {$becomeyouagain|safe}</div>{/if}
{if !$PRODUCTIONMODE}<div class="sitemessage center">{str tag=notproductionsite section=error}</div>{/if}
......
......@@ -38,6 +38,6 @@
<!-- Responsive design -->
<script type="text/javascript" src="{$WWWROOT}js/rd-nav.js"></script>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
{if $ADDITIONALHTMLHEAD}{$ADDITIONALHTMLHEAD|clean_html|safe}{/if}
{if $ADDITIONALHTMLHEAD}{$ADDITIONALHTMLHEAD|safe}{/if}
</head>
{dynamic}{flush}{/dynamic}
......@@ -38,6 +38,6 @@
</div><!-- footer -->
</div><!-- footer-wrap -->
</div><!-- container -->
{if $ADDITIONALHTMLFOOTER}{$ADDITIONALHTMLFOOTER|clean_html|safe}{/if}
{if $ADDITIONALHTMLFOOTER}{$ADDITIONALHTMLFOOTER|safe}{/if}
</body>
</html>
......@@ -6,7 +6,7 @@
<!--[if (gt IE 9)|!(IE)]><!--><html{if $LANGDIRECTION == 'rtl'} dir="rtl"{/if}><!--<![endif]-->
{include file="header/head.tpl"}
<body>
{if $ADDITIONALHTMLTOPOFBODY}{$ADDITIONALHTMLTOPOFBODY|clean_html|safe}{/if}
{if $ADDITIONALHTMLTOPOFBODY}{$ADDITIONALHTMLTOPOFBODY|safe}{/if}
{if $USERMASQUERADING || !$PRODUCTIONMODE || $SITECLOSED || $SITETOP}<div class="sitemessages">{/if}
{if $USERMASQUERADING}<div class="sitemessage"><img src="{theme_url filename='images/failure.png'}" alt="">{$masqueradedetails} {$becomeyouagain|safe}</div>{/if}
{if !$PRODUCTIONMODE}<div class="sitemessage center">{str tag=notproductionsite section=error}</div>{/if}
......
......@@ -35,6 +35,6 @@
<script type="text/javascript" src="{$WWWROOT}js/css.js"></script>
<link rel="shortcut icon" href="{$WWWROOT}favicon.ico" type="image/vnd.microsoft.icon">
<link rel="image_src" href="{$sitelogo}">
{if $ADDITIONALHTMLHEAD}{$ADDITIONALHTMLHEAD|clean_html|safe}{/if}
{if $ADDITIONALHTMLHEAD}{$ADDITIONALHTMLHEAD|safe}{/if}
</head>
{dynamic}{flush}{/dynamic}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment