Fixed #25165 -- Removed inline JavaScript from the admin.

This allows setting a Content-Security-Policy HTTP header (refs #15727). Special thanks to blighj, the original author of this patch.
2025-10-24 06:06:09 +00:00 · 2015-11-23 10:46:19 +00:00
parent 105028eec6
commit d638cdc42a
42 changed files with 455 additions and 275 deletions
--- a/tests/admin_widgets/tests.py
+++ b/tests/admin_widgets/tests.py
@@ -271,9 +271,8 @@ class FilteredSelectMultipleWidgetTest(SimpleTestCase):
        w = widgets.FilteredSelectMultiple('test\\', False)
        self.assertHTMLEqual(
            w.render('test', 'test'),
-            '<select multiple="multiple" name="test" class="selectfilter">\n</select>'
-            '<script type="text/javascript">addEvent(window, "load", function(e) '
-            '{SelectFilter.init("id_test", "test\\u005C", 0); });</script>\n'
+            '<select multiple="multiple" name="test" class="selectfilter" '
+            'data-field-name="test\\" data-is-stacked="0">\n</select>'
        )

    def test_stacked_render(self):
@@ -281,9 +280,8 @@ class FilteredSelectMultipleWidgetTest(SimpleTestCase):
        w = widgets.FilteredSelectMultiple('test\\', True)
        self.assertHTMLEqual(
            w.render('test', 'test'),
-            '<select multiple="multiple" name="test" class="selectfilterstacked">\n</select>'
-            '<script type="text/javascript">addEvent(window, "load", function(e) '
-            '{SelectFilter.init("id_test", "test\\u005C", 1); });</script>\n'
+            '<select multiple="multiple" name="test" class="selectfilterstacked" '
+            'data-field-name="test\\" data-is-stacked="1">\n</select>'
        )