wiki
/
weseek__growi
cermin dari https://github.com/weseek/growi


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281
							{% extends '../layout/admin.html' %}

{% block html_title %}{{ customizeService.generateCustomTitle(t('Markdown settings')) }}
 · {{ path }}{% endblock %}

{% block content_header %}
<div class="header-wrap">
  <header id="page-header">
    <h1 id="admin-title" class="title">{{ t('Markdown settings') }}</h1>
  </header>
</div>
{% endblock %}

{% block content_main %}
<div class="content-main">
  <div class="row">
    <div class="col-md-3">
      {% include './widget/menu.html' with {current: 'markdown'} %}
    </div>
    <!-- TODO reactify admin -->
    <div class="col-md-9">
      {% set smessage = req.flash('successMessage') %}
      {% if smessage.length %}
      <div class="alert alert-success">
        {% for e in smessage %}
          {{ e }}<br>
        {% endfor %}
      </div>
      {% endif %}

      {% set emessage = req.flash('errorMessage') %}
      {% if emessage.length %}
      <div class="alert alert-danger">
        {% for e in emessage %}
        {{ e }}<br>
        {% endfor %}
      </div>
      {% endif %}

      <form action="/admin/markdown/lineBreaksSetting" method="post" class="form-horizontal" id="markdownSettingForm" role="form">
        <fieldset>
          <legend>{{ t('markdown_setting.line_break_setting') }}</legend>
          <p class="well">{{ t("markdown_setting.line_break_setting_desc") }}</p>

          <div class="form-group">
            <label for="markdownSetting[markdown:isEnabledLinebreaks]" class="col-xs-4 control-label">
              {{ t('markdown_setting.Enable Line Break') }}
            </label>
            <div class="col-xs-5">
              <div class="btn-group btn-toggle" data-toggle="buttons">
                <label class="btn btn-default btn-rounded btn-outline {% if markdownSetting['markdown:isEnabledLinebreaks'] %}active{% endif %}" data-active-class="primary">
                  <input name="markdownSetting[markdown:isEnabledLinebreaks]" value="true" type="radio"
                      {% if true === markdownSetting['markdown:isEnabledLinebreaks'] %}checked{% endif %}> ON
                </label>
                <label class="btn btn-default btn-rounded btn-outline {% if !markdownSetting['markdown:isEnabledLinebreaks'] %}active{% endif %}" data-active-class="default">
                  <input name="markdownSetting[markdown:isEnabledLinebreaks]" value="false" type="radio"
                      {% if !markdownSetting['markdown:isEnabledLinebreaks'] %}checked{% endif %}> OFF
                </label>
              </div>
              <p class="help-block">{{ t("markdown_setting.Enable Line Break desc") }}</p>
            </div>
          </div>

          <div class="form-group">
            <label for="markdownSetting[markdown:isEnabledLinebreaksInComments]" class="col-xs-4 control-label">
              {{ t("markdown_setting.Enable Line Break for comment") }}
            </label>
            <div class="col-xs-5">
              <div class="btn-group btn-toggle" data-toggle="buttons">
                <label class="btn btn-default btn-rounded btn-outline {% if markdownSetting['markdown:isEnabledLinebreaksInComments'] %}active{% endif %}" data-active-class="primary">
                  <input name="markdownSetting[markdown:isEnabledLinebreaksInComments]" value="true" type="radio"
                      {% if true === markdownSetting['markdown:isEnabledLinebreaksInComments'] %}checked{% endif %}> ON
                </label>
                <label class="btn btn-default btn-rounded btn-outline {% if !markdownSetting['markdown:isEnabledLinebreaksInComments'] %}active{% endif %}" data-active-class="default">
                  <input name="markdownSetting[markdown:isEnabledLinebreaksInComments]" value="false" type="radio"
                      {% if !markdownSetting['markdown:isEnabledLinebreaksInComments'] %}checked{% endif %}> OFF
                </label>
              </div>
              <p class="help-block">{{ t("markdown_setting.Enable Line Break for comment desc") }}</p>
            </div>
          </div>

          <div class="form-group my-3">
            <div class="col-xs-offset-4 col-xs-5">
              <input type="hidden" name="_csrf" value="{{ csrf() }}">
              <button type="submit" class="btn btn-primary">{{ t("Update") }}</button>
            </div>
          </div>
        </fieldset>
      </form>

      <form action="/admin/markdown/presentationSetting" method="post" class="form-horizontal" id="markdownSettingForm" role="form">
        <legend>{{ t('markdown_setting.presentation_setting') }}</legend>
        <p class="well">{{ t("markdown_setting.presentation_setting_desc") }}</p>

        <fieldset class="form-group row my-2">
          {% set nameForPageBreakOption = "markdownSetting[markdown:presentation:pageBreakSeparator]" %}
          {% set pageBreakSeparator = markdownSetting['markdown:presentation:pageBreakSeparator'] %}

          <label class="col-xs-3 control-label">
            {{ t('markdown_setting.Page break setting') }}
          </label>

          <div class="col-xs-3 radio radio-primary">
            <input type="radio" id="pageBreakOption1" name="{{nameForPageBreakOption}}" value="1" {% if pageBreakSeparator === 1 %}checked{% endif %}>
            <label for="pageBreakOption1">
              <p class="font-weight-bold">{{ t('markdown_setting.Preset one separator') }}</p>
              <p class="mt-3">
                {{ t('markdown_setting.Preset one separator desc') }}
                <pre><code>{{ t('markdown_setting.Preset one separator value') }}</code></pre>
              </p>
            </label>
          </div>

          <div class="col-xs-3 radio radio-primary">
            <input type="radio" id="pageBreakOption2" name="{{nameForPageBreakOption}}" value="2" {% if pageBreakSeparator === 2 %}checked{% endif %}>
            <label for="pageBreakOption2">
              <p class="font-weight-bold">{{ t('markdown_setting.Preset two separator') }}</p>
              <p class="mt-3">
                {{ t('markdown_setting.Preset two separator desc') }}
                <pre><code>{{ t('markdown_setting.Preset two separator value') }}</code></pre>
              </p>
            </label>
          </div>

          <div class="col-xs-3 radio radio-primary">
            <input type="radio" id="pageBreakOption3" name="{{nameForPageBreakOption}}" value="3" {% if pageBreakSeparator === 3 %}checked{% endif %}>
            <label for="pageBreakOption3">
              <p class="font-weight-bold">{{ t('markdown_setting.Custom separator') }}</p>
              <p class="mt-3">
                {{ t('markdown_setting.Custom separator desc') }}
                <div>
                  <input class="form-control" name="markdownSetting[markdown:presentation:pageBreakCustomSeparator]" value="{{markdownSetting['markdown:presentation:pageBreakCustomSeparator']|default('') }}">
                </div>
              </p>
            </label>
          </div>

        </fieldset>

        <div class="form-group my-3">
          <div class="col-xs-offset-4 col-xs-5">
            <input type="hidden" name="_csrf" value="{{ csrf() }}">
            <button type="submit" class="btn btn-primary">{{ t("Update") }}</button>
          </div>
        </div>
      </form>

      <form action="/admin/markdown/xss-setting" method="post" class="form-horizontal" id="markdownSettingForm" role="form">
        {% set nameForIsXssEnabled = "markdownSetting[markdown:xss:isEnabledPrevention]" %}
        {% set isXssEnabled = markdownSetting['markdown:xss:isEnabledPrevention'] %}

        <legend>{{ t('markdown_setting.XSS_setting') }}</legend>
        <p class="well">{{ t("markdown_setting.XSS_setting_desc") }}</p>

        <fieldset class="row">
          <div class="form-group">
            <label for="markdownSetting[markdown:isEnabledLinebreaks]" class="col-xs-4 control-label">
              {{ t('markdown_setting.Enable XSS prevention') }}
            </label>
            <div class="col-xs-5">
              <div class="btn-group btn-toggle" data-toggle="buttons">
                <label class="btn btn-default btn-rounded btn-outline {% if isXssEnabled %}active{% endif %}" data-active-class="primary">
                  <input name="{{nameForIsXssEnabled}}" value="true" type="radio"
                      {% if isXssEnabled %}checked{% endif %}> ON
                </label>
                <label class="btn btn-default btn-rounded btn-outline {% if !isXssEnabled %}active{% endif %}" data-active-class="default">
                  <input name="{{nameForIsXssEnabled}}" value="false" type="radio"
                      {% if !isXssEnabled %}checked{% endif %}> OFF
                </label>
              </div>
            </div>
          </div>
        </fieldset>

        <fieldset class="form-group row my-3" id="xss-hide-when-disabled" {% if !isXssEnabled %}style="display: none;"{% endif %}>
          {% set nameForXssOption = "markdownSetting[markdown:xss:option]" %}
          {% set xssOption = markdownSetting['markdown:xss:option'] %}

          <div class="col-xs-4 radio radio-primary">
            <input type="radio" id="xssOption1" name="{{nameForXssOption}}" value="1" {% if xssOption === 1 %}checked{% endif %}>
            <label for="xssOption1">
              <p class="font-weight-bold">{{ t('markdown_setting.Ignore all tags') }}</p>
              <div class="m-t-15">
                  {{ t('markdown_setting.Ignore all tags desc') }}
              </div>
            </label>
          </div>

          <div class="col-xs-4 radio radio-primary">
            <input type="radio" id="xssOption2" name="{{nameForXssOption}}" value="2" {% if xssOption === 2 %}checked{% endif %}>
            <label for="xssOption2">
              <p class="font-weight-bold">{{ t('markdown_setting.Recommended setting') }}</p>
              <div class="m-t-15">
                {{ t('markdown_setting.Tag names') }}
                <textarea class="form-control xss-list" name="recommendedTags" rows="6" cols="40" readonly>{{ recommendedWhitelist.tags }}</textarea>
              </div>
              <div class="m-t-15">
                {{ t('markdown_setting.Tag attributes') }}
                <textarea class="form-control xss-list" name="recommendedAttrs" rows="6" cols="40" readonly>{{ recommendedWhitelist.attrs }}</textarea>
              </div>
            </label>
          </div>

          <div class="col-xs-4 radio radio-primary">
            <input type="radio" id="xssOption3" name="{{nameForXssOption}}" value="3" {% if xssOption === 3 %}checked{% endif %}>
            <label for="xssOption3">
              <p class="font-weight-bold">{{ t('markdown_setting.Custom Whitelist') }}</p>
              <div class="m-t-15">
                <div class="d-flex justify-content-between">
                  {{ t('markdown_setting.Tag names') }}
                  <p id="btn-import-tags" class="btn btn-xs btn-primary">
                    {{ t('markdown_setting.import_recommended', 'tags') }}
                  </p>
                </div>
                <textarea class="form-control xss-list" type="text" name="markdownSetting[markdown:xss:tagWhiteList]" rows="6" cols="40" placeholder="e.g. iframe, script, video...">{{ markdownSetting['markdown:xss:tagWhiteList'] }}</textarea>
              </div>
              <div class="m-t-15">
                <div class="d-flex justify-content-between">
                  {{ t('markdown_setting.Tag attributes') }}
                  <p id="btn-import-attrs" class="btn btn-xs btn-primary">
                    {{ t('markdown_setting.import_recommended', 'attributes') }}
                  </p>
                </div>
                <textarea class="form-control xss-list" name="markdownSetting[markdown:xss:attrWhiteList]" rows="6" cols="40" placeholder="e.g. src, id, name...">{{ markdownSetting['markdown:xss:attrWhiteList'] }}</textarea>
              </div>
            </label>
          </div>

        </fieldset>

        <div class="form-group row">
          <div class="col-xs-12 d-flex justify-content-center">
            <input type="hidden" name="_csrf" value="{{ csrf() }}">
            <button type="submit" class="btn btn-primary">{{ t("Update") }}</button>
          </div>
        </div>

      </form>
    </div>
  </div>

</div>

<script>
  // give a space between items in textarea(',' => ', ')
  for (var i = 0; i < $('textarea.xss-list').length; i++) {
    $($('textarea.xss-list')[i]).val($($('textarea.xss-list')[i]).val().replace(/,/g, ', '));
  };

  $('input[name="markdownSetting[markdown:xss:isEnabledPrevention]"]').change(function() {
    if ($(this).val() === 'true') {
      $('#xss-hide-when-disabled').slideDown();
    }
    else {
      $('#xss-hide-when-disabled').slideUp();
    }
  });

  $('#btn-import-tags').on('click', () => {
    var $tagWhiteList = $('textarea[name="markdownSetting[markdown:xss:tagWhiteList]"]');
    var $recommendedTagList = $('textarea[name="recommendedTags"]');
    $tagWhiteList.val($recommendedTagList.val());
  });
  $('#btn-import-attrs').on('click', () => {
    var $attrWhiteList = $('textarea[name="markdownSetting[markdown:xss:attrWhiteList]"]');
    var $recommendedAttrList = $('textarea[name="recommendedAttrs"]');
    $attrWhiteList.val($recommendedAttrList.val());
  });
</script>
{% endblock content_main %}

{% block content_footer %}
{% endblock content_footer %}