diff --git a/cloud/routes.py b/cloud/routes.py index 7509d17..9128049 100644 --- a/cloud/routes.py +++ b/cloud/routes.py @@ -62,15 +62,6 @@ def _homepage_context() -> dict: post.picture = get_file(post.picture, api=api) post.url = url_for_node(node=post) - # Render attachments - try: - post_contents = post['properties']['content'] - except KeyError: - log.warning('Blog post %s has no content', post._id) - else: - post['properties']['content'] = pillar.web.nodes.attachments.render_attachments( - post, post_contents) - # Get latest assets added to any project latest_assets = Node.latest('assets', api=api) diff --git a/src/templates/layout.pug b/src/templates/layout.pug index 08942cc..239f1d5 100644 --- a/src/templates/layout.pug +++ b/src/templates/layout.pug @@ -32,8 +32,7 @@ html(lang="en") script(src="{{ url_for('static_pillar', filename='assets/js/vendor/jquery-3.1.0.min.js')}}") script(src="{{ url_for('static_pillar', filename='assets/js/vendor/jquery.typeahead-0.11.1.min.js')}}") script(src="{{ url_for('static_pillar', filename='assets/js/vendor/js.cookie-2.0.3.min.js')}}") - - script. + script(src="{{ url_for('static_pillar', filename='assets/js/vendor/clipboard.min.js')}}") | {% if current_user.has_cap('subscriber') %} | {# Only load if we can comment (for converting markdown as-we-type) #} @@ -322,6 +321,20 @@ html(lang="en") script(src="{{ url_for('static_pillar', filename='assets/js/vendor/jquery.bootstrap-3.3.7.min.js') }}") + | {% if current_user.is_authenticated %} + script(src="{{ url_for('static_pillar', filename='assets/js/vendor/jquery.typewatch-3.0.0.min.js') }}") + script. + // When sending an AJAX request, always add the X-CSRFToken header to it. + var csrf_token = "{{ csrf_token() }}"; + $.ajaxSetup({ + beforeSend: function (xhr, settings) { + if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) { + xhr.setRequestHeader("X-CSRFToken", csrf_token); + } + } + }); + | {% endif %} + script. $(document).ready(function() { {% if current_user.is_authenticated %}