diff --git a/README b/README index 726ef165af..4a8aba104e 100644 --- a/README +++ b/README @@ -1148,6 +1148,9 @@ ssl: Whether to use SSL for JavaScript files. Default is null, which means sslserver: SSL server to use when page is HTTPS-encrypted. If unspecified, site ssl server and so on will be used. sslpath: If sslserver if defined, path to use when page is HTTPS-encrypted. +bustframes: If true, all web pages will break out of framesets. If false, + can comfortably live in a frame or iframe... probably. Default + to true. xmpp ---- diff --git a/lib/action.php b/lib/action.php index 173e2c2a58..fef4259264 100644 --- a/lib/action.php +++ b/lib/action.php @@ -298,7 +298,9 @@ class Action extends HTMLOutputter // lawsuit $this->script('util.min.js'); $this->showScriptMessages(); // Frame-busting code to avoid clickjacking attacks. - $this->inlineScript('if (window.top !== window.self) { window.top.location.href = window.self.location.href; }'); + if (common_config('javascript', 'bustframes')) { + $this->inlineScript('if (window.top !== window.self) { window.top.location.href = window.self.location.href; }'); + } Event::handle('EndShowStatusNetScripts', array($this)); Event::handle('EndShowLaconicaScripts', array($this)); } diff --git a/lib/default.php b/lib/default.php index 124c90c998..c1dfcbc87d 100644 --- a/lib/default.php +++ b/lib/default.php @@ -154,7 +154,8 @@ $default = 'javascript' => array('server' => null, 'path'=> null, - 'ssl' => null), + 'ssl' => null, + 'bustframes' => true), 'local' => // To override path/server for themes in 'local' dir (not currently applied to local plugins) array('server' => null, 'dir' => null, diff --git a/lib/noticesection.php b/lib/noticesection.php index 7157feafc5..ceb0bb36f8 100644 --- a/lib/noticesection.php +++ b/lib/noticesection.php @@ -39,6 +39,8 @@ define('NOTICES_PER_SECTION', 6); * These are the widgets that show interesting data about a person * group, or site. * + * @todo migrate this to use a variant of NoticeList + * * @category Widget * @package StatusNet * @author Evan Prodromou @@ -97,38 +99,14 @@ class NoticeSection extends Section $this->out->elementStart('p', 'entry-content'); $this->out->raw($notice->rendered); - - $notice_link_cfg = common_config('site', 'notice_link'); - if ('direct' === $notice_link_cfg) { - $this->out->text(' ('); - $this->out->element('a', array('href' => $notice->uri), 'see'); - $this->out->text(')'); - } elseif ('attachment' === $notice_link_cfg) { - if ($count = $notice->hasAttachments()) { - // link to attachment(s) pages - if (1 === $count) { - $f2p = File_to_post::staticGet('post_id', $notice->id); - $href = common_local_url('attachment', array('attachment' => $f2p->file_id)); - $att_class = 'attachment'; - } else { - $href = common_local_url('attachments', array('notice' => $notice->id)); - $att_class = 'attachments'; - } - - $clip = Theme::path('images/icons/clip.png', 'base'); - $this->out->elementStart('a', array('class' => $att_class, 'style' => "font-style: italic;", 'href' => $href, 'title' => "# of attachments: $count")); - $this->out->raw(" ($count "); - $this->out->element('img', array('style' => 'display: inline', 'align' => 'top', 'width' => 20, 'height' => 20, 'src' => $clip, 'alt' => 'alt')); - $this->out->text(')'); - $this->out->elementEnd('a'); - } else { - $this->out->text(' ('); - $this->out->element('a', array('href' => $notice->uri), 'see'); - $this->out->text(')'); - } - } - $this->out->elementEnd('p'); + + $this->out->elementStart('div', 'entry_content'); + get_class('NoticeList'); + $nli = new NoticeListItem($notice, $this->out); + $nli->showNoticeLink(); + $this->out->elementEnd('div'); + if (!empty($notice->value)) { $this->out->elementStart('p'); $this->out->text($notice->value);