fix jinja2 rendering for password protected notebooks

This commit is contained in:
Cameron Bates 2012-12-17 16:33:54 -08:00
parent 6de923fb95
commit cbe76aaf9b
3 changed files with 19 additions and 18 deletions

View File

@ -29,6 +29,7 @@ import time
import uuid
import os
import tornado
from tornado import web
from tornado import websocket
@ -225,7 +226,7 @@ class LoginHandler(AuthenticatedHandler):
def _render(self, message=None):
template = self.application.jinja2_env.get_template('login.html')
self.write( template.render(
next=self.get_argument('next', default=self.application.ipython_app.base_project_url),
next=tornado.escape.url_escape(self.get_argument('next', default=self.application.ipython_app.base_project_url)),
read_only=self.read_only,
logged_in=self.logged_in,
login_available=self.login_available,

View File

@ -1,14 +1,14 @@
{% extends page.html %}
{% extends "page.html" %}
{% block stylesheet %}
<link rel="stylesheet" href="{{static_url("css/login.css") }}" type="text/css"/>
{% end %}
{% endblock %}
{% block login_widget %}
{% end %}
{% endblock %}
{% block site %}
@ -16,27 +16,27 @@
<div id="main_app">
{% if login_available %}
<form action="{{base_project_url}}login?next={{url_escape(next)}}" method="post">
<form action="{{base_project_url}}login?next={{next}}" method="post">
Password: <input type="password" class='ui-widget ui-widget-content' name="password" id="password_input">
<input type="submit" value="Log in" id="login_submit">
</form>
{% end %}
{% endif %}
{% if message %}
{% for key in message %}
<div class="message {{key}}">
{{message[key]}}
</div>
{% end %}
{% end %}
{% endfor %}
{% endif %}
<div/>
{% end %}
{% endblock %}
{% block script %}
<script src="{{static_url("js/loginmain.js") }}" type="text/javascript" charset="utf-8"></script>
{% end %}
{% endblock %}

View File

@ -1,14 +1,14 @@
{% extends page.html %}
{% extends "page.html" %}
{% block stylesheet %}
<link rel="stylesheet" href="{{static_url("css/logout.css") }}" type="text/css"/>
{% end %}
{% endblock %}
{% block login_widget %}
{% end %}
{% endblock %}
{% block site %}
@ -19,22 +19,22 @@
<div class="message {{key}}">
{{message[key]}}
</div>
{% end %}
{% end %}
{% endfor %}
{% endif %}
{% if read_only or not login_available %}
Proceed to the <a href="{{base_project_url}}">dashboard</a>.
{% else %}
Proceed to the <a href="{{base_project_url}}login">login page</a>.
{% end %}
{% endif %}
<div/>
{% end %}
{% endblock %}
{% block script %}
<script src="{{static_url("js/logoutmain.js") }}" type="text/javascript" charset="utf-8"></script>
{% end %}
{% endblock %}