Commits

Luke Plant  committed 2978475 Merge

Merged from default

  • Participants
  • Parent commits 88c110d, d025dd4
  • Branches live

Comments (0)

Files changed (3)

File cciw/cciwmain/common.py

 """
 Utility functions and base classes that are common to all views etc.
 """
-from cciw.cciwmain.utils import python_to_json
+import datetime
+import re
+import urllib
+
 from django.conf import settings
 from django.contrib.sites.models import Site
 from django.core.urlresolvers import reverse
 from django.utils.safestring import mark_safe
 from django.views.generic.edit import FormView
 from django.views.generic.list import ListView
+
+from cciw.cciwmain.utils import python_to_json
 import cciw.middleware.threadlocals as threadlocals
-import datetime
-import re
-import urllib
 
 
 # CBV baseclass functionality
         _thisyear_timestamp = datetime.datetime.now()
     return _thisyear
 
+
 def standard_subs(value):
     """Standard substitutions made on HTML content"""
     return value.replace('{{thisyear}}', str(get_thisyear()))\
                 .replace('{{static}}', settings.STATIC_URL)
 standard_subs.is_safe = True # provided our substitutions don't introduce anything that must be escaped
 
+
 def get_order_option(order_options, request, default_order_by):
     """Get the order_by parameter from the request, if the request
     contains any of the specified ordering parameters in the query string.
         order_by = default_order_by
     return order_by
 
+
 def create_breadcrumb(links):
     return mark_safe(u" :: ".join(links))
 
+
 def standard_processor(request):
     """
     Processor that does standard processing of request that we need for all

File cciw/cciwmain/models/sitecontent.py

 from django.db import models
 from django.contrib.admin.views.main import quote
 from django.utils.safestring import mark_safe
-import cciw.cciwmain.common
+from cciw.cciwmain.common import standard_subs
 import cciw.middleware.threadlocals as threadlocals
 
 class MenuLink(models.Model):
         related_name="child_links")
 
     def __unicode__(self):
-        from cciw.cciwmain.common import standard_subs
         return  u"%s [%s]" % (self.url, standard_subs(self.title))
 
     def get_visible_children(self, request):
     def render(self, request):
         """Render the HTML chunk as HTML, with replacements
         made and any member specific adjustments."""
-        html = cciw.cciwmain.common.standard_subs(self.html)
+        html = standard_subs(self.html)
         user = threadlocals.get_current_user()
         if user and not user.is_anonymous() and user.is_staff \
             and user.has_perm('cciwmain.change_htmlchunk'):

File cciw/settings.py

 #    (DEVBOX,     "debug_toolbar.middleware.DebugToolbarMiddleware"),
     (DEVBOX,     "output_validator.middleware.ValidatorMiddleware"),
     (True,       'django.middleware.csrf.CsrfViewMiddleware'),
+    (True,       'django.middleware.clickjacking.XFrameOptionsMiddleware'),
     (True,       "django.contrib.sessions.middleware.SessionMiddleware"),
     (True,       "django.contrib.messages.middleware.MessageMiddleware"),
     (True,       "django.contrib.auth.middleware.AuthenticationMiddleware"),