instiki/app/views/layouts/default.rhtml
Jacques Distler 267f4a51fc Don't escape web.additional_style
Reported by Andrew Stacey
2010-07-21 09:39:18 -05:00

85 lines
3.1 KiB
Plaintext

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1 plus MathML 2.0 plus SVG 1.1//EN" "http://www.w3.org/2002/04/xhtml-math-svg/xhtml-math-svg-flat.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>
<%- if @page and (@page.name == 'HomePage') and (%w( show published print ).include?(params['action'])) -%>
<%= h(@web.name) + (@show_diff ? ' (changes)' : '') %>
<%- elsif @web -%>
<%= @title %> in <%= h @web.name %>
<%- else -%>
<%= @title %>
<%- end -%>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="robots" content="<%= @robots_metatag_value %>" />
<%= javascript_include_tag 'page_helper' %>
<%= stylesheet_link_tag 'instiki', :media => 'all' unless @inline_style %>
<%= stylesheet_link_tag 'syntax', :media => 'all' unless @inline_style %>
<style type="text/css">
h1#pageName, div.info, .newWikiWord a, a.existingWikiWord, .newWikiWord a:hover, [actiontype="toggle"]:hover, #TextileHelp h3 {
color: #<%= @web ? @web.color : "393" %>;
}
a:visited.existingWikiWord {
color: #<%= darken(@web ? @web.color : "393") %>;
}
<%= Rails.root.join('public', 'stylesheets', 'instiki.css').read if @inline_style %>
<%= Rails.root.join('public', 'stylesheets', 'syntax.css').read if @inline_style %>
</style>
<%= "<style type='text/css'>#{@style_additions}</style>" if @style_additions %>
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
<%= @web ? @web.additional_style.html_safe : '' %>
/*]]>*/--></style>
<%= javascript_include_tag :defaults %>
<%- if @web -%>
<%= auto_discovery_link_tag(:atom, {:controller => 'wiki', :web => @web.address, :action => 'atom_with_headlines'},
:title => 'Atom with headlines') %>
<%= auto_discovery_link_tag(:atom, {:controller => 'wiki', :web => @web.address, :action => 'atom_with_content'},
:title => 'Atom with full content') %>
<%- end -%>
</head>
<body>
<div id="Container">
<div id="Content">
<h1 id="pageName">
<%= render(:file => 'svg_logo') if xhtml_enabled? %>
<%- if @page and (@page.name == 'HomePage') and %w( show published print ).include?(@action_name) -%>
<%= h(@web.name) + (@show_diff ? ' (changes)' : '') %>
<%- elsif @web -%>
<span class="webName"><%= @web.name %></span><br />
<%= @title %>
<%- else -%>
<%= @title %>
<%- end %>
</h1>
<%= render(:file => 'navigation') unless @web.nil? || @hide_navigation %>
<%- if flash[:info] -%>
<div class="info"><%= escape_preserving_linefeeds flash[:info] %></div>
<%- end -%>
<%- if @error or flash[:error] -%>
<div class="errorExplanation"><%= escape_preserving_linefeeds(@error || flash[:error]) %></div>
<%- end -%>
<%= @content_for_layout %>
<%- if @show_footer -%>
<div id="footer">
<div>This site is running on <a href="http://golem.ph.utexas.edu/instiki/show/HomePage">Instiki <%= "#{Instiki::VERSION::STRING}" %></a></div>
<div>Powered by <a href="http://rubyonrails.com/">Ruby on Rails</a> <%= "#{Rails::VERSION::STRING}" %></div>
</div>
<%- end -%>
</div> <!-- Content -->
</div> <!-- Container -->
</body>
</html>