Git Repo Viewer
git.user254.kr/gitiles/afab7521593863a95d52b5b152c6c85ff25c16e4^!/.
commit
afab7521593863a95d52b5b152c6c85ff25c16e4
[log] [tgz]
author
Dave Borowitz <[email protected]>
Thu Nov 19 13:45:13 2015 -0500
committer
Dave Borowitz <[email protected]>
Thu Nov 19 13:48:42 2015 -0500
tree
1762075702b147e3a03a1b458b134bbdda6cf418
parent
bb1e693206992c8dfdb1b49ea2da1c0746236fab [diff]
Remove dynamic JS loading from header template

This was used when we did client-side rendering with prettify.js,
since we wanted to load that JS file only on file views that required
prettification. Since that moved to the server side, this variable is
now unused.

Long-term, Soy team would like to remove the ability to load scripts
from variables due to XSS risk.

Change-Id: Ic27fc8959a36d8f6d5a9a4d4aa6a57866f741d6c

diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
index 97b5786..2a7ba40 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy

@@ -24,7 +24,6 @@
  * @param? headerVariant variant name for custom header.
  * @param breadcrumbs navigation breadcrumbs for this page.
  * @param? css optional list of CSS URLs to include.
- * @param? js optional list of Javascript URLs to include.
  * @param? containerClass optional class to append to the main container.
  */
 {template .header}
@@ -46,12 +45,6 @@
       <link rel="stylesheet" type="text/css" href="{$url}">
     {/foreach}
   {/if}
-
-  {if $js and length($js)}
-    {foreach $url in $js}
-      <script src="{$url}"></script>
-    {/foreach}
-  {/if}
 </head>
 <body class="Site">
   <header class="Site-header">