When a user try to create a new page info, he is redirected
to the /page/info because the xmlid already exists...
The problem is that this view need to be rendered via the
controller /website/info which gives some extra values (version, ...)
The fix for v8 is to redirect /page/info to /website/info.
In V9, the behavior is changed and one page info-1 will be created.
But this fix is also required for direct access to /page/info.
To do in master: maybe use another xml_id that this basic name 'info'?
This commit fix issue #8022
Steps to reproduce:
-go to runbot 8.0 and connect
-go into human ressources/job positions
-pass into list view and click on the first item
-click on the url to open this record into the website (website_published)
-go back (back into the browser)
-you're now into the form view again and then next step is to click on the button
"next" to access the following record
-click on the url of website_published
Before the fix:
wrong record, this is the previous one that is into the href
After the fix:
correct record with the correct id into the href
Closes#11800
opw:675832
This is very unlikely to be exploitable because the
alt-field usually comes from master data (e.g. product
names) that can't be injected.
Courtesy of Naglis Jonaitis
request.website.get_languages returns a list of tuple in the form:
(`language code`, `language name`)
With this commit the code first check if there is a language exactly
matching, and only if failed check if there is a match on the short
form.
closes#11613
opw-672412
The alternate languages links set in the page `<head>`
were not translated in each language, but within the language
the user is browsing the website.
This leaded to SEO referencing issues, as these links leaded
to (30x) redirections if followed, to translate the URL slug
within the new current language.
e.g.
`/fr_FR/shop/product/bose-mini-bluetooth-speaker-7`
automatically redirected to
`/fr_FR/shop/product/mini-haut-parleur-bluetooth-bose-7`
And it was the first link which was displayed as alternate link
when being in another language than French, while it should
be the second (to avoid the useless redirection).
opw-669979
Checking url_list for duplicates is O(n).
Use url_set instead of url_list to improve to O(1).
Otherwise sitemap generation even for a million products will never finish.
Close#11106
Iterator was consuming the first 45k records.
So don't need to specify an offset, because that will ignore the next 45k.
Eg: if step of 5, and range(1,13),
it will only use [1, 2, 3, 4, 5, 11, 12, 13]
Cherry-pick/backport of de8296c3a86da5e4ae35edcdb563d317dac32e76
Route with method="['POST']" should not appear in sitemap
This code had never works.
rule.method is not the list of methods declared on the endpoint but "the HTTP
method for the rule if there are different URLs for different methods on
the same endpoint" (src http://werkzeug.pocoo.org/docs/0.11/routing/)
The new code uses the method declared on endpoint and so will avoid to add
endpoint with method declared and wich doesn't support GET.
If anybody adds a new modal in the `then()` part of the promise, without
this code, all `.modal-backdrop` elements will be deleted, and further
dialogs will not be modal; with this, only the current modal's backdrop
will be deleted.
Unsetting the URL of the menu `Home`,
in Settings > Configuration > Website Settings > Configure Website,
leaded to the unavailability of the website.
opw-657572
The attribute `data-oe-*` (`data-oe-id`, `data-oe-model`, ...)
must not be added when rendering the assets, to avoid
having different assets content,
e.g. a different content for the assets_common,
according if the user is signed in or not,
if the user can edit the website or not.
A different content for an assets according to the
users rights or the user being signed in or not means
that the assets are permanently re-written in the filestore,
which is against the point of the assets.
The content of the assets (assets_common) must not be
different from time to time, it must always be the same
(except when installing a new module, obviously).
Adding the `data-oe` attributes was pointless for the assets
anyway, and prevented having an identical content all
the time, therefore rewritting the assets all the time
in the filestore.
opw-657046