Improved HTML sandbox page

This commit is contained in:
Jan Böhmer 2026-02-24 22:53:50 +01:00
parent a1fd3199d6
commit 628f794b37
2 changed files with 17 additions and 2 deletions

View file

@ -4,8 +4,10 @@
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link rel="icon" href="data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'><text y='.9em' font-size='90'>️⚠️️</text></svg>">
{# The content block is already escaped. so we must not escape it again. #} {# The content block is already escaped. so we must not escape it again. #}
<title></title> <title>{% trans %}attachment.sandbox.title{% endtrans %}: {{ attachment.filename }}</title>
<style> <style>
/* Reset margins and stop the page from scrolling */ /* Reset margins and stop the page from scrolling */
@ -54,7 +56,8 @@
<br> <br>
<small> <small>
{% trans%}[Attachment]{% endtrans%}: {{ attachment.name }} / {{ attachment.filename ?? "" }} ({% trans%}id.label{% endtrans %}: {{ attachment.id }}) {% trans%}[Attachment]{% endtrans%}: <b>{{ attachment.name }}</b> / <b>{{ attachment.filename ?? "" }}</b> ({% trans%}id.label{% endtrans %}: {{ attachment.id }})
<a href="{{ path("attachment_view", {id: attachment.id}) }}" style="color: white; margin-left: 15px;">{% trans%}attachment.sandbox.as_plain_text{% endtrans %}</a>
<a href="{{ path("homepage") }}" style="color: white; margin-left: 15px;">{% trans%}attachment.sandbox.back_to_partdb{% endtrans %}</a> <a href="{{ path("homepage") }}" style="color: white; margin-left: 15px;">{% trans%}attachment.sandbox.back_to_partdb{% endtrans %}</a>
</small> </small>
</header> </header>

View file

@ -12617,5 +12617,17 @@ Buerklin-API Authentication server:
<target>⚠️ When enabled, user uploaded HTML attachments can be viewed directly in the browser. Many potential malicious functions are restricted, still this is a potential security risk and should only be enabled, if you trust the users who can upload files.</target> <target>⚠️ When enabled, user uploaded HTML attachments can be viewed directly in the browser. Many potential malicious functions are restricted, still this is a potential security risk and should only be enabled, if you trust the users who can upload files.</target>
</segment> </segment>
</unit> </unit>
<unit id="BQo2xWi" name="attachment.sandbox.title">
<segment>
<source>attachment.sandbox.title</source>
<target>HTML [Attachment]</target>
</segment>
</unit>
<unit id="sJ6v9uJ" name="attachment.sandbox.as_plain_text">
<segment>
<source>attachment.sandbox.as_plain_text</source>
<target>View as plain text</target>
</segment>
</unit>
</file> </file>
</xliff> </xliff>