mirror of
https://github.com/spring-projects/spring-petclinic.git
synced 2025-05-30 07:09:38 +00:00
Ensure fragment for menu items is not itself rendered
Formerly there was a "ghost" menu item with no text and no icon because Thymeleaf had not been instructed to remove the fragment definition. This change tidies that up and also removes the use of the "path" variable, which Thymeleaf populates from the current request context, and poses a potential security threat as a result (if users type malicious characters in the URL).
This commit is contained in:
Dave Syer
parent
d173555056
commit
07b9d5aa45
1 changed files with 73 additions and 63 deletions
|
|
@ -1,9 +1,9 @@
|
||||||
<!doctype html>
|
<!doctype html>
|
||||||
<html th:fragment="layout (template, menu)">
|
<html th:fragment="layout (template, menu)">
|
||||||
|
|
||||||
<head>
|
<head>
|
||||||
|
|
||||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8">
|
||||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
|
@ -17,9 +17,9 @@
|
||||||
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
|
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|
||||||
<link rel="stylesheet" th:href="@{/resources/css/petclinic.css}"/>
|
<link rel="stylesheet" th:href="@{/resources/css/petclinic.css}" />
|
||||||
|
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
<body>
|
<body>
|
||||||
|
|
||||||
|
|
@ -28,22 +28,31 @@
|
||||||
<div class="navbar-header">
|
<div class="navbar-header">
|
||||||
<a class="navbar-brand" th:href="@{/}"><span></span></a>
|
<a class="navbar-brand" th:href="@{/}"><span></span></a>
|
||||||
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navbar">
|
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navbar">
|
||||||
<span class="sr-only"><os-p>Toggle navigation</os-p></span>
|
<span class="sr-only">
|
||||||
|
<os-p>Toggle navigation</os-p>
|
||||||
|
</span>
|
||||||
<span class="icon-bar"></span>
|
<span class="icon-bar"></span>
|
||||||
<span class="icon-bar"></span>
|
<span class="icon-bar"></span>
|
||||||
<span class="icon-bar"></span>
|
<span class="icon-bar"></span>
|
||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
<div class="navbar-collapse collapse" id="main-navbar">
|
<div class="navbar-collapse collapse" id="main-navbar">
|
||||||
<ul class="nav navbar-nav navbar-right">
|
|
||||||
|
|
||||||
<li th:fragment="menuItem (path,active,title,glyph,text)" class="active" th:class="${active==menu ? 'active' : ''}">
|
<ul class="nav navbar-nav navbar-right" th:remove="all">
|
||||||
<a th:href="@{__${path}__}" th:title="${title}">
|
|
||||||
<span th:class="'glyphicon glyphicon-'+${glyph}" class="glyphicon glyphicon-home" aria-hidden="true"></span>
|
<li th:fragment="menuItem (link,active,title,glyph,text)" class="active"
|
||||||
|
th:class="${active==menu ? 'active' : ''}">
|
||||||
|
<a th:href="@{__${link}__}" th:title="${title}">
|
||||||
|
<span th:class="'glyphicon glyphicon-'+${glyph}" class="glyphicon glyphicon-home"
|
||||||
|
aria-hidden="true"></span>
|
||||||
<span th:text="${text}">Template</span>
|
<span th:text="${text}">Template</span>
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<ul class="nav navbar-nav navbar-right">
|
||||||
|
|
||||||
<li th:replace="::menuItem ('/','home','home page','home','Home')">
|
<li th:replace="::menuItem ('/','home','home page','home','Home')">
|
||||||
<span class="glyphicon glyphicon-home" aria-hidden="true"></span>
|
<span class="glyphicon glyphicon-home" aria-hidden="true"></span>
|
||||||
<span>Home</span>
|
<span>Home</span>
|
||||||
|
|
@ -59,7 +68,8 @@
|
||||||
<span>Veterinarians</span>
|
<span>Veterinarians</span>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li th:replace="::menuItem ('/oups','error','trigger a RuntimeException to see how it is handled','warning-sign','Error')">
|
<li
|
||||||
|
th:replace="::menuItem ('/oups','error','trigger a RuntimeException to see how it is handled','warning-sign','Error')">
|
||||||
<span class="glyphicon glyphicon-warning-sign" aria-hidden="true"></span>
|
<span class="glyphicon glyphicon-warning-sign" aria-hidden="true"></span>
|
||||||
<span>Error</span>
|
<span>Error</span>
|
||||||
</li>
|
</li>
|
||||||
|
|
@ -71,15 +81,15 @@
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
<div class="container xd-container">
|
<div class="container xd-container">
|
||||||
|
|
||||||
<th:block th:include="${template}"/>
|
<th:block th:include="${template}" />
|
||||||
|
|
||||||
<br/>
|
<br />
|
||||||
<br/>
|
<br />
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-12 text-center">
|
<div class="col-12 text-center">
|
||||||
<img src="../static/resources/images/spring-pivotal-logo.png" th:src="@{/resources/images/spring-pivotal-logo.png}"
|
<img src="../static/resources/images/spring-pivotal-logo.png"
|
||||||
alt="Sponsored by Pivotal"/></div>
|
th:src="@{/resources/images/spring-pivotal-logo.png}" alt="Sponsored by Pivotal" /></div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue