b86e139bdd
- Replace Google Fonts with system font stacks across all themes - Add Referrer-Policy, X-Content-Type-Options, X-Frame-Options, CSP headers - Add rel="noreferrer noopener" on all outbound links - Add no-referrer and dns-prefetch-control meta tags to all themes - Clean tracking params on outbound links from trusted/remote sources - Remove Google domains from CSP whitelists Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
32 lines
1.1 KiB
Python
32 lines
1.1 KiB
Python
import html
|
|
from db import get_setting
|
|
|
|
|
|
def esc(s):
|
|
return html.escape(str(s))
|
|
|
|
|
|
|
|
DEFAULT_TEMPLATE = "<html>\n<head>\n<meta name=\"referrer\" content=\"no-referrer\">\n<meta http-equiv=\"x-dns-prefetch-control\" content=\"off\">\n</head>\n<body>\n{{content}}\n</body>\n</html>"
|
|
|
|
|
|
def _default_template():
|
|
name = esc(get_setting("site_name", "tinyweb"))
|
|
return (
|
|
'<html>\n<head>\n<meta name="referrer" content="no-referrer">\n<meta http-equiv="x-dns-prefetch-control" content="off">\n</head>\n<body>\n'
|
|
f'<p><b><a href="/">{name}</a></b>'
|
|
' | <a href="/">search</a> | <a href="/pages">browse</a>'
|
|
' | <a href="/tags">tags</a> | <a href="/subscriptions">subscriptions</a>'
|
|
' | <a href="/style">customize</a> | <a href="/about">about</a></p>\n'
|
|
"<hr>\n{{content}}\n</body>\n</html>"
|
|
)
|
|
|
|
|
|
def wrap_page(body_html, use_default=False):
|
|
if use_default:
|
|
template = _default_template()
|
|
else:
|
|
template = get_setting("custom_template") or _default_template()
|
|
if "{{content}}" not in template:
|
|
template = _default_template()
|
|
return template.replace("{{content}}", body_html)
|