Removes the following fields from the tracker
config:
- `name`, which was erroring due to it
including a `.`
- `displayFeaturesTask` which seems to be
deprecated
Also refactors the `create` command to put all
fields into the options parameter, as shown in the
developer docs:
https://developers.google.com/analytics/devguides/collection/analyticsjs/creating-trackers
service contact blocks contain new lines - and jinja2 normally ignores
newlines (as in it keeps them as new lines) - but we need to turn them
into `<br>` tags so that we can show the formatting that the user has
added. We were previously just doing `{{ block | nl2br | safe }}`. nl2br
turns the new lines into `<br>` tags, and then `safe` tells jinja that
it doesn't need to escape the html.
this causes issues if the user adds `<script>alert(1)</script>` to their
contact block (or some other evil xss hack), where that will get let
through due to the safe flag
To solve this, use `Markup(html='escape')` to sanitise any html, and
then convert new lines to <br>.
bump utils
another xss
we all run 3.6 locally, we test against 3.6 both locally and on
concourse, and the latest version of openpyxl (required by
pyexcel-xlsx) doesn't support 3.5 anymore
The too many pages error was being returned when the file couldn’t be
read. This commit corrects the error message, and adds a test to make
sure this case is covered.
The API response for jobs includes a field called `job_status`. The API
response for uploads doesn’t.
The `Job` mode handles uploads and jobs, so it needs to account for the
possibility of the field not being there.
app/assets/javascripts/errorTracking.js sent
events to `window.ga`.
This extends the API of `window.GOVUK.Analytics`
to include support for sending events so all
calls to `window.ga` can use it instead of direct
access.
This use of `window.ga` was missed from the
initial work on `window.GOVUK.Anaytics`.
It looks like a link so its semantics should
identify it as one.
This can effect users of speech recognition
software, in scenarios where they instruct it to
click an element which looks like one thing but
the software can only identify as something else.
