fix(portal): account summary sort dropdown — drop inline JS for CSP safety

The inline 'onchange=\"window.location.href = this.value\"' attribute on
the sort <select> is the only inline-JS handler in the project's QWeb
templates. Under a strict Content-Security-Policy (script-src 'self')
the handler silently fails, leaving the sort dropdown dead. Replace
with a tiny vanilla-JS file (fp_portal_account_summary.js) that attaches
the listener via class selector .o_fp_sort_select inside the Account
Summary page.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
gsinghpal
2026-05-17 14:23:01 -04:00
parent 77b84ac11b
commit cdc47554ed
3 changed files with 27 additions and 2 deletions

View File

@@ -83,6 +83,7 @@ Copyright (c) 2026 Nexa Systems Inc. All rights reserved.
'fusion_plating_portal/static/src/scss/fusion_plating_portal.scss',
'fusion_plating_portal/static/src/js/fp_rfq_form.js',
'fusion_plating_portal/static/src/js/fp_portal_sidebar.js', # NEW — Task 5
'fusion_plating_portal/static/src/js/fp_portal_account_summary.js', # NEW — Task 10 fix
],
},
'demo': [