Open fabiocaccamo opened 4 months ago
Clicking the link, the url is loaded in the modal window:
https://mysite.com/admin/myapp/mymodel/?_popup=1&_modal=347257
It returns a 302
and then the final url becomes:
https://mysite.com/admin/myapp/mymodel/?e=1
The problem is that django, for security reasons filters out unexpected query-string parameters, and in this case the _modal
parameter gets appended here just for app specific needs (only if it's not a lookup):
https://github.com/fabiocaccamo/django-admin-interface/blob/main/admin_interface/static/admin_interface/related-modal/related-modal.js#L60
This behavior, although very useful, is also very limiting in case you want to load custom pages in modal windows and use custom query-string parameters for specific needs.
@merwok do you have any ideas on how this problem could be solved/avoided?
Not sure I understand the comment in related-modal.js
«Browsers stop loading nested iframes with same src» (same as origin page I suppose?) – but why would they be the same? The main page does not have ?_popup=1
.
@merwok I don't remember well the nested modals open on the same url issue. Btw, the problem is that if there are custom query-string params it doesn't work correctly.
Python version
3.11
Django version
4.2.9
Package version
0.28.6
Current behavior (bug description) When opening a custom modal window (just adding
_popup=1
suffix to the url), the resulting modal window content includes the admin site header.Expected behavior The resulting modal window content must not include the admin site header.
Upvote & Fund