Related modal window includes the header.

[fabiocaccamo]

Python version 3.11

Django version 4.2.9

Package version 0.28.6

Current behavior (bug description) When opening a custom modal window (just adding _popup=1 suffix to the url), the resulting modal window content includes the admin site header.

Expected behavior The resulting modal window content must not include the admin site header.

Upvote & Fund

• We're using Polar.sh so you can upvote and help fund this issue.
• We receive the funding once the issue is completed & confirmed by you.
• Thank you in advance for helping prioritize & fund our backlog.

[fabiocaccamo]

Investigating what is happening

Clicking the link, the url is loaded in the modal window: https://mysite.com/admin/myapp/mymodel/?_popup=1&_modal=347257

It returns a 302 and then the final url becomes: https://mysite.com/admin/myapp/mymodel/?e=1

The problem is that django, for security reasons filters out unexpected query-string parameters, and in this case the _modal parameter gets appended here just for app specific needs (only if it's not a lookup): https://github.com/fabiocaccamo/django-admin-interface/blob/main/admin_interface/static/admin_interface/related-modal/related-modal.js#L60

---

This behavior, although very useful, is also very limiting in case you want to load custom pages in modal windows and use custom query-string parameters for specific needs.

[fabiocaccamo]

@merwok do you have any ideas on how this problem could be solved/avoided?

[merwok]

Not sure I understand the comment in related-modal.js

«Browsers stop loading nested iframes with same src» (same as origin page I suppose?) – but why would they be the same? The main page does not have ?_popup=1.

[fabiocaccamo]

@merwok I don't remember well the nested modals open on the same url issue. Btw, the problem is that if there are custom query-string params it doesn't work correctly.