Go to file

Jezen Thomas d385ada853 Move JavaScript form submission to script block If someone wants their website to score a good grade on a security vulnerability scanner like Mozilla Observatory, they will need to enable the Content Security Policy header. When using CSP, it is possible to explicitly allow inline JavaScript in `<script>` tags by specifying the sha256 of the snippet. However the same is _not_ true of any JavaScript included in a HTML attribute like `onload`. This changes moves the JavaScript form submission out of the `onload` HTML attribute and into a `<script>` tag so the user can add the hash of this script to their explicitly-allowed `script-src` list, and they can avoid using undesirable CSP rules like `unsafe-inline`. Without explicitly allowing this script when using CSP, the script would fail and the user would have to click the button to continue.		2019-08-19 20:56:00 +02:00
.azure	Skip lts-9 on Windows (needs more extra-deps)	2019-04-30 04:53:14 +03:00
.github	stack list-dependencies is deprecated	2018-06-06 20:39:56 +05:30
demo	Added an example with email auth and an ses mailer	2015-12-05 20:21:38 -07:00
yesod	deleted: unneed cabal build-depends by weeder	2018-06-09 13:15:21 +09:00
yesod-auth	Remove comma from <form> tag	2019-06-18 01:56:32 +02:00
yesod-auth-oauth	Fix typo in deprecation message	2018-12-27 17:31:58 -08:00
yesod-bin	Relax upper bound (fixes #1566 )	2018-12-19 08:28:07 +02:00
yesod-core	Move JavaScript form submission to script block	2019-08-19 20:56:00 +02:00
yesod-eventsource	deleted: unneed cabal build-depends by weeder	2018-06-09 13:15:21 +09:00
yesod-form	Implement mreq in terms of mreqMsg	2019-07-18 13:56:19 +03:00
yesod-form-multi	Added Multi Input Form Functionality (#1601 )	2019-08-16 04:30:20 +01:00
yesod-newsfeed	Version bumps and changelog updates	2018-01-15 15:57:36 +02:00
yesod-persistent	Add support for persistent 2.10	2019-04-22 08:46:21 +03:00
yesod-sitemap	deleted: unneed cabal build-depends by weeder	2018-06-09 13:15:21 +09:00
yesod-static	Strip CRs for Windows testing	2019-04-30 07:03:22 +03:00
yesod-test	Update ChangeLog	2019-04-30 11:33:32 +03:00
yesod-websockets	Version bump	2019-05-21 12:10:03 -04:00
.gitignore	Ignore stack.yaml.lock	2019-07-06 14:22:32 +12:00
CODE_OF_CONDUCT.md	Switch CoC to Contributor Covenant	2017-12-06 16:02:01 +02:00
CONTRIBUTING.md	Respond to @psibi's comments	2017-11-08 22:43:51 -08:00
Dockerfile	add a Dockerfile for haskell development	2015-05-27 11:43:16 -04:00
LICENSE	Switch to copyright year range #617	2017-02-27 09:47:45 +02:00
README.md	Use git clone --recurse-submodules	2019-07-06 14:00:11 +12:00
stack-lts-9.yaml	Added Multi Input Form Functionality (#1601 )	2019-08-16 04:30:20 +01:00
stack-persistent-2-9.yaml	Added Multi Input Form Functionality (#1601 )	2019-08-16 04:30:20 +01:00
stack-persistent-2-10.yaml	Added Multi Input Form Functionality (#1601 )	2019-08-16 04:30:20 +01:00
stack.yaml	Added Multi Input Form Functionality (#1601 )	2019-08-16 04:30:20 +01:00
stack.yaml.lock	Added Multi Input Form Functionality (#1601 )	2019-08-16 04:30:20 +01:00

README.md

Yesod Web Framework

An advanced web framework using the Haskell programming language. Featuring:

safety & security guaranteed at compile time
developer productivity: tools for all your basic web development needs
raw performance
- fast, compiled code
- techniques for constant-space memory consumption
asynchronous IO
- this is built in to the Haskell programming language (like Erlang)

Learn more about Yesod on its main website. If you want to get started using Yesod, we strongly recommend the quick start guide, based on the Haskell build tool stack.

Hacking on Yesod

Yesod consists mostly of four repositories:

git clone --recurse-submodules http://github.com/yesodweb/shakespeare
git clone --recurse-submodules http://github.com/yesodweb/persistent
git clone --recurse-submodules http://github.com/yesodweb/wai
git clone --recurse-submodules http://github.com/yesodweb/yesod

Each repository can be built with stack build.