Remove dynamic JS loading from header template
This was used when we did client-side rendering with prettify.js,
since we wanted to load that JS file only on file views that required
prettification. Since that moved to the server side, this variable is
now unused.
Long-term, Soy team would like to remove the ability to load scripts
from variables due to XSS risk.
Change-Id: Ic27fc8959a36d8f6d5a9a4d4aa6a57866f741d6c
diff --git a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
index 97b5786..2a7ba40 100644
--- a/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
+++ b/gitiles-servlet/src/main/resources/com/google/gitiles/templates/Common.soy
@@ -24,7 +24,6 @@
* @param? headerVariant variant name for custom header.
* @param breadcrumbs navigation breadcrumbs for this page.
* @param? css optional list of CSS URLs to include.
- * @param? js optional list of Javascript URLs to include.
* @param? containerClass optional class to append to the main container.
*/
{template .header}
@@ -46,12 +45,6 @@
<link rel="stylesheet" type="text/css" href="{$url}">
{/foreach}
{/if}
-
- {if $js and length($js)}
- {foreach $url in $js}
- <script src="{$url}"></script>
- {/foreach}
- {/if}
</head>
<body class="Site">
<header class="Site-header">
