updates from master

Author: infominer33

_includes/_google_search.html

@@ -1,53 +1,16 @@
-<!-- Including InstantSearch.js library and styling -->
-<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/instantsearch.min.js"></script>
-<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/instantsearch.min.css">
-<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/instantsearch-theme-algolia.min.css">
-
-<script>
-// Instanciating InstantSearch.js with Algolia credentials
-const search = instantsearch({
-  appId: '{{ site.algolia.application_id }}',
-  apiKey: '{{ site.algolia.search_only_api_key }}',
-  indexName: '{{ site.algolia.index_name }}',
-  searchParameters: {
-    restrictSearchableAttributes: [
-      'title',
-      'content'
-    ]
-  }
-});
-
-const hitTemplate = function(hit) {
-  const url = hit.url;
-  const title = hit._highlightResult.title.value;
-  const content = hit._highlightResult.html.value;
-
-  return `
-    <div class="list__item">
-      <article class="archive__item" itemscope itemtype="https://schema.org/CreativeWork">
-        <h2 class="archive__item-title" itemprop="headline"><a href="{{ site.baseurl }}${url}">${title}</a></h2>
-        <div class="archive__item-excerpt" itemprop="description">${content}</div>
-      </article>
-    </div>
-  `;
-}
-
-// Adding searchbar and results widgets
-search.addWidget(
-  instantsearch.widgets.searchBox({
-    container: '.search-searchbar',
-    placeholder: 'Enter your search term...'
-  })
-);
-search.addWidget(
-  instantsearch.widgets.hits({
-    container: '.search-hits',
-    templates: {
-      item: hitTemplate
-    }
-  })
-);
-
-// Starting the search
-search.start();
+{% comment %}TODO consider https://developers.google.com/custom-search/docs/element{% endcomment %}
+{% capture google_search_site %}{{ site.url }}{{ site.baseurl }}/{% endcapture %}
+<script language="Javascript" type="text/javascript">
+	function google_search() {
+		var query = document.getElementById("google-search").value;
+		window.open("https://www.google.com/search?q=" + query + "+site:" + "{{ google_search_site | cgi_escape }}");
+	}
 </script>
+
+<form id="search" onsubmit="google_search(); return false;">
+	<input type="text" id="google-search" placeholder="{{ site.data.language.enter_search_term }}">
+</form>
+<noscript>
+	Search <a href="https://www.google.com/search?q=site:{{ google_search_site | cgi_escape }}" target="_blank">Google</a> for:
+	<pre><code>search-term site:{{ google_search_site }}</code></pre>
+</noscript>

_includes/_improve_content.html

@@ -8,7 +8,7 @@
 <div class="row">
 	<div class="small-12 columns">
 	<div class="panel radius" style="padding-bottom: 21px;">
-			<a class="button left r15 tiny radius" href="{{ site.improve_content }}/{{ page.path }}">{{ site.data.language.edit }}</a>	
+			<a class="button left r15 tiny radius" href="{{ site.improve_content }}/{{ page.path }}">{{ site.data.language.edit }}</a>
 			<p style="margin-top: 3px;">
 			{{ site.data.language.this_content_is_open_source }}
 			<a href="{{ site.improve_content }}/{{ page.path }}">{{ site.data.language.help_improve_it }}</a>.</p>

_layouts/page.html

@@ -1,6 +1,6 @@
 ---
 layout: default
-format: posts
+format: post
 ---
 <div class="row t30">
 	<div class="medium-8 columns{% if page.sidebar == NULL %} medium-offset-2 end{% endif %}{% if page.sidebar == "left" %} medium-push-4{% endif %}">

_sass/_09_elements.scss

@@ -148,3 +148,15 @@ img.lazy {
     transition: opacity 0.7s;
     opacity: 1;
 }
+
+*:target:not([id^='fn:']):not([id^='fnref:']) {
+  &::before {
+    content: " ";
+    width: 0;
+    height: 0;
+
+    display: block;
+    padding-top: 50px;
+    margin-top: -50px;
+  }
+}

assets/mediaelement_js/jquery.js

@@ -349,8 +349,9 @@ jQuery.extend = jQuery.fn.extend = function() {
 				src = target[ name ];
 				copy = options[ name ];
 
+				// Prevent Object.prototype pollution
 				// Prevent never-ending loop
-				if ( target === copy ) {
+				if ( name === "__proto__" || target === copy ) {
 					continue;
 				}
 
@@ -8204,6 +8205,11 @@ function ajaxConvert( s, response ) {
 			// Convert response if prev dataType is non-auto and differs from current
 			if ( prev !== "*" && prev !== current ) {
 
+				// Mitigate possible XSS vulnerability (gh-2432)
+				if ( s.crossDomain && current === "script" ) {
+					continue;
+				}
+				
 				// Seek a direct converter
 				conv = converters[ prev + " " + current ] || converters[ "* " + current ];
 
@@ -9594,4 +9600,4 @@ if ( typeof define === "function" && define.amd && define.amd.jQuery ) {
 	define( "jquery", [], function () { return jQuery; } );
 }
 
-})( window );
+})( window );