Ticket #2056: history_message_escaping.patch
| File history_message_escaping.patch, 871 bytes (added by , 18 years ago) |
|---|
-
templates/admin/object_history.html
24 24 {% for action in action_list %} 25 25 <tr> 26 26 <th scope="row">{{ action.action_time|date:_("DATE_WITH_TIME_FULL") }}</th> 27 <td>{{ action.user.username }}{% if action.user.first_name %} ({{ action.user.first_name }} {{ action.user.last_name }}){% endif %}</td>28 <td>{{ action.change_message }}</td>27 <td>{{ action.user.username|escape }}{% if action.user.first_name %} ({{ action.user.first_name|escape }} {{ action.user.last_name|escape }}){% endif %}</td> 28 <td>{{ action.change_message|escape }}</td> 29 29 </tr> 30 30 {% endfor %} 31 31 </tbody>