Ticket #4971: databrowse-escape.diff

File databrowse-escape.diff, 4.1 KB (added by Johann Queuniet <johann.queuniet@…>, 17 years ago)

adds escaping to the databrowse templates

  • django/contrib/databrowse/templates/databrowse/choice_detail.html

     
    1010
    1111<ul class="objectlist">
    1212{% for object in object_list %}
    13 <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
     13<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
    1414{% endfor %}
    1515</ul>
    1616

  • django/contrib/databrowse/templates/databrowse/calendar_month.html

     
    1010
    1111<ul class="objectlist">
    1212{% for object in object_list %}
    13 <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
     13<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
    1414{% endfor %}
    1515</ul>
    1616

  • django/contrib/databrowse/templates/databrowse/model_detail.html

     
    1212
    1313<ul class="objectlist">
    1414{% for object in model.objects %}
    15     <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
     15    <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
    1616{% endfor %}
    1717</ul>
    1818

  • django/contrib/databrowse/templates/databrowse/choice_list.html

     
    1010
    1111<ul class="objectlist">
    1212{% for choice in field.choices %}
    13 <li class="{% cycle odd,even %}"><a href="{{ choice.url }}">{{ choice.label }}</a></li>
     13<li class="{% cycle odd,even %}"><a href="{{ choice.url }}">{{ choice.label|escape }}</a></li>
    1414{% endfor %}
    1515</ul>
    1616

  • django/contrib/databrowse/templates/databrowse/calendar_day.html

     
    1010
    1111<ul class="objectlist">
    1212{% for object in object_list %}
    13 <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
     13<li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
    1414{% endfor %}
    1515</ul>
    1616

  • django/contrib/databrowse/templates/databrowse/object_detail.html

     
    44
    55{% block content %}
    66
    7 <div id="breadcrumbs"><a href="{{ root_url }}">Home</a> / <a href="{{ object.model.url }}">{{ object.model.verbose_name_plural|capfirst }}</a> / {{ object }}</div>
     7<div id="breadcrumbs"><a href="{{ root_url }}">Home</a> / <a href="{{ object.model.url }}">{{ object.model.verbose_name_plural|capfirst }}</a> / {{ object|escape }}</div>
    88
    9 <h1>{{ object.model.verbose_name|capfirst }}: {{ object }}</h1>
     9<h1>{{ object.model.verbose_name|capfirst }}: {{ object|escape }}</h1>
    1010
    1111<table class="objectinfo">
    1212{% for field in object.fields %}
     
    2929  {% if related_object.object_list %}
    3030  <ul class="objectlist">
    3131    {% for object in related_object.object_list %}
    32     <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object }}</a></li>
     32    <li class="{% cycle odd,even %}"><a href="{{ object.url }}">{{ object|escape }}</a></li>
    3333    {% endfor %}
    3434  </ul>
    3535  {% else %}
Back to Top