Opened 16 years ago

Closed 15 years ago

Last modified 15 years ago

#10717 closed (fixed)

{% admin_media_prefix %} needs escaping

Reported by: liangent Owned by: Chris Beaven
Component: contrib.admin Version: 1.0
Severity: Keywords: liangent@gmail.com
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

in case that there are special symbols such as quotes in it.

Attachments (1)

10717.diff (642 bytes ) - added by Chris Beaven 15 years ago.

Download all attachments as: .zip

Change History (7)

comment:1 by liangent, 16 years ago

i think {% url %} also needs this, but i didn't check code to make sure if {% url %} already has it.

comment:2 by Chris Beaven, 15 years ago

No, {% url %} handles it fine (it uses reverse which in-turn uses iri_to_uri)

by Chris Beaven, 15 years ago

Attachment: 10717.diff added

comment:3 by Chris Beaven, 15 years ago

Owner: changed from nobody to Chris Beaven
Status: newassigned

comment:4 by Chris Beaven, 15 years ago

Has patch: set
Triage Stage: UnreviewedReady for checkin

comment:5 by Jannis Leidel, 15 years ago

Resolution: fixed
Status: assignedclosed

(In [12140]) Fixed #10717 - Escape result of admin_media_prefix template tag.

comment:6 by Jannis Leidel, 15 years ago

(In [12239]) [1.1.X] Fixed #10717 - Escape result of admin_media_prefix template tag.

Note: See TracTickets for help on using tickets.
Back to Top