Opened 18 years ago
Closed 18 years ago
#2346 closed defect (fixed)
[patch] admin's base.html template needs to escape {{ title }}
Reported by: | Owned by: | Adrian Holovaty | |
---|---|---|---|
Component: | contrib.admin | Version: | |
Severity: | major | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
The admin's views.main.history view sets the "title" template tag to the string representation of the object, which can contain html.
Attachments (1)
Change History (4)
by , 18 years ago
Attachment: | base.html.diff added |
---|
comment:1 by , 18 years ago
comment:3 by , 18 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
One of these days someone will just do a global search and replace in the admin, turning
}}
into|escape }}
.