1
0
mirror of https://github.com/django/django.git synced 2025-10-24 06:06:09 +00:00

Escaped variables that should not be interpreted as HTML and which might

contain dangerous characters.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Malcolm Tredinnick
2006-07-14 11:48:25 +00:00
parent 1725db5a35
commit ebc6f90d44
3 changed files with 10 additions and 10 deletions

View File

@@ -9,13 +9,13 @@
</style> </style>
{% endblock %} {% endblock %}
{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; <a href="../">Models</a> &rsaquo; {{ name }}</div>{% endblock %} {% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; <a href="../">Models</a> &rsaquo; {{ name|escape }}</div>{% endblock %}
{% block title %}Model: {{ name }}{% endblock %} {% block title %}Model: {{ name|escape }}{% endblock %}
{% block content %} {% block content %}
<div id="content-main"> <div id="content-main">
<h1>{{ summary }}</h1> <h1>{{ summary|escape }}</h1>
{% if description %} {% if description %}
<p>{% filter escape|linebreaksbr %}{% trans description %}{% endfilter %}</p> <p>{% filter escape|linebreaksbr %}{% trans description %}{% endfilter %}</p>
@@ -35,7 +35,7 @@
<tr> <tr>
<td>{{ field.name }}</td> <td>{{ field.name }}</td>
<td>{{ field.data_type }}</td> <td>{{ field.data_type }}</td>
<td>{% if field.verbose %}{{ field.verbose }}{% endif %}{% if field.help_text %} - {{ field.help_text }}{% endif %}</td> <td>{% if field.verbose %}{{ field.verbose|escape }}{% endif %}{% if field.help_text %} - {{ field.help_text|escape }}{% endif %}</td>
</tr> </tr>
{% endfor %} {% endfor %}
</tbody> </tbody>

View File

@@ -1,19 +1,19 @@
{% extends "admin/base_site.html" %} {% extends "admin/base_site.html" %}
{% load i18n %} {% load i18n %}
{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; Templates &rsaquo; {{ name }}</div>{% endblock %} {% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; Templates &rsaquo; {{ name|escape }}</div>{% endblock %}
{% block userlinks %}<a href="../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../logout/">{% trans 'Log out' %}</a>{% endblock %} {% block userlinks %}<a href="../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../logout/">{% trans 'Log out' %}</a>{% endblock %}
{% block title %}Template: {{ name }}{% endblock %} {% block title %}Template: {{ name|escape }}{% endblock %}
{% block content %} {% block content %}
<h1>Template: "{{ name }}"</h1> <h1>Template: "{{ name|escape }}"</h1>
{% regroup templates|dictsort:"site_id" by site as templates_by_site %} {% regroup templates|dictsort:"site_id" by site as templates_by_site %}
{% for group in templates_by_site %} {% for group in templates_by_site %}
<h2>Search path for template "{{ name }}" on {{ group.grouper }}:</h2> <h2>Search path for template "{{ name|escape }}" on {{ group.grouper }}:</h2>
<ol> <ol>
{% for template in group.list|dictsort:"order" %} {% for template in group.list|dictsort:"order" %}
<li><code>{{ template.file }}</code>{% if not template.exists %} <em>(does not exist)</em>{% endif %}</li> <li><code>{{ template.file|escape }}</code>{% if not template.exists %} <em>(does not exist)</em>{% endif %}</li>
{% endfor %} {% endfor %}
</ol> </ol>
{% endfor %} {% endfor %}

View File

@@ -8,7 +8,7 @@
<h1>{{ name }}</h1> <h1>{{ name }}</h1>
<h2 class="subhead">{{ summary }}</h2> <h2 class="subhead">{{ summary|escape }}</h2>
<p>{{ body }}</p> <p>{{ body }}</p>