More pre-emptive escaping of strings that should not be interpreted as HTML.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3352 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
ebc6f90d44
commit
6d104115d1
|
@ -1,4 +1,4 @@
|
||||||
{% load admin_modify i18n %}{% if bound_field.original_value %}
|
{% load admin_modify i18n %}{% if bound_field.original_value %}
|
||||||
{% trans "Currently:" %} <a href="{{ bound_field.original_url }}" > {{ bound_field.original_value }} </a><br />
|
{% trans "Currently:" %} <a href="{{ bound_field.original_url }}" > {{ bound_field.original_value|escape }} </a><br />
|
||||||
{% trans "Change:" %}{% output_all bound_field.form_fields %}
|
{% trans "Change:" %}{% output_all bound_field.form_fields %}
|
||||||
{% else %} {% output_all bound_field.form_fields %} {% endif %}
|
{% else %} {% output_all bound_field.form_fields %} {% endif %}
|
||||||
|
|
|
@ -15,6 +15,6 @@
|
||||||
{{ bound_field.original_value }}
|
{{ bound_field.original_value }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bound_field.raw_id_admin %}
|
{% if bound_field.raw_id_admin %}
|
||||||
{% if bound_field.existing_display %} <strong>{{ bound_field.existing_display|truncatewords:"14" }}</strong>{% endif %}
|
{% if bound_field.existing_display %} <strong>{{ bound_field.existing_display|truncatewords:"14"|escape }}</strong>{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
{% if add %}{% include "widget/foreign.html" %}{% endif %}
|
{% if add %}{% include "widget/foreign.html" %}{% endif %}
|
||||||
{% if change %}{% if bound_field.existing_display %} <strong>{{ bound_field.existing_display|truncatewords:"14" }}</strong>{% endif %}{% endif %}
|
{% if change %}{% if bound_field.existing_display %} <strong>{{ bound_field.existing_display|truncatewords:"14"|escape }}</strong>{% endif %}{% endif %}
|
||||||
|
|
Loading…
Reference in New Issue