diff options
| author | Malcolm Tredinnick <malcolm.tredinnick@gmail.com> | 2006-07-14 11:48:25 +0000 |
|---|---|---|
| committer | Malcolm Tredinnick <malcolm.tredinnick@gmail.com> | 2006-07-14 11:48:25 +0000 |
| commit | ebc6f90d4445e31724e35c23dbf6d9a1953466bd (patch) | |
| tree | e4e0c6782a3bb04e7947228a5152354cd4f22f77 /django/contrib/admin/templates/admin_doc | |
| parent | 1725db5a35d9f64c0bed693ef529e77947d448f9 (diff) | |
Escaped variables that should not be interpreted as HTML and which might
contain dangerous characters.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django/contrib/admin/templates/admin_doc')
3 files changed, 10 insertions, 10 deletions
diff --git a/django/contrib/admin/templates/admin_doc/model_detail.html b/django/contrib/admin/templates/admin_doc/model_detail.html index 9ac56864fa..44fc43e704 100644 --- a/django/contrib/admin/templates/admin_doc/model_detail.html +++ b/django/contrib/admin/templates/admin_doc/model_detail.html @@ -9,13 +9,13 @@ </style> {% endblock %} -{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> › <a href="../../">Documentation</a> › <a href="../">Models</a> › {{ name }}</div>{% endblock %} +{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> › <a href="../../">Documentation</a> › <a href="../">Models</a> › {{ name|escape }}</div>{% endblock %} -{% block title %}Model: {{ name }}{% endblock %} +{% block title %}Model: {{ name|escape }}{% endblock %} {% block content %} <div id="content-main"> -<h1>{{ summary }}</h1> +<h1>{{ summary|escape }}</h1> {% if description %} <p>{% filter escape|linebreaksbr %}{% trans description %}{% endfilter %}</p> @@ -35,7 +35,7 @@ <tr> <td>{{ field.name }}</td> <td>{{ field.data_type }}</td> - <td>{% if field.verbose %}{{ field.verbose }}{% endif %}{% if field.help_text %} - {{ field.help_text }}{% endif %}</td> + <td>{% if field.verbose %}{{ field.verbose|escape }}{% endif %}{% if field.help_text %} - {{ field.help_text|escape }}{% endif %}</td> </tr> {% endfor %} </tbody> diff --git a/django/contrib/admin/templates/admin_doc/template_detail.html b/django/contrib/admin/templates/admin_doc/template_detail.html index df67f1856b..280ea912d0 100644 --- a/django/contrib/admin/templates/admin_doc/template_detail.html +++ b/django/contrib/admin/templates/admin_doc/template_detail.html @@ -1,19 +1,19 @@ {% extends "admin/base_site.html" %} {% load i18n %} -{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> › <a href="../../">Documentation</a> › Templates › {{ name }}</div>{% endblock %} +{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> › <a href="../../">Documentation</a> › Templates › {{ name|escape }}</div>{% endblock %} {% block userlinks %}<a href="../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../logout/">{% trans 'Log out' %}</a>{% endblock %} -{% block title %}Template: {{ name }}{% endblock %} +{% block title %}Template: {{ name|escape }}{% endblock %} {% block content %} -<h1>Template: "{{ name }}"</h1> +<h1>Template: "{{ name|escape }}"</h1> {% regroup templates|dictsort:"site_id" by site as templates_by_site %} {% for group in templates_by_site %} - <h2>Search path for template "{{ name }}" on {{ group.grouper }}:</h2> + <h2>Search path for template "{{ name|escape }}" on {{ group.grouper }}:</h2> <ol> {% for template in group.list|dictsort:"order" %} - <li><code>{{ template.file }}</code>{% if not template.exists %} <em>(does not exist)</em>{% endif %}</li> + <li><code>{{ template.file|escape }}</code>{% if not template.exists %} <em>(does not exist)</em>{% endif %}</li> {% endfor %} </ol> {% endfor %} diff --git a/django/contrib/admin/templates/admin_doc/view_detail.html b/django/contrib/admin/templates/admin_doc/view_detail.html index ba90399358..ed90657361 100644 --- a/django/contrib/admin/templates/admin_doc/view_detail.html +++ b/django/contrib/admin/templates/admin_doc/view_detail.html @@ -8,7 +8,7 @@ <h1>{{ name }}</h1> -<h2 class="subhead">{{ summary }}</h2> +<h2 class="subhead">{{ summary|escape }}</h2> <p>{{ body }}</p> |