diff options
Diffstat (limited to 'django/contrib/admin')
| -rw-r--r-- | django/contrib/admin/widgets.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/django/contrib/admin/widgets.py b/django/contrib/admin/widgets.py index 17067346f6..228b592fda 100644 --- a/django/contrib/admin/widgets.py +++ b/django/contrib/admin/widgets.py @@ -93,7 +93,7 @@ class AdminFileWidget(forms.FileInput): output = [] if value and hasattr(value, "url"): output.append('%s <a target="_blank" href="%s">%s</a> <br />%s ' % \ - (_('Currently:'), value.url, value, _('Change:'))) + (_('Currently:'), escape(value.url), escape(value), _('Change:'))) output.append(super(AdminFileWidget, self).render(name, value, attrs)) return mark_safe(u''.join(output)) |