Browse files

Fixed #2152 -- Now HTML-escaping user.first_name in admin/base.html t…

…emplate

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3129 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
1 parent 7bd3111 commit 8938d5eeb32bd246aacab22ddbd0484165de7a94 @adrianholovaty adrianholovaty committed Jun 14, 2006
Showing with 1 addition and 1 deletion.
  1. +1 −1 django/contrib/admin/templates/admin/base.html
View
2 django/contrib/admin/templates/admin/base.html
@@ -21,7 +21,7 @@
{% block branding %}{% endblock %}
</div>
{% if not user.is_anonymous %}{% if user.is_staff %}
- <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
+ <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
{% endif %}{% endif %}
{% block nav-global %}{% endblock %}
</div>

0 comments on commit 8938d5e

Please sign in to comment.