Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #2152 -- Now HTML-escaping user.first_name in admin/base.html t…

…emplate

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3129 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 8938d5eeb32bd246aacab22ddbd0484165de7a94 1 parent 7bd3111
Adrian Holovaty authored June 14, 2006
2  django/contrib/admin/templates/admin/base.html
@@ -21,7 +21,7 @@
21 21
         {% block branding %}{% endblock %}
22 22
         </div>
23 23
         {% if not user.is_anonymous %}{% if user.is_staff %}
24  
-        <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
  24
+        <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
25 25
         {% endif %}{% endif %}
26 26
         {% block nav-global %}{% endblock %}
27 27
     </div>

0 notes on commit 8938d5e

Please sign in to comment.
Something went wrong with that request. Please try again.