Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #2006 -- Admin now quotes strings in breadcrumbs and filters. T…

…hanks, mhf@hex.no

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3023 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit ea59344d725adc5c94a0ab2c1986c6a033329ad9 1 parent 9030236
@adrianholovaty adrianholovaty authored
View
2  django/contrib/admin/templates/admin/change_form.html
@@ -12,7 +12,7 @@
<div class="breadcrumbs">
<a href="../../../">{% trans "Home" %}</a> &rsaquo;
<a href="../">{{ opts.verbose_name_plural|capfirst }}</a> &rsaquo;
- {% if add %}{% trans "Add" %} {{ opts.verbose_name }}{% else %}{{ original|striptags|truncatewords:"18" }}{% endif %}
+ {% if add %}{% trans "Add" %} {{ opts.verbose_name }}{% else %}{{ original|truncatewords:"18"|escape }}{% endif %}
</div>
{% endif %}{% endblock %}
{% block content %}<div id="content-main">
View
2  django/contrib/admin/templates/admin/filter.html
@@ -3,6 +3,6 @@
<ul>
{% for choice in choices %}
<li{% if choice.selected %} class="selected"{% endif %}>
- <a href="{{ choice.query_string }}">{{ choice.display }}</a></li>
+ <a href="{{ choice.query_string }}">{{ choice.display|escape }}</a></li>
{% endfor %}
</ul>
Please sign in to comment.
Something went wrong with that request. Please try again.