Escape render_items items text (used in ListField, for example).

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@20944 20353a03-c40f-0410-a6d1-a30d3c3de9de

Escape render_items items text (used in ListField, for example).
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@20944 20353a03-c40f-0410-a6d1-a30d3c3de9de
158217c5 · Vincent Pelletier · f7d8bdae · 158217c5
Commit 158217c5 authored May 14, 2008 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

product/ERP5Form/FormulatorPatch.py product/ERP5Form/FormulatorPatch.py +2 -2

No files found.
--- a/product/ERP5Form/FormulatorPatch.py
+++ b/product/ERP5Form/FormulatorPatch.py
@@ -611,14 +611,14 @@ def SingleItemsWidget_render_items(self, field, key, value, REQUEST):


      if item_value == value and not selected_found:
-          rendered_item = self.render_selected_item(item_text,
+          rendered_item = self.render_selected_item(escape(item_text),
                                                    item_value,
                                                    key,
                                                    css_class,
                                                    extra_item)
          selected_found = 1
      else:
-          rendered_item = self.render_item(item_text,
+          rendered_item = self.render_item(escape(item_text),
                                            item_value,
                                            key,
                                            css_class,