Skip to content

erp5
erp5
Commit f7b39127 authored by Jérome Perrin's avatar Jérome Perrin
Browse files
Options

escape html in portal_status_message 

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14886 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 7f900f85
Hide whitespace changes
Inline Side-by-side
Showing with 5 additions and 8 deletions
product/ERP5/bootstrap/erp5_xhtml_style/SkinTemplateItem/portal_skins/erp5_xhtml_style/template_erp5_xhtml_style.xml
View file @ f7b39127
...@@ -81,14 +81,10 @@ IDEAS:\n ...@@ -81,14 +81,10 @@ IDEAS:\n
- Add callbacks to ERP5Form object (selection ?) to gather needed fields -> put them in http_parameter_list.\n - Add callbacks to ERP5Form object (selection ?) to gather needed fields -> put them in http_parameter_list.\n
-->\n -->\n
</tal:block>\n </tal:block>\n
\n
<tal:block metal:define-macro="master">\n <tal:block metal:define-macro="master">\n
\n
<tal:block tal:define="global_definitions_macros here/global_definitions/macros">\n <tal:block tal:define="global_definitions_macros here/global_definitions/macros">\n
<tal:block metal:use-macro="global_definitions_macros/header_definitions"/>\n <tal:block metal:use-macro="global_definitions_macros/header_definitions"/>\n
\n
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\n <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\n
\n
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">\n <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">\n
<head>\n <head>\n
<base tal:attributes="href python: \'%s/\' % (url, )"/>\n <base tal:attributes="href python: \'%s/\' % (url, )"/>\n
...@@ -115,7 +111,7 @@ IDEAS:\n ...@@ -115,7 +111,7 @@ IDEAS:\n
<!-- We should probably call the default method instead -->\n <!-- We should probably call the default method instead -->\n
<input tal:condition="form_action | nothing"\n <input tal:condition="form_action | nothing"\n
id="hidden_button" type="submit" value="dummy"\n id="hidden_button" type="submit" value="dummy"\n
tal:attributes="name python: \'%s:method\' % (form_action, )" />\n tal:attributes="name string:${form_action}:method" />\n
<tal:block metal:use-macro="global_definitions_macros/http_definitions"/>\n <tal:block metal:use-macro="global_definitions_macros/http_definitions"/>\n
<tal:block metal:define-slot="layout">\n <tal:block metal:define-slot="layout">\n
<div id="bars">\n <div id="bars">\n
...@@ -141,7 +137,7 @@ IDEAS:\n ...@@ -141,7 +137,7 @@ IDEAS:\n
</tal:block>\n </tal:block>\n
</div>\n </div>\n
<p class="clear"></p>\n <p class="clear"></p>\n
<div tal:content="structure here/REQUEST/portal_status_message | nothing" id="transition_message"/>\n <div tal:content="request/portal_status_message | nothing" id="transition_message"/>\n
</div>\n </div>\n
<div id="master">\n <div id="master">\n
<tal:block metal:define-slot="main"/>\n <tal:block metal:define-slot="main"/>\n
...@@ -151,7 +147,8 @@ IDEAS:\n ...@@ -151,7 +147,8 @@ IDEAS:\n
</body>\n </body>\n
</html>\n </html>\n
</tal:block>\n </tal:block>\n
</tal:block> </tal:block>\n
]]></string> </value> ]]></string> </value>
</item> </item>
......
product/ERP5/bootstrap/erp5_xhtml_style/bt/revision
View file @ f7b39127
386 387
\ No newline at end of file \ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7