diff options
author | Evgeny Fadeev <evgeny.fadeev@gmail.com> | 2013-01-25 17:58:13 -0300 |
---|---|---|
committer | Evgeny Fadeev <evgeny.fadeev@gmail.com> | 2013-01-25 17:58:13 -0300 |
commit | 4f41094153817d26eb81b1e96c95b0cc50b9492a (patch) | |
tree | e9470d9c662a748743e3c8a3d452808c28212545 | |
parent | fabf880b47cfbb1d97895303343361befdca9563 (diff) | |
download | askbot-4f41094153817d26eb81b1e96c95b0cc50b9492a.tar.gz askbot-4f41094153817d26eb81b1e96c95b0cc50b9492a.tar.bz2 askbot-4f41094153817d26eb81b1e96c95b0cc50b9492a.zip |
escaped request.path in the urls
-rw-r--r-- | askbot/templates/users.html | 8 | ||||
-rw-r--r-- | askbot/templates/widgets/footer.html | 2 | ||||
-rw-r--r-- | askbot/templates/widgets/user_navigation.html | 2 |
3 files changed, 6 insertions, 6 deletions
diff --git a/askbot/templates/users.html b/askbot/templates/users.html index a1c4ed11..09a2c117 100644 --- a/askbot/templates/users.html +++ b/askbot/templates/users.html @@ -31,26 +31,26 @@ {% if settings.KARMA_MODE == 'public' %} <a id="sort_reputation" - href="{{ request.path }}?sort=reputation" + href="{{ request.path|escape }}?sort=reputation" {% if tab_id == 'reputation' %}class="on"{% endif %} title="{% trans %}see people with the highest reputation{% endtrans %}" ><span>{% trans %}karma{% endtrans %}</span></a> {% endif %} <a id="sort_newest" - href="{{ request.path }}?sort=newest" + href="{{ request.path|escape }}?sort=newest" {% if tab_id == 'newest' %}class="on"{% endif %} class="off" title="{% trans %}see people who joined most recently{% endtrans %}" ><span>{% trans %}recent{% endtrans %}</span></a> <a id="sort_last" - href="{{ request.path }}?sort=last" + href="{{ request.path|escape }}?sort=last" {% if tab_id == 'last' %}class="on"{% endif %} class="off" title="{% trans %}see people who joined the site first{% endtrans %}" ><span>{% trans %}oldest{% endtrans %}<span></a> <a id="sort_user" - href="{{ request.path }}?sort=user" + href="{{ request.path|escape }}?sort=user" {% if tab_id == 'user' %}class="on"{% endif %} title="{% trans %}see people sorted by name{% endtrans %}" ><span>{% trans %}by username{% endtrans %}</span></a> diff --git a/askbot/templates/widgets/footer.html b/askbot/templates/widgets/footer.html index 6eb3afc2..75721e50 100644 --- a/askbot/templates/widgets/footer.html +++ b/askbot/templates/widgets/footer.html @@ -46,7 +46,7 @@ "{{settings.FEEDBACK_SITE_URL}}" target="_blank"> {% else %} - "{% url feedback %}?next={{request.path}}"> + "{% url feedback %}?next={{request.path|escape}}"> {% endif %} {% trans %}give feedback{% endtrans %} </a> diff --git a/askbot/templates/widgets/user_navigation.html b/askbot/templates/widgets/user_navigation.html index 4cb6314a..9cde343c 100644 --- a/askbot/templates/widgets/user_navigation.html +++ b/askbot/templates/widgets/user_navigation.html @@ -17,7 +17,7 @@ <a href="{{ settings.LOGOUT_URL }}?next={{ settings.LOGOUT_REDIRECT_URL }}">{% trans %}sign out{% endtrans %}</a> {% endif %} {% elif settings.USE_ASKBOT_LOGIN_SYSTEM %} - <a href="{{ settings.LOGIN_URL }}?next={{request.path|clean_login_url}}">{% trans %}Hi there! Please sign in{% endtrans %}</a> + <a href="{{ settings.LOGIN_URL }}?next={{request.path|clean_login_url|escape}}">{% trans %}Hi there! Please sign in{% endtrans %}</a> {% endif %} {% if request.user.is_authenticated() and request.user.is_administrator() %} <a class="settings" href="{% url site_settings %}">{% trans %}settings{% endtrans %}</a> |