diff options
author | Evgeny Fadeev <evgeny.fadeev@gmail.com> | 2013-04-15 16:14:54 -0400 |
---|---|---|
committer | Evgeny Fadeev <evgeny.fadeev@gmail.com> | 2013-04-15 16:15:01 -0400 |
commit | dc1dc4551982847eb9fc145791b3fd3ccdcf46e0 (patch) | |
tree | 4746e2f9eafcc1f569605bc6b5a68efba8cd079a /askbot/templates | |
parent | aee7965b7f055ca9eb9c730e321354a980fe258e (diff) | |
download | askbot-dc1dc4551982847eb9fc145791b3fd3ccdcf46e0.tar.gz askbot-dc1dc4551982847eb9fc145791b3fd3ccdcf46e0.tar.bz2 askbot-dc1dc4551982847eb9fc145791b3fd3ccdcf46e0.zip |
fixed a bug with unescaped user name in head js
Diffstat (limited to 'askbot/templates')
-rw-r--r-- | askbot/templates/meta/html_head_javascript.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/askbot/templates/meta/html_head_javascript.html b/askbot/templates/meta/html_head_javascript.html index 965dd350..5d73d175 100644 --- a/askbot/templates/meta/html_head_javascript.html +++ b/askbot/templates/meta/html_head_javascript.html @@ -6,7 +6,7 @@ askbot['data']['languageCode'] = '{{ current_language_code }}'; {% if request.user.is_authenticated() %} askbot['data']['userId'] = {{ request.user.id }}; - askbot['data']['userName'] = '{{ request.user.username }}'; + askbot['data']['userName'] = '{{ request.user.username|escape }}'; askbot['data']['userIsAdminOrMod'] = {{ request.user.is_administrator()|as_js_bool }}; askbot['data']['userIsAdmin'] = {{ request.user.is_administrator()|as_js_bool }}; askbot['data']['userReputation'] = {{ request.user.reputation }}; |