From 5506a0179c698e33fb9f28ca8939485f35e0325f Mon Sep 17 00:00:00 2001 From: Evgeny Fadeev Date: Sat, 16 Jun 2012 17:30:49 -0400 Subject: small tweaks in content cleaning --- askbot/views/commands.py | 3 ++- askbot/views/readers.py | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/askbot/views/commands.py b/askbot/views/commands.py index 83f62b34..e343c85e 100644 --- a/askbot/views/commands.py +++ b/askbot/views/commands.py @@ -14,6 +14,7 @@ from django.forms import ValidationError, IntegerField, CharField from django.shortcuts import get_object_or_404 from django.views.decorators import csrf from django.utils import simplejson +from django.utils.html import escape from django.utils.translation import ugettext as _ from django.utils.translation import string_concat from askbot import models @@ -576,7 +577,7 @@ def api_get_questions(request): threads = threads.distinct()[:30] thread_list = [{ 'url': thread.get_absolute_url(), - 'title': thread.title, + 'title': escape(thread.title), 'answer_count': thread.answer_count } for thread in threads] json_data = simplejson.dumps(thread_list) diff --git a/askbot/views/readers.py b/askbot/views/readers.py index d7e5cecc..f581ea82 100644 --- a/askbot/views/readers.py +++ b/askbot/views/readers.py @@ -164,7 +164,7 @@ def questions(request, **kwargs): }, 'paginator': paginator_html, 'question_counter': question_counter, - 'faces': [extra_tags.gravatar(contributor, 48) for contributor in contributors], + 'faces': [],#[extra_tags.gravatar(contributor, 48) for contributor in contributors], 'feed_url': context_feed_url, 'query_string': search_state.query_string(), 'page_size' : page_size, @@ -172,7 +172,7 @@ def questions(request, **kwargs): 'non_existing_tags': meta_data['non_existing_tags'] } ajax_data['related_tags'] = [{ - 'name': tag.name, + 'name': escape(tag.name), 'used_count': humanize.intcomma(tag.local_used_count) } for tag in related_tags] -- cgit v1.2.3-1-g7c22