[Mpuls-commits] r1742 - in wasko/branches/2.0: . jmdweb/controllers
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Feb 24 12:12:43 CET 2010
Author: bh
Date: 2010-02-24 12:12:41 +0100 (Wed, 24 Feb 2010)
New Revision: 1742
Modified:
wasko/branches/2.0/ChangeLog
wasko/branches/2.0/jmdweb/controllers/case_overview.py
Log:
* jmdweb/controllers/case_overview.py
(CaseOverviewController._buildCaseList): scape case fields
properly for HTML. Port of corresponding change in waskaweb
Modified: wasko/branches/2.0/ChangeLog
===================================================================
--- wasko/branches/2.0/ChangeLog 2010-02-24 11:11:14 UTC (rev 1741)
+++ wasko/branches/2.0/ChangeLog 2010-02-24 11:12:41 UTC (rev 1742)
@@ -1,5 +1,11 @@
2010-02-24 Bernhard Herzog <bh at intevation.de>
+ * jmdweb/controllers/case_overview.py
+ (CaseOverviewController._buildCaseList): scape case fields
+ properly for HTML. Port of corresponding change in waskaweb
+
+2010-02-24 Bernhard Herzog <bh at intevation.de>
+
* mpulsweb/controllers/formularpage.py (get_rendered_page): Escape
page description when generating HTML
Modified: wasko/branches/2.0/jmdweb/controllers/case_overview.py
===================================================================
--- wasko/branches/2.0/jmdweb/controllers/case_overview.py 2010-02-24 11:11:14 UTC (rev 1741)
+++ wasko/branches/2.0/jmdweb/controllers/case_overview.py 2010-02-24 11:12:41 UTC (rev 1742)
@@ -30,6 +30,7 @@
import re
import logging
+from cgi import escape
import formencode
import paste
@@ -574,8 +575,8 @@
def _buildCaseList(self, bundle):
list = ["<ul>"]
for case in bundle.getCases():
- list.append("<li>%s, %s</li>" % (F.NA(case.first_name),
- F.NA(case.last_name)))
+ list.append("<li>%s, %s</li>" % (escape(F.NA(case.first_name)),
+ escape(F.NA(case.last_name))))
list.append("</ul>")
return list
More information about the Mpuls-commits
mailing list