summaryrefslogtreecommitdiffstats
path: root/extensions/Voting/template/en/default
diff options
context:
space:
mode:
authorDavid Lawrence <dlawrence@mozilla.com>2011-07-05 06:22:06 +0200
committerDavid Lawrence <dlawrence@mozilla.com>2011-07-05 06:22:06 +0200
commite658f6a3e6af7bbcc68d235a58f2294a47074ab6 (patch)
tree3a7bc188854d22c09856ca24aab534012a4cb3d7 /extensions/Voting/template/en/default
parent937eda7dafb27a9c6df4d00f27954622ff90ca33 (diff)
downloadbugzilla-e658f6a3e6af7bbcc68d235a58f2294a47074ab6.tar.gz
bugzilla-e658f6a3e6af7bbcc68d235a58f2294a47074ab6.tar.xz
Bug 666695 - Voting Extension templates have unfiltered directives
r/a=mkanat
Diffstat (limited to 'extensions/Voting/template/en/default')
-rw-r--r--extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl2
-rw-r--r--extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl2
-rw-r--r--extensions/Voting/template/en/default/pages/voting/user.html.tmpl20
3 files changed, 12 insertions, 12 deletions
diff --git a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl
index f799f1254..a753e3a66 100644
--- a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl
+++ b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl
@@ -24,7 +24,7 @@
[% IF votes == 1 %]
[%+ terms.abug %]
[% ELSE %]
- [%+ votes %] [%+ terms.bugs %]
+ [%+ votes FILTER html %] [%+ terms.bugs %]
[% END %].
If you delete the user account,
diff --git a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl
index 4ad8f5bc2..f73ffaebd 100644
--- a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl
+++ b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl
@@ -23,7 +23,7 @@
with
<a href="page.cgi?id=voting/bug.html&amp;bug_id=
[%- bug.id FILTER uri %]">
- [%- bug.votes %]
+ [%- bug.votes FILTER html %]
[% IF bug.votes == 1 %]
vote
[% ELSE %]
diff --git a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl
index 8e886efe7..61eaf8491 100644
--- a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl
+++ b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl
@@ -100,7 +100,7 @@
[% IF product.maxperbug < product.maxvotes AND
product.maxperbug > 1 %]
<font size="-1">
- (Note: only [% product.maxperbug %] vote
+ (Note: only [% product.maxperbug FILTER html %] vote
[% "s" IF product.maxperbug != 1 %] allowed per [% terms.bug %] in
this product.)
</font>
@@ -120,17 +120,17 @@
[% END %]
[%- END %]
</td>
- <td align="right"><a name="vote_[% bug.id %]">
+ <td align="right"><a name="vote_[% bug.id FILTER html %]">
[% IF canedit %]
[% IF product.onevoteonly %]
- <input type="checkbox" name="[% bug.id %]" value="1"
- [% " checked" IF bug.count %] id="bug_[% bug.id %]">
+ <input type="checkbox" name="[% bug.id FILTER html %]" value="1"
+ [% " checked" IF bug.count %] id="bug_[% bug.id FILTER html %]">
[% ELSE %]
- <input name="[% bug.id %]" value="[% bug.count %]"
- size="2" id="bug_[% bug.id %]">
+ <input name="[% bug.id FILTER html %]" value="[% bug.count FILTER html %]"
+ size="2" id="bug_[% bug.id FILTER html %]">
[% END %]
[% ELSE %]
- [% bug.count %]
+ [% bug.count FILTER html %]
[% END %]
</a></td>
<td align="center">
@@ -138,15 +138,15 @@
</td>
<td>
[% bug.summary FILTER html %]
- (<a href="page.cgi?id=voting/bug.html&amp;bug_id=[% bug.id %]">Show Votes</a>)
+ (<a href="page.cgi?id=voting/bug.html&amp;bug_id=[% bug.id FILTER uri %]">Show Votes</a>)
</td>
</tr>
[% END %]
<tr>
<td></td>
- <td colspan="3">[% product.total %] vote
- [% "s" IF product.total != 1 %] used out of [% product.maxvotes %]
+ <td colspan="3">[% product.total FILTER html %] vote
+ [% "s" IF product.total != 1 %] used out of [% product.maxvotes FILTER html %]
allowed.
<br>
<br>