diff options
| author | David Lawrence <dlawrence@mozilla.com> | 2011-07-05 06:22:06 +0200 |
|---|---|---|
| committer | David Lawrence <dlawrence@mozilla.com> | 2011-07-05 06:22:06 +0200 |
| commit | e658f6a3e6af7bbcc68d235a58f2294a47074ab6 (patch) | |
| tree | 3a7bc188854d22c09856ca24aab534012a4cb3d7 /extensions | |
| parent | 937eda7dafb27a9c6df4d00f27954622ff90ca33 (diff) | |
| download | bugzilla-e658f6a3e6af7bbcc68d235a58f2294a47074ab6.tar.gz bugzilla-e658f6a3e6af7bbcc68d235a58f2294a47074ab6.tar.xz | |
Bug 666695 - Voting Extension templates have unfiltered directives
r/a=mkanat
Diffstat (limited to 'extensions')
3 files changed, 12 insertions, 12 deletions
diff --git a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl index f799f1254..a753e3a66 100644 --- a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl +++ b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl @@ -24,7 +24,7 @@ [% IF votes == 1 %] [%+ terms.abug %] [% ELSE %] - [%+ votes %] [%+ terms.bugs %] + [%+ votes FILTER html %] [%+ terms.bugs %] [% END %]. If you delete the user account, diff --git a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl index 4ad8f5bc2..f73ffaebd 100644 --- a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl +++ b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl @@ -23,7 +23,7 @@ with <a href="page.cgi?id=voting/bug.html&bug_id= [%- bug.id FILTER uri %]"> - [%- bug.votes %] + [%- bug.votes FILTER html %] [% IF bug.votes == 1 %] vote [% ELSE %] diff --git a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl index 8e886efe7..61eaf8491 100644 --- a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl +++ b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl @@ -100,7 +100,7 @@ [% IF product.maxperbug < product.maxvotes AND product.maxperbug > 1 %] <font size="-1"> - (Note: only [% product.maxperbug %] vote + (Note: only [% product.maxperbug FILTER html %] vote [% "s" IF product.maxperbug != 1 %] allowed per [% terms.bug %] in this product.) </font> @@ -120,17 +120,17 @@ [% END %] [%- END %] </td> - <td align="right"><a name="vote_[% bug.id %]"> + <td align="right"><a name="vote_[% bug.id FILTER html %]"> [% IF canedit %] [% IF product.onevoteonly %] - <input type="checkbox" name="[% bug.id %]" value="1" - [% " checked" IF bug.count %] id="bug_[% bug.id %]"> + <input type="checkbox" name="[% bug.id FILTER html %]" value="1" + [% " checked" IF bug.count %] id="bug_[% bug.id FILTER html %]"> [% ELSE %] - <input name="[% bug.id %]" value="[% bug.count %]" - size="2" id="bug_[% bug.id %]"> + <input name="[% bug.id FILTER html %]" value="[% bug.count FILTER html %]" + size="2" id="bug_[% bug.id FILTER html %]"> [% END %] [% ELSE %] - [% bug.count %] + [% bug.count FILTER html %] [% END %] </a></td> <td align="center"> @@ -138,15 +138,15 @@ </td> <td> [% bug.summary FILTER html %] - (<a href="page.cgi?id=voting/bug.html&bug_id=[% bug.id %]">Show Votes</a>) + (<a href="page.cgi?id=voting/bug.html&bug_id=[% bug.id FILTER uri %]">Show Votes</a>) </td> </tr> [% END %] <tr> <td></td> - <td colspan="3">[% product.total %] vote - [% "s" IF product.total != 1 %] used out of [% product.maxvotes %] + <td colspan="3">[% product.total FILTER html %] vote + [% "s" IF product.total != 1 %] used out of [% product.maxvotes FILTER html %] allowed. <br> <br> |