diff options
| author | Matt Selsky <selsky@columbia.edu> | 2014-12-11 19:00:18 +0100 |
|---|---|---|
| committer | Gervase Markham <gerv@gerv.net> | 2014-12-11 19:00:18 +0100 |
| commit | 4d1c399ff6391b70e15a2c06d5bec10e2aaa3d3c (patch) | |
| tree | 28bc9ec2a5f74208167baed68cbaebe26b451c8c /template | |
| parent | 7b8a5d16b6c84b0f2b8b8074e9f63888ca6df249 (diff) | |
| download | bugzilla-4d1c399ff6391b70e15a2c06d5bec10e2aaa3d3c.tar.gz bugzilla-4d1c399ff6391b70e15a2c06d5bec10e2aaa3d3c.tar.xz | |
Bug 1102842 - remove and/or unwhitelist unsafe filters. r=gerv, a=simon.
Diffstat (limited to 'template')
| -rw-r--r-- | template/en/default/account/prefs/prefs.html.tmpl | 2 | ||||
| -rw-r--r-- | template/en/default/attachment/list.html.tmpl | 10 | ||||
| -rw-r--r-- | template/en/default/attachment/show-multiple.html.tmpl | 10 | ||||
| -rw-r--r-- | template/en/default/bug/dependency-tree.html.tmpl | 6 | ||||
| -rw-r--r-- | template/en/default/list/change-columns.html.tmpl | 2 | ||||
| -rw-r--r-- | template/en/default/list/edit-multiple.html.tmpl | 12 |
6 files changed, 34 insertions, 8 deletions
diff --git a/template/en/default/account/prefs/prefs.html.tmpl b/template/en/default/account/prefs/prefs.html.tmpl index 8f11d0a6f..33c0b4224 100644 --- a/template/en/default/account/prefs/prefs.html.tmpl +++ b/template/en/default/account/prefs/prefs.html.tmpl @@ -68,7 +68,7 @@ [% IF changes_saved %] <div id="message"> - The changes to your [% current_tab.label FILTER lower %] have been saved. + The changes to your [% current_tab.label FILTER lower FILTER html %] have been saved. [% IF email_changes_saved %] <p> diff --git a/template/en/default/attachment/list.html.tmpl b/template/en/default/attachment/list.html.tmpl index 4599f38ed..2e160eda7 100644 --- a/template/en/default/attachment/list.html.tmpl +++ b/template/en/default/attachment/list.html.tmpl @@ -70,7 +70,15 @@ function toggle_display(link) { <a href="attachment.cgi?id=[% attachment.id %]" title="View the content of the attachment"> [% END %] - <b>[% attachment.description FILTER html FILTER obsolete(attachment.isobsolete) %]</b> + <b> + [% IF attachment.isobsolete %] + <span class="bz_obsolete"> + [% END %] + [% attachment.description FILTER html %] + [% IF attachment.isobsolete %] + </span> + [% END %] + </b> [% "</a>" IF attachment.datasize %] <span class="bz_attach_extra_info"> diff --git a/template/en/default/attachment/show-multiple.html.tmpl b/template/en/default/attachment/show-multiple.html.tmpl index e2c95cb80..16d093372 100644 --- a/template/en/default/attachment/show-multiple.html.tmpl +++ b/template/en/default/attachment/show-multiple.html.tmpl @@ -34,7 +34,15 @@ <th colspan="6" class="bz_attach_footer">Attachment #[% a.id %]</th> </tr> <tr> - <td>[% a.description FILTER html FILTER obsolete(a.isobsolete) %]</td> + <td> + [% IF a.isobsolete %] + <span class="bz_obsolete"> + [% END %] + [% a.description FILTER html %] + [% IF a.isobsolete %] + </span> + [% END %] + </td> <td> [% IF a.ispatch %] diff --git a/template/en/default/bug/dependency-tree.html.tmpl b/template/en/default/bug/dependency-tree.html.tmpl index a2730f3c9..70855fdc2 100644 --- a/template/en/default/bug/dependency-tree.html.tmpl +++ b/template/en/default/bug/dependency-tree.html.tmpl @@ -136,7 +136,9 @@ [% BLOCK buglink %] [% isclosed = !bug.isopened %] - [% FILTER closed(isclosed) -%] + [% IF isclosed %] + <span class="bz_closed"> + [% END %] <a title="[% INCLUDE buginfo bug=bug %]" href="show_bug.cgi?id=[% bugid %]"> <b>[%- bugid %]:</b> @@ -148,6 +150,8 @@ <img src="skins/standard/dependency-tree/tree.png" title="See dependency tree for [% terms.bug %] [%+ bugid FILTER html %]"> </a> + [% IF isclosed %] + </span> [% END %] [% END %] diff --git a/template/en/default/list/change-columns.html.tmpl b/template/en/default/list/change-columns.html.tmpl index c0279803c..aef352d0f 100644 --- a/template/en/default/list/change-columns.html.tmpl +++ b/template/en/default/list/change-columns.html.tmpl @@ -31,7 +31,7 @@ [% FOREACH column = columns.keys %] [% NEXT IF collist.contains(column) %] [%# We lowecase the keys so that the sort happens case-insensitively. %] - [% SET column_desc = field_descs.$column || column FILTER lower %] + [% SET column_desc = field_descs.$column || column FILTER lower FILTER html %] [% available_columns.$column_desc = column %] [% END %] diff --git a/template/en/default/list/edit-multiple.html.tmpl b/template/en/default/list/edit-multiple.html.tmpl index e581f0892..d956fa62b 100644 --- a/template/en/default/list/edit-multiple.html.tmpl +++ b/template/en/default/list/edit-multiple.html.tmpl @@ -371,7 +371,13 @@ <td> [% SET inactive = !group.is_active %] - [% group.description FILTER html_light FILTER inactive(inactive) %] + [% IF inactive %] + <span class="bz_inactive"> + [% END %] + [% group.description FILTER html_light %] + [% IF inactive %] + </span> + [% END %] </td> </tr> @@ -380,8 +386,8 @@ </table> [% IF foundinactive %] - <p class="bz_info">(Note: [% terms.Bugs %] may not be added to [% FILTER inactive %]inactive - groups[% END %], only removed.)</p> + <p class="bz_info">(Note: [% terms.Bugs %] may not be added to inactive + groups, only removed.)</p> [% END %] [% END %] |