From 026539311662235ea26f5f3cfe885322846db6fb Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Sun, 7 Sep 2003 02:23:09 +0000
Subject: Bug 207044 - Filter more template directives. None of these are
 security bugs, but they need fixing anyway. Patch by gerv; r,a=justdave.

---
 template/en/default/global/messages.html.tmpl | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

(limited to 'template/en/default/global/messages.html.tmpl')

diff --git a/template/en/default/global/messages.html.tmpl b/template/en/default/global/messages.html.tmpl
index e8aa8047f..e84e9747d 100644
--- a/template/en/default/global/messages.html.tmpl
+++ b/template/en/default/global/messages.html.tmpl
@@ -28,21 +28,15 @@
 [% message_tag = message %]
 
 [% message = BLOCK %]
-  [% IF    message_tag == "aaa_example_message_tag" %]
-    [% title = "Example Message" %]
-    This is an example message. The title is set above. This text is the body
-    of the message. It can contain arbitrary <b>HTML</b>, and also references
-    to any [% parameters %] which you may have set.
-
-  [% ELSIF message_tag == "buglist_adding_field" %]
+  [% IF    message_tag == "buglist_adding_field" %]
     [% title = "Adding field to query page..." %]
     [% link  = "Click here if the page does not redisplay automatically." %]
-    [% # --- %] 
 
   [% ELSIF message_tag == "buglist_load_named_query" %]
-    [% title = BLOCK %]Loading your query named [% namedcmd %][% END %]
+    [% title = BLOCK %]
+      Loading your query named [% namedcmd FILTER html %]
+    [% END %]
     [% link  = "Click here if the page does not redisplay automatically." %]
-    [% # --- %] 
 
   [% ELSIF message_tag == "buglist_updated_named_query" %]
     OK, your query named <code>[% queryname FILTER html %]</code> is updated.
@@ -81,8 +75,9 @@
   [% ELSIF message_tag == "email_change_cancelled_reinstated" %]
     [% title = "Cancel Request to Change Email Address" %]
     The request to change the email address for the
-    [% old_email %] account to [% new_email %] has been cancelled.
-    Your old account settings have been reinstated.
+    [% old_email FILTER html %] account to 
+    [% new_email FILTER html %] has been cancelled.
+   Your old account settings have been reinstated.
 
   [% ELSIF message_tag == "logged_out" %]
     [% title = "Logged Out" %]
-- 
cgit v1.2.3-24-g4f1b