From b1ef63e5bfc0d3995245b42154686db1400b2c22 Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Sun, 15 Oct 2006 03:26:50 +0000 Subject: Bug 206037: [SECURITY] Fix escaping/quoting in edit*.cgi scripts - Patch by Frédéric Buclin r=justdave a=justdave MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- template/en/default/list/edit-multiple.html.tmpl | 7 ++----- template/en/default/list/list-simple.html.tmpl | 4 +--- 2 files changed, 3 insertions(+), 8 deletions(-) (limited to 'template/en/default/list') diff --git a/template/en/default/list/edit-multiple.html.tmpl b/template/en/default/list/edit-multiple.html.tmpl index cf57bb651..38e4e930f 100644 --- a/template/en/default/list/edit-multiple.html.tmpl +++ b/template/en/default/list/edit-multiple.html.tmpl @@ -256,11 +256,8 @@ [% END %] - [% IF group.isactive %] - [% group.description %] - [% ELSE %] - [% group.description FILTER inactive %] - [% END %] + [% SET inactive = !group.isactive %] + [% group.description FILTER html_light FILTER inactive(inactive) %] diff --git a/template/en/default/list/list-simple.html.tmpl b/template/en/default/list/list-simple.html.tmpl index 9cdc1bed9..8494baf60 100644 --- a/template/en/default/list/list-simple.html.tmpl +++ b/template/en/default/list/list-simple.html.tmpl @@ -30,8 +30,6 @@ [%############################################################################%] [% DEFAULT title = "$terms.Bug List" %] -[% title = title FILTER html %] - [%############################################################################%] [%# Bug Table #%] @@ -40,7 +38,7 @@ - [% title %] + [% title FILTER html %] -- cgit v1.2.3-24-g4f1b