Projet

Général

Profil

0001-misc-don-t-escape-html-if-_sanitizeHTML-is-absent-10.patch

Frédéric Péters, 04 mars 2016 11:03

Télécharger (894 octets)

Voir les différences: 

Subject: [PATCH] misc: don't escape html if _sanitizeHTML is absent (#10194)


 wcs/qommon/form.py | 2 --
 1 file changed, 2 deletions(-)
wcs/qommon/form.py
1286 1286 
        if self.value:
1287 1287 
            if _sanitizeHTML:
1288 1288 
                self.value = _sanitizeHTML(self.value, get_request().charset, 'text/html')
1289 
            else:
1290 
                self.value = str(htmlescape(self.value))
1291 1289 
            if self.value.startswith('<br />'):
1292 1290 
                self.value = self.value[6:]
1293 1291 
            if self.value.endswith('<br />'):
1294 
-