0001-misc-use-non-autoescaping-template-render-for-email-.patch
src/authentic2/manager/templates/authentic2/manager/user_change_email_notification_body.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} !
|
|
1 |
{% load i18n %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} ! |
|
2 | 2 | |
3 | 3 |
An administrator requested for changing your email on {{ domain }} from: |
4 | 4 | |
... | ... | |
32 | 32 |
This link will be valid for {{ token_lifetime }}. |
33 | 33 | |
34 | 34 |
-- |
35 |
{{ domain }}{% endblocktrans %}{% endif %}{% endautoescape %} |
|
35 |
{{ domain }}{% endblocktrans %}{% endif %} |
src/authentic2/manager/templates/authentic2/manager/user_change_email_notification_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}Change email on {{ domain }} requested by an administrator{% endblocktrans %}{% endautoescape %} |
|
1 |
{% load i18n %}{% blocktrans %}Change email on {{ domain }} requested by an administrator{% endblocktrans %} |
src/authentic2/templates/authentic2/account_delete_notification_body.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}{{ full_name }},{% endblocktrans %}
|
|
1 |
{% load i18n %}{% blocktrans %}{{ full_name }},{% endblocktrans %} |
|
2 | 2 | |
3 | 3 |
{% blocktrans %} |
4 | 4 |
Your account on {{ site }} has been deleted. |
5 | 5 |
All related data will be deleted today. |
6 | 6 |
You cannot log in with it anymore. |
7 | 7 |
{% endblocktrans %} |
8 |
{% endautoescape %} |
src/authentic2/templates/authentic2/account_delete_notification_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}Account deletion on {{ site }}{% endblocktrans %}{% endautoescape %} |
|
1 |
{% load i18n %}{% blocktrans %}Account deletion on {{ site }}{% endblocktrans %} |
src/authentic2/templates/authentic2/account_deletion_code_body.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}{{ full_name }},{% endblocktrans %}
|
|
1 |
{% load i18n %}{% blocktrans %}{{ full_name }},{% endblocktrans %} |
|
2 | 2 | |
3 | 3 |
{% blocktrans %} |
4 | 4 |
Please click on {{ deletion_url }} |
... | ... | |
7 | 7 |
If so, all related data will be deleted in the next few hours. |
8 | 8 |
You won't be able to log in with this account anymore. |
9 | 9 |
{% endblocktrans %} |
10 |
{% endautoescape %} |
src/authentic2/templates/authentic2/account_deletion_code_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}Validate account deletion request on {{ site }}{% endblocktrans %}{% endautoescape %} |
|
1 |
{% load i18n %}{% blocktrans %}Validate account deletion request on {{ site }}{% endblocktrans %} |
src/authentic2/templates/authentic2/change_email_notification_body.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} !
|
|
1 |
{% load i18n %}{% if email_is_not_unique%}{% blocktrans with name=user.get_short_name old_email=user.email %}Hi {{ name }} ! |
|
2 | 2 | |
3 | 3 |
You asked for changing your email on {{ domain }} from: |
4 | 4 | |
... | ... | |
32 | 32 |
This link will be valid for {{ token_lifetime }}. |
33 | 33 | |
34 | 34 |
-- |
35 |
{{ domain }}{% endblocktrans %}{% endif %}{% endautoescape %} |
|
35 |
{{ domain }}{% endblocktrans %}{% endif %} |
src/authentic2/templates/authentic2/change_email_notification_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}Change email on {{ domain }}{% endblocktrans %}{% endautoescape %} |
|
1 |
{% load i18n %}{% blocktrans %}Change email on {{ domain }}{% endblocktrans %} |
src/authentic2/templates/authentic2/registration_success_body.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans with full_name=user.get_full_name %}Hi {{ full_name }} !
|
|
1 |
{% load i18n %}{% blocktrans with full_name=user.get_full_name %}Hi {{ full_name }} ! |
|
2 | 2 | |
3 | 3 |
Your registration on {{ site }} was successful! |
4 | 4 | |
... | ... | |
10 | 10 |
{% trans "Email:" %} {{ user.email }}{% if user.first_name %} |
11 | 11 |
{% trans "First name:" %} {{ user.first_name }}{% endif %}{% if user.last_name %} |
12 | 12 |
{% trans "Last name:" %} {{ user.last_name }}{% endif %} |
13 | ||
14 |
{% endautoescape %} |
src/authentic2/templates/authentic2/registration_success_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% trans "You successfully registered on" %} {{ site }}{% endautoescape %} |
|
1 |
{% load i18n %}{% trans "You successfully registered on" %} {{ site }} |
src/authentic2/templates/authentic2/unused_account_alert_body.txt | ||
---|---|---|
1 |
{% load i18n humanize %} |
|
2 |
{% autoescape off %} |
|
3 |
{% blocktrans %}Hi {{ user.get_full_name }},{% endblocktrans %} |
|
1 |
{% load i18n humanize %}{% blocktrans %}Hi {{ user.get_full_name }},{% endblocktrans %} |
|
4 | 2 | |
5 | 3 |
{% blocktrans with last_login_date=user.last_login|naturaltime %}Your last logging was {{ last_login_date }}.{% endblocktrans %} |
6 | 4 |
{% blocktrans %}In order to keep your account, you must log in within {{ days_to_deletion }} days.{% endblocktrans %} |
7 | 5 |
{% trans "Otherwise, it will be deleted after this time." %} |
8 |
{% endautoescape %} |
src/authentic2/templates/authentic2/unused_account_alert_subject.txt | ||
---|---|---|
1 |
{% load i18n humanize %} |
|
2 |
{% autoescape off %} |
|
3 |
{% blocktrans trimmed with last_login_date=user.last_login|naturaltime %} |
|
4 |
Alert: {{ user.get_full_name }} your last login was {{ last_login_date }} |
|
5 |
{% endblocktrans %} |
|
6 |
{% endautoescape %} |
|
1 |
{% load i18n humanize %}{% blocktrans trimmed with last_login_date=user.last_login|naturaltime %}Alert: {{ user.get_full_name }} your last login was {{ last_login_date }}{% endblocktrans %} |
src/authentic2/templates/authentic2/unused_account_delete_body.txt | ||
---|---|---|
1 |
{% load i18n humanize %} |
|
2 |
{% autoescape off %} |
|
3 |
{% blocktrans with last_login_date=user.last_login|naturaltime %} |
|
1 |
{% load i18n humanize %}{% blocktrans with last_login_date=user.last_login|naturaltime %} |
|
4 | 2 |
Hi {{ user }}, |
5 | 3 | |
6 |
Since your last logging was {{ last_login_date }}, your account has been deleted. |
|
7 |
{% endblocktrans %} |
|
8 |
{% endautoescape %} |
|
4 |
Since your last logging was {{ last_login_date }}, your account has been deleted.{% endblocktrans %} |
src/authentic2/templates/authentic2/unused_account_delete_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% blocktrans %}Notification: {{ user }}, your account has been deleted{% endblocktrans %}{% endautoescape %} |
|
1 |
{% load i18n %}{% blocktrans %}Notification: {{ user }}, your account has been deleted{% endblocktrans %} |
src/authentic2/templates/registration/activation_email.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% if not existing_accounts %}{% blocktrans %}You requested registration on {{ site }}.
|
|
1 |
{% load i18n %}{% if not existing_accounts %}{% blocktrans %}You requested registration on {{ site }}. |
|
2 | 2 |
To finish your registration, please go to: |
3 | 3 | |
4 | 4 |
{{ registration_url }} |
... | ... | |
12 | 12 |
{% if expiration_days > 1 %}{% blocktrans %}Link is valid for {{ expiration_days }} days.{% endblocktrans %} |
13 | 13 |
{% else %}{% blocktrans %}Link is valid for 24 hours.{% endblocktrans %}{% endif %} |
14 | 14 | |
15 |
{% blocktrans %}If you did not register on {{ site }}, ignore this email.{% endblocktrans %}{% endautoescape %} |
|
15 |
{% blocktrans %}If you did not register on {{ site }}, ignore this email.{% endblocktrans %} |
src/authentic2/templates/registration/activation_email_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %}{% trans "You requested registration on" %} {{ site }}{% endautoescape %} |
|
1 |
{% load i18n %}{% trans "You requested registration on" %} {{ site }} |
src/authentic2/templates/registration/password_reset_subject.txt | ||
---|---|---|
1 |
{% load i18n %}{% autoescape off %} |
|
2 |
{% blocktrans with hostname=request.get_host %}Password reset on {{ hostname }}{% endblocktrans %} |
|
3 |
{% endautoescape %} |
|
1 |
{% load i18n %}{% blocktrans with hostname=request.get_host %}Password reset on {{ hostname }}{% endblocktrans %} |
src/authentic2/utils/__init__.py | ||
---|---|---|
43 | 43 |
from django.utils.translation import ugettext as _, ungettext |
44 | 44 |
from django.utils.six.moves.urllib import parse as urlparse |
45 | 45 |
from django.shortcuts import resolve_url |
46 |
from django.template.loader import render_to_string, TemplateDoesNotExist |
|
46 |
from django.template.loader import render_to_string, TemplateDoesNotExist, select_template |
|
47 |
from django.template.context import make_context |
|
47 | 48 |
from django.core.mail import send_mail |
48 | 49 |
from django.core import signing |
49 | 50 |
from django.core.cache import cache |
... | ... | |
622 | 623 |
return fields, labels |
623 | 624 | |
624 | 625 | |
626 |
def render_plain_text_template_to_string(template_names, ctx, request=None): |
|
627 |
template = select_template(template_names) |
|
628 |
return template.template.render(make_context(ctx, request=request, autoescape=False)) |
|
629 | ||
630 | ||
625 | 631 |
def send_templated_mail(user_or_email, template_names, context=None, with_html=True, |
626 | 632 |
from_email=None, request=None, legacy_subject_templates=None, |
627 | 633 |
legacy_body_templates=None, legacy_html_body_templates=None, |
... | ... | |
651 | 657 | |
652 | 658 |
subject_template_names = [template_name + '_subject.txt' for template_name in template_names] |
653 | 659 |
subject_template_names += legacy_subject_templates or [] |
654 |
subject = render_to_string(subject_template_names, ctx, request=request).strip() |
|
660 |
subject = render_plain_text_template_to_string(subject_template_names, ctx, request=request).strip()
|
|
655 | 661 | |
656 | 662 |
body_template_names = [template_name + '_body.txt' for template_name in template_names] |
657 | 663 |
body_template_names += legacy_body_templates or [] |
658 |
body = render_to_string(body_template_names, ctx, request=request) |
|
664 |
body = render_plain_text_template_to_string(body_template_names, ctx, request=request)
|
|
659 | 665 | |
660 | 666 |
html_body = None |
661 | 667 |
html_body_template_names = [template_name + '_body.html' for template_name in template_names] |
662 |
- |