From ea347c7a9bcbadb89dfb6f83d4dc1f90f867b34c Mon Sep 17 00:00:00 2001 From: Daniel Friedman Date: Wed, 23 Mar 2016 11:11:08 -0400 Subject: [PATCH] Make CMS activation_complete template safe by default --- cms/templates/activation_complete.html | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/cms/templates/activation_complete.html b/cms/templates/activation_complete.html index 135f15764d..768f17f054 100644 --- a/cms/templates/activation_complete.html +++ b/cms/templates/activation_complete.html @@ -1,10 +1,18 @@ -<%! from django.utils.translation import ugettext as _ %> +<%! +from openedx.core.djangolib.markup import Text +from django.utils.translation import ugettext as _ +%> +<%page expression_filter="h"/> <%inherit file="base.html" /> <%block name="content">
-

${_("{studio_name} Account Activation").format(studio_name=settings.STUDIO_SHORT_NAME)}

+

+ ${_("{studio_name} Account Activation").format( + studio_name=Text(settings.STUDIO_SHORT_NAME) + )} +

@@ -17,14 +25,20 @@

${_("Your account activation is complete!")}

-

${_("Thank you for activating your account. You may now sign in and start using {studio_name} to author courses.").format(studio_name=settings.STUDIO_NAME)}

+

+ ${_("Thank you for activating your account. You may now sign in and start using {studio_name} to author courses.").format( + studio_name=Text(settings.STUDIO_NAME) + )} +