From ec5a1be52b01ec21d8fe08719d0d83f2e05fc1ac Mon Sep 17 00:00:00 2001 From: uzairr Date: Fri, 21 Aug 2020 13:08:43 +0500 Subject: [PATCH] fix xss in transcript replace template PROD-2013 --- .../messages/transcripts-replace.underscore | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/cms/templates/js/video/transcripts/messages/transcripts-replace.underscore b/cms/templates/js/video/transcripts/messages/transcripts-replace.underscore index fa63c200b6..ddd91aa1d5 100644 --- a/cms/templates/js/video/transcripts/messages/transcripts-replace.underscore +++ b/cms/templates/js/video/transcripts/messages/transcripts-replace.underscore @@ -1,17 +1,17 @@
- <%= gettext("Timed Transcript Conflict") %> + <%- gettext("Timed Transcript Conflict") %>

- <%= gettext("The timed transcript for this video on edX is out of date, but YouTube has a current timed transcript for this video.") %> + <%- gettext("The timed transcript for this video on edX is out of date, but YouTube has a current timed transcript for this video.") %> - <%= gettext("Do you want to replace the edX transcript with the YouTube transcript?") %> + <%- gettext("Do you want to replace the edX transcript with the YouTube transcript?") %>

@@ -19,11 +19,11 @@ class="action setting-replace" type="button" name="setting-replace" - value="<%= gettext("Yes, replace the edX transcript with the YouTube transcript") %>" - data-tooltip="<%= gettext("Yes, replace the edX transcript with the YouTube transcript") %>" + value="<%- gettext("Yes, replace the edX transcript with the YouTube transcript") %>" + data-tooltip="<%- gettext("Yes, replace the edX transcript with the YouTube transcript") %>" > - <%= gettext("Yes, replace the edX transcript with the YouTube transcript") %> + <%- gettext("Yes, replace the edX transcript with the YouTube transcript") %>