Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
079f43f40d399cfc0da17039b6dede4e06bda2fb
edx-platform/lms/templates/wiki/includes/editor_widget.html
Adeel Khan 298d3554fe Fix templates for XSS code injection via translations 
This would patch all templates (django/mako)
for a possible XSS code injection via
translation files by html escaping them..

LEARNER-4632
2019-06-25 14:22:42 +05:00

10 lines
408 B
HTML
Raw Blame History

{% load i18n %}
<p id="hint_id_content" class="help-block">
{% filter force_escape %}
{% blocktrans with start_link="<a id='cheatsheetLink' href='#cheatsheetModal' rel='leanModal'>" end_link="</a>" trimmed %}
Markdown syntax is allowed. See the {{ start_link }}cheatsheet{{ end_link }} for help.
{% endblocktrans %}
{% endfilter %}
</p>
<textarea {{ attrs }}>{{ content }}</textarea>
Reference in New Issue View Git Blame Copy Permalink