Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5dae91bdf875eb5da68803e2948e32244dbd035d
edx-platform/lms/templates/edit_unit_link.html
Adeel Khan 298d3554fe Fix templates for XSS code injection via translations 
This would patch all templates (django/mako)
for a possible XSS code injection via
translation files by html escaping them..

LEARNER-4632
2019-06-25 14:22:42 +05:00

8 lines
265 B
HTML
Raw Blame History

<%page expression_filter="h"/>
<%! from django.utils.translation import ugettext as _ %>
<div class="wrap-instructor-info studio-view">
<a class="instructor-info-action" href="${edit_link}">${_("View Unit in Studio")}</a>
</div>
${frag_content | n, decode.utf8}
Reference in New Issue View Git Blame Copy Permalink