diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-11-27 20:15:33 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2019-12-09 09:38:03 +0000 |
| commit | 2e9e82dfb57b972d1351ecef86687a0d067598b1 (patch) | |
| tree | 189119d0c2be5b0327855609d27cb745a3d14d7b | |
| parent | 6c2d3d5a7d84521d34daa2cf7e4be76a54b3b0e0 (diff) | |
Switch to default-escaped in email templates.
We add a way to process a template with no auto-escaping, that can be
used for the text parts of emails, and mark various HTML output as safe.
43 files changed, 134 insertions, 82 deletions
diff --git a/perllib/FixMyStreet/App.pm b/perllib/FixMyStreet/App.pm index f62deae3a..5f0518920 100644 --- a/perllib/FixMyStreet/App.pm +++ b/perllib/FixMyStreet/App.pm @@ -371,8 +371,8 @@ sub construct_email { %$extra_stash_values, additional_template_paths => \@include_path, }; - $vars->{site_name} = Utils::trim_text($c->view('Email')->render($c, 'site-name.txt', $vars)); - $vars->{signature} = $c->view('Email')->render($c, 'signature.txt', $vars); + $vars->{site_name} = Utils::trim_text($c->view('EmailText')->render($c, 'site-name.txt', $vars)); + $vars->{signature} = $c->view('EmailText')->render($c, 'signature.txt', $vars); return if FixMyStreet::Email::is_abuser($c->model('DB')->schema, $vars->{to}); @@ -386,7 +386,7 @@ sub construct_email { $c->log->debug("Error compiling HTML $template: $@") if $@; my $data = { - _body_ => $c->view('Email')->render( $c, $template, $vars ), + _body_ => $c->view('EmailText')->render( $c, $template, $vars ), _attachments_ => $extra_stash_values->{attachments}, From => $vars->{from}, To => $vars->{to}, diff --git a/perllib/FixMyStreet/App/Controller/Develop.pm b/perllib/FixMyStreet/App/Controller/Develop.pm index d2457a3d7..6a1c10b22 100755 --- a/perllib/FixMyStreet/App/Controller/Develop.pm +++ b/perllib/FixMyStreet/App/Controller/Develop.pm @@ -142,6 +142,7 @@ sub email_previewer : Path('/_dev/email') : Args(1) { # Look through the Email::MIME email for the text/html part, and any inline # images. Turn the images into data: URIs. + my $text = ''; my $html = ''; my %images; $email->walk_parts(sub { @@ -151,6 +152,8 @@ sub email_previewer : Path('/_dev/email') : Args(1) { (my $cid = $part->header('Content-ID')) =~ s/[<>]//g; (my $ct = $part->content_type) =~ s/;.*//; $images{$cid} = "$ct;base64," . $part->body_raw; + } elsif ($part->content_type =~ m[text/plain]i) { + $text = $part->body_str; } elsif ($part->content_type =~ m[text/html]i) { $html = $part->body_str; } @@ -160,7 +163,12 @@ sub email_previewer : Path('/_dev/email') : Args(1) { $html =~ s/cid:([^"]*)/data:$images{$1}/g; } - $c->response->body($html); + if ($c->get_param('text')) { + $c->response->header(Content_type => 'text/plain'); + $c->response->body($text); + } else { + $c->response->body($html); + } } =item problem_confirm_previewer diff --git a/perllib/FixMyStreet/App/View/EmailText.pm b/perllib/FixMyStreet/App/View/EmailText.pm new file mode 100755 index 000000000..6b28ca13f --- /dev/null +++ b/perllib/FixMyStreet/App/View/EmailText.pm @@ -0,0 +1,29 @@ +package FixMyStreet::App::View::EmailText; +use base 'Catalyst::View::TT'; + +use strict; +use warnings; + +use FixMyStreet; +use FixMyStreet::Template; + +__PACKAGE__->config( + CLASS => 'FixMyStreet::Template', + TEMPLATE_EXTENSION => '.txt', + INCLUDE_PATH => [ FixMyStreet->path_to( 'templates', 'email', 'default' ) ], + render_die => 1, + disable_autoescape => 1, +); + +=head1 NAME + +FixMyStreet::App::View::EmailText - TT View for FixMyStreet::App + +=head1 DESCRIPTION + +A TT view for the text part of emails - so no HTML auto-escaping + +=cut + +1; + diff --git a/perllib/FixMyStreet/Email.pm b/perllib/FixMyStreet/Email.pm index 49098b40d..18aff9d90 100644 --- a/perllib/FixMyStreet/Email.pm +++ b/perllib/FixMyStreet/Email.pm @@ -169,6 +169,7 @@ sub send_cron { push @include_path, FixMyStreet->path_to( 'templates', 'email', 'default' ); my $tt = FixMyStreet::Template->new({ INCLUDE_PATH => \@include_path, + disable_autoescape => 1, }); $vars->{signature} = _render_template($tt, 'signature.txt', $vars); $vars->{site_name} = Utils::trim_text(_render_template($tt, 'site-name.txt', $vars)); @@ -178,6 +179,9 @@ sub send_cron { my @inline_images; $vars->{inline_image} = sub { add_inline_image(\@inline_images, @_) }; $vars->{file_exists} = sub { -e FixMyStreet->path_to(@_) }; + my $tt = FixMyStreet::Template->new({ + INCLUDE_PATH => \@include_path, + }); $hdrs->{_html_} = _render_template($tt, $html_template, $vars); $hdrs->{_html_images_} = \@inline_images; } diff --git a/perllib/FixMyStreet/Template.pm b/perllib/FixMyStreet/Template.pm index 354b6c911..84faeb562 100644 --- a/perllib/FixMyStreet/Template.pm +++ b/perllib/FixMyStreet/Template.pm @@ -40,10 +40,13 @@ sub Fn : ATTR(CODE,BEGIN) { sub new { my ($class, $config) = @_; + my $disable_autoescape = delete $config->{disable_autoescape}; $config->{FILTERS}->{$_} = $FILTERS{$_} foreach keys %FILTERS; $config->{ENCODING} = 'utf8'; - $config->{STASH} = FixMyStreet::Template::Stash->new($config); - $config->{CONTEXT} = FixMyStreet::Template::Context->new($config); + if (!$disable_autoescape) { + $config->{STASH} = FixMyStreet::Template::Stash->new($config); + $config->{CONTEXT} = FixMyStreet::Template::Context->new($config); + } $class->SUPER::new($config); } diff --git a/t/app/helpers/send_email.t b/t/app/helpers/send_email.t index 58b9acaaa..522ee39d0 100644 --- a/t/app/helpers/send_email.t +++ b/t/app/helpers/send_email.t @@ -17,7 +17,7 @@ my $mech = FixMyStreet::TestMech->new; my $c = ctx_request("/"); # set some values in the stash -$c->stash->{foo} = 'bar'; +$c->stash->{foo} = 'bar <b>bold</b>'; # clear the email queue $mech->clear_emails_ok; @@ -118,6 +118,14 @@ subtest 'Inline emails!' => sub { \ {10}\+\ text/plain.*\n \ {10}\+\ text/html.*\n \ {5}\+\ image/gif]x; + $email->walk_parts(sub { + my ($part) = @_; + if ($part->content_type =~ m[text/plain]i) { + like $part->body_str, qr/foo: bar <b>bold<\/b>/; + } elsif ($part->content_type =~ m[text/html]i) { + like $part->body_str, qr/foo: bar <b>bold<\/b>/; + } + }); $mech->clear_emails_ok; }; diff --git a/t/app/helpers/send_email_sample.txt b/t/app/helpers/send_email_sample.txt index 68fe61f0e..e14c536be 100644 --- a/t/app/helpers/send_email_sample.txt +++ b/t/app/helpers/send_email_sample.txt @@ -7,7 +7,7 @@ From: CONTACT_EMAIL Hello, -This is a test email where foo: bar. +This is a test email where foo: bar <b>bold</b>. utf8: =E6=88=91=E4=BB=AC=E5=BA=94=E8=AF=A5=E8=83=BD=E5=A4=9F=E6=97=A0=E7=BC= =9D=E5=A4=84=E7=90=86UTF8=E7=BC=96=E7=A0=81 diff --git a/t/app/helpers/send_email_sample_mime.txt b/t/app/helpers/send_email_sample_mime.txt index 7b4ce91f6..623874149 100644 --- a/t/app/helpers/send_email_sample_mime.txt +++ b/t/app/helpers/send_email_sample_mime.txt @@ -12,7 +12,7 @@ Content-Transfer-Encoding: quoted-printable Hello,
-This is a test email where foo: bar.
+This is a test email where foo: bar <b>bold</b>.
utf8: =E6=88=91=E4=BB=AC=E5=BA=94=E8=AF=A5=E8=83=BD=E5=A4=9F=E6=97=A0=E7=BC=
=9D=E5=A4=84=E7=90=86UTF8=E7=BC=96=E7=A0=81
diff --git a/templates/email/bathnes/_email_top.html b/templates/email/bathnes/_email_top.html index ec3c80ce2..89dd1dcbf 100644 --- a/templates/email/bathnes/_email_top.html +++ b/templates/email/bathnes/_email_top.html @@ -51,7 +51,7 @@ </style> </head> <body style="[% body_style %]"> - <table [% wrapper_table %] style="[% wrapper_style %]"> + <table [% wrapper_table | safe %] style="[% wrapper_style %]"> <tr> <th class="spacer-cell"></th> <th width="[% wrapper_max_width %]" style="[% td_style %][% hint_style %]" class="hint"> @@ -60,11 +60,11 @@ <th class="spacer-cell"></th> </tr> </table> - <table [% wrapper_table %] style="[% wrapper_style %]"> + <table [% wrapper_table | safe %] style="[% wrapper_style %]"> <tr> <th class="spacer-cell"></th> <th width="[% wrapper_max_width %]" style="[% td_style %] min-width: [% wrapper_min_width %]px;" id="main"> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th id="header" colspan="[% email_columns %]" style="[% td_style %][% header_style %]"> [%~ IF file_exists("web/cobrands/${ img_dir }/images/email-logo.gif") ~%] diff --git a/templates/email/buckinghamshire/alert-update.html b/templates/email/buckinghamshire/alert-update.html index 8831fd379..16bac06dd 100644 --- a/templates/email/buckinghamshire/alert-update.html +++ b/templates/email/buckinghamshire/alert-update.html @@ -12,11 +12,11 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">New updates on <a href="[% problem_url %]">[% category %] report</a></h1> [%~ INCLUDE '_email_comment_list.html' %] <p style="[% p_style %]"><a href="[% unsubscribe_url %]">Unsubscribe from alerts about this report</a></p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% title %]</h2> diff --git a/templates/email/buckinghamshire/other-reported.html b/templates/email/buckinghamshire/other-reported.html index 584c5b89e..07a36b6f3 100644 --- a/templates/email/buckinghamshire/other-reported.html +++ b/templates/email/buckinghamshire/other-reported.html @@ -9,7 +9,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Your report has been logged</h1> <p style="[% p_style %]">Your report to [% report.body %] has been logged on [% site_name %].</p> [% IF cobrand.is_council && !cobrand.owns_problem( report ) %] @@ -21,7 +21,7 @@ of report, so it will instead be sent to [% report.body %].</p> <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(report) %][% report.url %]">View my report</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/default/_email_bottom.html b/templates/email/default/_email_bottom.html index 4967dfaa2..13c5c019f 100644 --- a/templates/email/default/_email_bottom.html +++ b/templates/email/default/_email_bottom.html @@ -4,12 +4,12 @@ <th class="spacer-cell"></th> </tr> </table> - <table [% wrapper_table %] style="[% wrapper_style %]"> + <table [% wrapper_table | safe %] style="[% wrapper_style %]"> <tr> <th class="spacer-cell"></th> <th width="[% wrapper_max_width %]" style="[% td_style %][% hint_style %]" class="hint"> [%~ IF email_footer %] - [% email_footer %] + [% email_footer | safe %] [%~ ELSE %] This email was sent automatically, from an unmonitored email account. Please do not reply to it. [%~ END %] diff --git a/templates/email/default/_email_sidebar.html b/templates/email/default/_email_sidebar.html index e762bc140..b90a55c28 100644 --- a/templates/email/default/_email_sidebar.html +++ b/templates/email/default/_email_sidebar.html @@ -16,10 +16,10 @@ DEFAULT url = cobrand.base_url_for_report(report) _ report.url [% IF url %] <a href="[% url %]"><img style="[% map_image_style %]" src="[% inline_image(report.static_map, 'map.jpeg') %]" width="310" height="200" alt=""></a> [% END %] - [% start_padded_box %] + [% start_padded_box | safe %] [%~ IF object.photo %] <img style="[% preview_photo_style %]" src="[% inline_image(object.get_first_image_fp) %]" alt="" align="right"> [%~ END %] - [%~ content %] - [% end_padded_box %] + [%~ content | safe %] + [% end_padded_box | safe %] </th> diff --git a/templates/email/default/_email_top.html b/templates/email/default/_email_top.html index f7869ddb4..c4622818d 100644 --- a/templates/email/default/_email_top.html +++ b/templates/email/default/_email_top.html @@ -47,7 +47,7 @@ </style> </head> <body style="[% body_style %]"> - <table [% wrapper_table %] style="[% wrapper_style %]"> + <table [% wrapper_table | safe %] style="[% wrapper_style %]"> <tr> <th class="spacer-cell"></th> <th width="[% wrapper_max_width %]" style="[% td_style %][% hint_style %]" class="hint"> @@ -56,11 +56,11 @@ <th class="spacer-cell"></th> </tr> </table> - <table [% wrapper_table %] style="[% wrapper_style %]"> + <table [% wrapper_table | safe %] style="[% wrapper_style %]"> <tr> <th class="spacer-cell"></th> <th width="[% wrapper_max_width %]" style="[% td_style %] min-width: [% wrapper_min_width %]px;" id="main"> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th colspan="[% email_columns %]" style="[% td_style %][% header_style %]"> [%~ IF file_exists("web/cobrands/${ img_dir }/images/${ logo_file }") ~%] diff --git a/templates/email/default/alert-update.html b/templates/email/default/alert-update.html index 082f5e369..e026cf146 100644 --- a/templates/email/default/alert-update.html +++ b/templates/email/default/alert-update.html @@ -11,11 +11,11 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">New updates on <a href="[% problem_url %]">[% title %]</a></h1> [%~ INCLUDE '_email_comment_list.html' %] <p style="[% p_style %]"><a href="[% unsubscribe_url %]">Unsubscribe from alerts about this report</a></p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% title %]</h2> diff --git a/templates/email/default/contact.html b/templates/email/default/contact.html index 33c858dfb..6eac4282a 100644 --- a/templates/email/default/contact.html +++ b/templates/email/default/contact.html @@ -13,7 +13,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% contact_meta_style %]"> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">From</th> <td style="[% contact_td_style %]"> diff --git a/templates/email/default/other-reported.html b/templates/email/default/other-reported.html index 584c5b89e..07a36b6f3 100644 --- a/templates/email/default/other-reported.html +++ b/templates/email/default/other-reported.html @@ -9,7 +9,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Your report has been logged</h1> <p style="[% p_style %]">Your report to [% report.body %] has been logged on [% site_name %].</p> [% IF cobrand.is_council && !cobrand.owns_problem( report ) %] @@ -21,7 +21,7 @@ of report, so it will instead be sent to [% report.body %].</p> <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(report) %][% report.url %]">View my report</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/default/other-updated.html b/templates/email/default/other-updated.html index e7f09e123..2609b0027 100644 --- a/templates/email/default/other-updated.html +++ b/templates/email/default/other-updated.html @@ -9,14 +9,14 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Your update has been logged</h1> <p style="[% p_style %]">Your update has been logged on [% site_name %].</p> [% TRY %][% INCLUDE '_council_reference.html' %][% CATCH file %][% END %] <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(problem) %][% update.url %]">View my update</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = update diff --git a/templates/email/default/problem-confirm-not-sending.html b/templates/email/default/problem-confirm-not-sending.html index 827a49d55..43a4c6372 100644 --- a/templates/email/default/problem-confirm-not-sending.html +++ b/templates/email/default/problem-confirm-not-sending.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Please confirm your report</h1> <p style="[% p_style %]">Please click on the link below to confirm that you want your report to appear on [% site_name %], despite not being sent to the @@ -20,7 +20,7 @@ council.</p> <a style="[% button_style %]" href="[% token_url %]">Yes, publish my report</a> </p> <p style="[% p_style %]">If you no longer wish to publish this report, please take no further action.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = token_url %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/default/problem-confirm.html b/templates/email/default/problem-confirm.html index b8c98534c..b94a008f7 100644 --- a/templates/email/default/problem-confirm.html +++ b/templates/email/default/problem-confirm.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Please confirm your report</h1> <p style="[% p_style %]">Please click on the link below to confirm that you want to send your report to [% report.body %]. [% IF c.cobrand.is_council && !c.cobrand.owns_problem( report ) %] @@ -25,7 +25,7 @@ of problem, so it will instead be sent to [% report.body %]. <a style="[% button_style %]" href="[% token_url %]">Yes, send my report</a> </p> <p style="[% p_style %]">If you no longer wish to send this report, please take no further action.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = token_url %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/default/problem-moderated.html b/templates/email/default/problem-moderated.html index 142f27fc2..915bb4138 100644 --- a/templates/email/default/problem-moderated.html +++ b/templates/email/default/problem-moderated.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Your report has been moderated</h1> [% IF types == 'hide' -%] <p style="[% p_style %]">The report has been hidden from the site.</p> @@ -22,7 +22,7 @@ INCLUDE '_email_top.html'; [% END -%] <p style="[% p_style %]">If you do not think that this report should have been moderated, you may contact the team at <a href="[% report_complain_uri %]">[% report_complain_uri %]</a></p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = problem %] <h2 style="[% h2_style %]">[% moderated_data.title | html %]</h2> diff --git a/templates/email/default/questionnaire.html b/templates/email/default/questionnaire.html index eaa570ae0..bc0b6dbd5 100644 --- a/templates/email/default/questionnaire.html +++ b/templates/email/default/questionnaire.html @@ -11,7 +11,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Has your problem been fixed?</h1> <p style="[% p_style %]">[% created %] ago, you reported a problem using [% site_name %].</p> <p style="[% p_style %]">Help us keep [% site_name %] up to date by letting us know whether the problem has been fixed yet:</p> @@ -23,7 +23,7 @@ INCLUDE '_email_top.html'; <a style="[% dontknow_button_style %]" href="[% url %]?been_fixed=Unknown">Don’t know</a> </p> <p style="[% p_style %]">Thank you! Your feedback is really valuable.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = url %] <h2 style="[% h2_style %]">[% title %]</h2> diff --git a/templates/email/default/submit.html b/templates/email/default/submit.html index 8dc06041e..0fed5770f 100644 --- a/templates/email/default/submit.html +++ b/templates/email/default/submit.html @@ -11,7 +11,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">New problem in your area</h1> <p style="[% p_style %]">[% missing %][% multiple %]A user of [% site_name %] has submitted the following report of a local problem that they believe might require your attention.</p> @@ -20,7 +20,7 @@ of a local problem that they believe might require your attention.</p> <a style="[% button_style %]" href="[% url %]">Show full report</a> </p> <h2 style="[% h2_style %] margin: 30px 0 10px 0">Reported by:</h2> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">Name</th> <td style="[% contact_td_style %]">[% report.name | html %]</td> @@ -43,7 +43,7 @@ of a local problem that they believe might require your attention.</p> [%~ END %] </table> <p style="[% p_style %] margin-top: 0.5em;">Replies to this message will go directly to [% report.name | html %], the user who reported the problem.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/default/update-confirm.html b/templates/email/default/update-confirm.html index c2a39c0e5..888511346 100644 --- a/templates/email/default/update-confirm.html +++ b/templates/email/default/update-confirm.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Please confirm your update</h1> <p style="[% p_style %]">Please click on the link below to confirm your update on [% site_name %].</p> <p style="margin: 20px auto; text-align: center"> @@ -18,7 +18,7 @@ INCLUDE '_email_top.html'; </p> <p style="[% p_style %]">[% INCLUDE 'update-confirm-donotsend.txt' %]</p> <p style="[% p_style %]">If you no longer wish to confirm this update, please take no further action.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = update diff --git a/templates/email/fixamingata/_email_bottom.html b/templates/email/fixamingata/_email_bottom.html index 0a8c95c1c..fb4ddc6dd 100644 --- a/templates/email/fixamingata/_email_bottom.html +++ b/templates/email/fixamingata/_email_bottom.html @@ -4,7 +4,7 @@ <th></th> </tr> </table> - <table [% wrapper_table %] style="[% wrapper_style %]"> + <table [% wrapper_table | safe %] style="[% wrapper_style %]"> <tr> <th></th> <th width="[% wrapper_max_width %]" style="[% td_style %][% hint_style %]" class="hint"> diff --git a/templates/email/fixamingata/alert-update.html b/templates/email/fixamingata/alert-update.html index e24bb4e31..2dcec3273 100644 --- a/templates/email/fixamingata/alert-update.html +++ b/templates/email/fixamingata/alert-update.html @@ -11,11 +11,11 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Ny uppdatering i <a href="[% problem_url %]">[% title %]</a></h1> [%~ INCLUDE '_email_comment_list.html' %] <p style="[% p_style %]"><a href="[% unsubscribe_url %]">Avsluta min prenumeration kring denna rapport</a></p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% title | html %]</h2> diff --git a/templates/email/fixamingata/contact.html b/templates/email/fixamingata/contact.html index 47c828a36..2b71eaea8 100644 --- a/templates/email/fixamingata/contact.html +++ b/templates/email/fixamingata/contact.html @@ -13,7 +13,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% contact_meta_style %]"> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">Från</th> <td style="[% contact_td_style %]">[% name %] <<a href="mailto:[% em | html %]">[% em | html %]</a>></td> diff --git a/templates/email/fixamingata/other-reported.html b/templates/email/fixamingata/other-reported.html index 0b0160696..c7e6b5c63 100644 --- a/templates/email/fixamingata/other-reported.html +++ b/templates/email/fixamingata/other-reported.html @@ -9,7 +9,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Din rapport har loggats</h1> <p style="[% p_style %]">Din rapport till [% report.body %] har blivit loggad på [% site_name %]. [% IF cobrand.is_council && !cobrand.owns_problem( report ) %] @@ -20,7 +20,7 @@ rapporter, så kommer rapporten istället att skickas till [% report.body %]. <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(report) %][% report.url %]">Visa min rapport</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/fixamingata/other-updated.html b/templates/email/fixamingata/other-updated.html index 7be360ef7..bb0a90416 100644 --- a/templates/email/fixamingata/other-updated.html +++ b/templates/email/fixamingata/other-updated.html @@ -9,13 +9,13 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Din uppdatering har loggats</h1> <p style="[% p_style %]">Din uppdatering har blivit loggad på [% site_name %]:</p> <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(problem) %][% problem.url %]#update_[% update.id %]">Visa min uppdatering</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = update diff --git a/templates/email/fixamingata/problem-confirm-not-sending.html b/templates/email/fixamingata/problem-confirm-not-sending.html index 665288a02..e0b991d98 100644 --- a/templates/email/fixamingata/problem-confirm-not-sending.html +++ b/templates/email/fixamingata/problem-confirm-not-sending.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Bekräfta din FixaMinGata-rapport</h1> <p style="[% p_style %]">För att bekräfta den rapport som du nyligen lade in på FixaMinGata måste du klicka på nedanstående länk. Notera att din rapport inte kommer att @@ -20,7 +20,7 @@ skickas till kommunen.</p> <a style="[% button_style %]" href="[% token_url %]">Skicka min rapport</a> </p> <p style="[% p_style %]">Om du inte vill skicka din rapport så behöver du inte göra något.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = token_url %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/fixamingata/problem-confirm.html b/templates/email/fixamingata/problem-confirm.html index 937743fc6..a6a7c9b88 100644 --- a/templates/email/fixamingata/problem-confirm.html +++ b/templates/email/fixamingata/problem-confirm.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Bekräfta din FixaMinGata-rapport</h1> <p style="[% p_style %]">För att bekräfta den rapport som du nyligen lade in på FixaMinGata måste du klicka på nedanstående knapp.</p> @@ -19,7 +19,7 @@ måste du klicka på nedanstående knapp.</p> <a style="[% button_style %]" href="[% token_url %]">Skicka min rapport</a> </p> <p style="[% p_style %]">Om du inte vill skicka din rapport så behöver du inte göra något.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = token_url %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/fixamingata/problem-moderated.html b/templates/email/fixamingata/problem-moderated.html index 02bace72f..4c927c11d 100644 --- a/templates/email/fixamingata/problem-moderated.html +++ b/templates/email/fixamingata/problem-moderated.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Din rapport har blivit modererad</h1> [% IF types == 'hide' -%] <p style="[% p_style %]">Din rapport har dolts från sajten.</p> @@ -22,7 +22,7 @@ INCLUDE '_email_top.html'; [% END -%] <p style="[% p_style %]">Om du inte tycker att rapporten skulle ha blivit modererad kan du kontakta FixaMinGata:s support på <a href="[% report_complain_uri %]">[% report_complain_uri %]</a></p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = problem %] <h2 style="[% h2_style %]">[% problem.moderation_original_data.title | html %]</h2> diff --git a/templates/email/fixamingata/questionnaire.html b/templates/email/fixamingata/questionnaire.html index d66c50535..fef76f0c2 100644 --- a/templates/email/fixamingata/questionnaire.html +++ b/templates/email/fixamingata/questionnaire.html @@ -11,7 +11,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Har ditt problem blivit fixat?</h1> <p style="[% p_style %]">[% created %] sedan lämnade du en rapport på FixaMinGata.</p> <p style="[% p_style %]">För att hålla alla rapporter uppdaterade skulle vi uppskatta om du kunde informera oss om huruvida problemet har blivit fixat än:</p> @@ -23,7 +23,7 @@ INCLUDE '_email_top.html'; <a style="[% dontknow_button_style %]" href="[% url %]?been_fixed=Unknown">Vet ej</a> </p> <p style="[% p_style %]">Tack! Din feedback är värdefull.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = url %] <h2 style="[% h2_style %]">[% title %]</h2> diff --git a/templates/email/fixamingata/submit.html b/templates/email/fixamingata/submit.html index 6a1208982..f04801bd6 100644 --- a/templates/email/fixamingata/submit.html +++ b/templates/email/fixamingata/submit.html @@ -11,7 +11,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Ny rapport för [% report.body %]</h1> <p style="[% p_style %]">[% missing %][% multiple %]Följande rapport tror medborgaren behöver er uppmärksamhet.</p> @@ -20,7 +20,7 @@ tror medborgaren behöver er uppmärksamhet.</p> <a style="[% button_style %]" href="[% url %]">Visa rapporten</a> </p> <h2 style="[% h2_style %] margin: 30px 0 10px 0">Rapporterad av:</h2> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">Namn</th> <td style="[% contact_td_style %]">[% report.name | html %]</td> @@ -42,7 +42,7 @@ tror medborgaren behöver er uppmärksamhet.</p> [%~ END %] </table> <p style="[% p_style %] margin-top: 0.5em;">Svar på det här brevet kommer att skickas till den person som lämnade rapporten.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/fixamingata/update-confirm.html b/templates/email/fixamingata/update-confirm.html index 3953b16fd..178f5b79e 100644 --- a/templates/email/fixamingata/update-confirm.html +++ b/templates/email/fixamingata/update-confirm.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Bekräfta din uppdatering</h1> <p style="[% p_style %]">Vänligen klicka på knappen nedan för att bekräfta den uppdatering du just lämnade:</p> <p style="margin: 20px auto; text-align: center"> @@ -18,7 +18,7 @@ INCLUDE '_email_top.html'; </p> <p style="[% p_style %]">[% INCLUDE 'update-confirm-donotsend.txt' %]</p> <p style="[% p_style %]">Om du inte vill bekräfta din uppdatering behöver du inte göra något.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = update diff --git a/templates/email/fixmystreet.com/_submit_footer.html b/templates/email/fixmystreet.com/_submit_footer.html index cb0dbb165..0da75a3b7 100644 --- a/templates/email/fixmystreet.com/_submit_footer.html +++ b/templates/email/fixmystreet.com/_submit_footer.html @@ -1,4 +1,4 @@ -<table [% table_reset %]> +<table [% table_reset | safe %]> <tr> <th style="[% td_style %] padding: [% column_padding %]px; background-color: [% color_yellow %]; color: [% color_black %];"> <h2 style="[% h2_style %] margin-bottom: 15px;"> @@ -14,7 +14,7 @@ </tr> </table> -<table [% table_reset %] style="table-layout: fixed;"> +<table [% table_reset | safe %] style="table-layout: fixed;"> <tr> <th style="[% submit_footer_td_style %] padding: [% column_padding %]px 40px 0 0;"> <h2 style="[% submit_footer_h2_style %]"> diff --git a/templates/email/fixmystreet.com/submit.html b/templates/email/fixmystreet.com/submit.html index 2742c4b44..1e8f49409 100644 --- a/templates/email/fixmystreet.com/submit.html +++ b/templates/email/fixmystreet.com/submit.html @@ -11,7 +11,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">New problem in your area</h1> <p style="[% p_style %]">[% missing %][% multiple %]A user of [% site_name %] has submitted the following report of a local problem that they believe might require your attention.</p> @@ -20,7 +20,7 @@ of a local problem that they believe might require your attention.</p> <a style="[% button_style %]" href="[% url %]">Show full report</a> </p> <h2 style="[% h2_style %] margin: 30px 0 10px 0">Reported by:</h2> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">Name</th> <td style="[% contact_td_style %]">[% report.name | html %]</td> @@ -43,7 +43,7 @@ of a local problem that they believe might require your attention.</p> [%~ END %] </table> <p style="[% p_style %] margin-top: 0.5em;">Replies to this message will go directly to [% report.name | html %], the user who reported the problem.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/hounslow/other-reported.html b/templates/email/hounslow/other-reported.html index f715a392c..a45f64a3e 100644 --- a/templates/email/hounslow/other-reported.html +++ b/templates/email/hounslow/other-reported.html @@ -9,7 +9,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Your report has been logged</h1> <p style="[% p_style %]">Your report to [% cobrand.council_name %] has been logged on [% site_name %].</p> [% IF cobrand.is_council && !cobrand.owns_problem( report ) %] @@ -21,7 +21,7 @@ of report, so it will instead be sent to [% report.body %].</p> <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(report) %][% report.url %]">View my report</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/hounslow/problem-confirm.html b/templates/email/hounslow/problem-confirm.html index 00108adee..08a7531ca 100644 --- a/templates/email/hounslow/problem-confirm.html +++ b/templates/email/hounslow/problem-confirm.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Please confirm your report</h1> <p style="[% p_style %]">Please click on the link below to confirm that you want to send your report to Hounslow Highways. @@ -21,7 +21,7 @@ INCLUDE '_email_top.html'; <a style="[% button_style %]" href="[% token_url %]">Yes, send my report</a> </p> <p style="[% p_style %]">If you no longer wish to send this report, please take no further action.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = token_url %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/hounslow/submit.html b/templates/email/hounslow/submit.html index 7bc5ce45d..5b9f2e255 100644 --- a/templates/email/hounslow/submit.html +++ b/templates/email/hounslow/submit.html @@ -11,7 +11,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">New problem in your area</h1> <p style="[% p_style %]">[% multiple %]A user of [% site_name %] has submitted the following report of a local problem that they believe might require your attention.</p> @@ -20,7 +20,7 @@ of a local problem that they believe might require your attention.</p> <a style="[% button_style %]" href="[% url %]">Show full report</a> </p> <h2 style="[% h2_style %] margin: 30px 0 10px 0">Reported by:</h2> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">Name</th> <td style="[% contact_td_style %]">[% report.name | html %]</td> @@ -43,7 +43,7 @@ of a local problem that they believe might require your attention.</p> [%~ END %] </table> <p style="[% p_style %] margin-top: 0.5em;">Replies to this message will go directly to [% report.name | html %], the user who reported the problem.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/isleofwight/confirm_report_sent.html b/templates/email/isleofwight/confirm_report_sent.html index 8e85c5729..88838960e 100644 --- a/templates/email/isleofwight/confirm_report_sent.html +++ b/templates/email/isleofwight/confirm_report_sent.html @@ -9,7 +9,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Your report has been logged</h1> [% IF report.state == 'for triage' %] <p style="[% p_style %]">Thank you for submitting your report to FixMyStreet, it will be submitted to Island Roads for review.</p> @@ -32,7 +32,7 @@ of report, so it will instead be sent to [% report.body %].</p> <p style="margin: 20px auto; text-align: center"> <a style="[% button_style %]" href="[% cobrand.base_url_for_report(report) %][% report.url %]">View my report</a> </p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/isleofwight/problem-confirm.html b/templates/email/isleofwight/problem-confirm.html index ccdefc7aa..551e42e31 100644 --- a/templates/email/isleofwight/problem-confirm.html +++ b/templates/email/isleofwight/problem-confirm.html @@ -10,7 +10,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% primary_column_style %]" id="primary_column"> - [% start_padded_box %] + [% start_padded_box | safe %] <h1 style="[% h1_style %]">Please confirm your report</h1> <p style="[% p_style %]">Please click on the link below to confirm that you want to send your report to Island Roads. @@ -21,7 +21,7 @@ INCLUDE '_email_top.html'; <a style="[% button_style %]" href="[% token_url %]">Yes, send my report</a> </p> <p style="[% p_style %]">If you no longer wish to send this report, please take no further action.</p> - [% end_padded_box %] + [% end_padded_box | safe %] </th> [% WRAPPER '_email_sidebar.html' object = report, url = token_url %] <h2 style="[% h2_style %]">[% report.title | html %]</h2> diff --git a/templates/email/lincolnshire/contact.html b/templates/email/lincolnshire/contact.html index d9e9b060a..23a3c01ff 100644 --- a/templates/email/lincolnshire/contact.html +++ b/templates/email/lincolnshire/contact.html @@ -13,7 +13,7 @@ INCLUDE '_email_top.html'; %] <th style="[% td_style %][% contact_meta_style %]"> - <table [% table_reset %]> + <table [% table_reset | safe %]> <tr> <th style="[% contact_th_style %]">From</th> <td style="[% contact_td_style %]">[% name %] <<a href="mailto:[% em | html %]">[% em | html %]</a>></td> |