diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-11-26 17:09:56 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2019-12-09 09:38:03 +0000 |
| commit | 6c2d3d5a7d84521d34daa2cf7e4be76a54b3b0e0 (patch) | |
| tree | 75ef8cd6e1df444572ae5ec3a4048e6c3366a088 /templates/web/base/errors | |
| parent | a4290acdff6781979cc3cd7c0142d553236e5666 (diff) | |
Switch to default-escaped in templates.
This means any variable used in a template is automatically
HTML-escaped, unless it is marked as safe either in code by
using a SafeString, or in the template with the `mark_safe`
function or the `safe` filter.
Diffstat (limited to 'templates/web/base/errors')
| -rwxr-xr-x | templates/web/base/errors/generic.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/templates/web/base/errors/generic.html b/templates/web/base/errors/generic.html index e5c2ca0c1..6d4acccf8 100755 --- a/templates/web/base/errors/generic.html +++ b/templates/web/base/errors/generic.html @@ -7,7 +7,7 @@ <div class="confirmation-header confirmation-header--failure"> <h1>[% title %]</h1> - <p>[% message %]</p> + <p>[% message | safe %]</p> </div> [% INCLUDE 'footer.html' %] |