diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-05-22 11:14:54 +0100 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2018-05-23 13:45:54 +0100 |
| commit | 6150cdcb32474102370a4be4d730ca55c1a74e7e (patch) | |
| tree | abe6bef0b6803fdf592793a3a312d1b91bb579d7 /templates | |
| parent | 1c8249e4b9a7199cad448de3eeb8e1c6b0fb7f1f (diff) | |
Escape data attributes in template.
This fixes a bug whereby a double quote in an item would not be JSON-escaped
due to being HTML-escaped first, meaning it would not parse as JSON on the
client.
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/web/base/report/_inspect.html | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/templates/web/base/report/_inspect.html b/templates/web/base/report/_inspect.html index a81510f22..222780dcb 100644 --- a/templates/web/base/report/_inspect.html +++ b/templates/web/base/report/_inspect.html @@ -72,9 +72,9 @@ cat_prefix = "category_" _ cat_prefix _ "_" %] <p data-category="[% cat_name | html %]" [%~ IF cat_name != problem.category %] class="hidden"[% END %] - data-priorities='[% priorities_by_category.$cat_name %]' - data-defect-types='[% category_defect_types.$cat_name %]' - data-templates='[% templates_by_category.$cat_name %]'> + data-priorities='[% priorities_by_category.$cat_name | html %]' + data-defect-types='[% category_defect_types.$cat_name | html %]' + data-templates='[% templates_by_category.$cat_name | html %]'> [% IF cat_name == problem.category %] [% INCLUDE 'report/new/category_extras_fields.html' metas=category_extras.$cat_name hide_notices=1 show_hidden=1 %] [% ELSE %] |