Commit 47bc8e65 by Brian Jacobel

Fix actual safe template violations

parent 7c7ab815
<%namespace name='static' file='/static_content.html'/>
<%page expression_filter="h"/>
<%! <%!
import json import json
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from student.models import anonymous_id_for_user from student.models import anonymous_id_for_user
from openedx.core.djangolib.js_utils import js_escaped_string, dump_js_escaped_json
%> %>
<%namespace name='static' file='/static_content.html'/>
<% <%
if user: if user:
params.update({'user': anonymous_id_for_user(user, None)}) params.update({'user': anonymous_id_for_user(user, None)})
%> %>
<div id="edx-notes-wrapper-${uid}" class="edx-notes-wrapper"> <div id="edx-notes-wrapper-${uid}" class="edx-notes-wrapper">
<div class="edx-notes-wrapper-content">${content}</div> <div class="edx-notes-wrapper-content">${content | n, decode.utf8 }</div>
</div> </div>
<%static:require_module_async module_name="js/edxnotes/views/notes_visibility_factory" class_name="NotesVisibilityFactory"> <%static:require_module_async module_name="js/edxnotes/views/notes_visibility_factory" class_name="NotesVisibilityFactory">
var element = document.getElementById('edx-notes-wrapper-${uid}'); var element = document.getElementById('edx-notes-wrapper-${uid | n, js_escaped_string}');
NotesVisibilityFactory.VisibilityDecorator.factory(element, ${json.dumps(params)}, ${edxnotes_visibility}); NotesVisibilityFactory.VisibilityDecorator.factory(element, ${params | n, dump_js_escaped_json}, ${edxnotes_visibility | n, decode.utf8});
</%static:require_module_async> </%static:require_module_async>
...@@ -4,14 +4,15 @@ ...@@ -4,14 +4,15 @@
<%! <%!
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from openedx.core.djangolib.js_utils import dump_js_escaped_json, js_escaped_string from openedx.core.djangolib.js_utils import dump_js_escaped_json, js_escaped_string
from openedx.core.djangolib.markup import HTML
%> %>
<%static:require_module_async module_name="js/certificates/factories/certificate_whitelist_factory" class_name="CertificateWhitelistFactory"> <%static:require_module_async module_name="js/certificates/factories/certificate_whitelist_factory" class_name="CertificateWhitelistFactory">
CertificateWhitelistFactory(${certificate_white_list | n, dump_js_escaped_json}, '${generate_certificate_exceptions_url | n, js_escaped_string}', '${certificate_exception_view_url | n, js_escaped_string}', '${generate_bulk_certificate_exceptions_url | n, js_escaped_string}', ${bool(section_data['active_certificate']) | n, dump_js_escaped_json}); CertificateWhitelistFactory(${certificate_white_list | n, dump_js_escaped_json}, '${generate_certificate_exceptions_url | n, js_escaped_string}', '${certificate_exception_view_url | n, js_escaped_string}', '${generate_bulk_certificate_exceptions_url | n, js_escaped_string}', ${bool(section_data['active_certificate']) | n, dump_js_escaped_json});
</%static:require_module_async> </%static:require_module_async>
<%static:require_module_async module_name="js/certificates/factories/certificate_invalidation_factory" class_name="CertificateInvalidationFactory"> <%static:require_module_async module_name="js/certificates/factories/certificate_invalidation_factory" class_name="CertificateInvalidationFactory">
CertificateInvalidationFactory('${certificate_invalidations | n, dump_js_escaped_json}', '${certificate_invalidation_view_url | n, js_escaped_string}'); CertificateInvalidationFactory('${certificate_invalidations | n, dump_js_escaped_json}', '${certificate_invalidation_view_url | n, js_escaped_string}');
</%static:require_module_async> </%static:require_module_async>
<div class="certificates-wrapper"> <div class="certificates-wrapper">
...@@ -85,7 +86,7 @@ from openedx.core.djangolib.js_utils import dump_js_escaped_json, js_escaped_str ...@@ -85,7 +86,7 @@ from openedx.core.djangolib.js_utils import dump_js_escaped_json, js_escaped_str
<input type="button" id="disabled-btn-start-generating-certificates" class="is-disabled" aria-disabled="true" value="${_('Generate Certificates')}"/> <input type="button" id="disabled-btn-start-generating-certificates" class="is-disabled" aria-disabled="true" value="${_('Generate Certificates')}"/>
% else: % else:
<p class="under-heading"> <p class="under-heading">
${_("When you are ready to generate certificates for your course, click Generate Certificates. You do not need to do this<br/>if you have set the certificate mode to on-demand generation.")} ${HTML(_("When you are ready to generate certificates for your course, click Generate Certificates. You do not need to do this<br/>if you have set the certificate mode to on-demand generation."))}
</p> </p>
<input type="button" class="btn-blue" id="btn-start-generating-certificates" value="${_('Generate Certificates')}" data-endpoint="${section_data['urls']['start_certificate_generation']}"/> <input type="button" class="btn-blue" id="btn-start-generating-certificates" value="${_('Generate Certificates')}" data-endpoint="${section_data['urls']['start_certificate_generation']}"/>
%endif %endif
...@@ -112,7 +113,7 @@ from openedx.core.djangolib.js_utils import dump_js_escaped_json, js_escaped_str ...@@ -112,7 +113,7 @@ from openedx.core.djangolib.js_utils import dump_js_escaped_json, js_escaped_str
<h2>${_("Regenerate Certificates")}</h2> <h2>${_("Regenerate Certificates")}</h2>
<form id="certificate-regenerating-form" method="post" action="${section_data['urls']['start_certificate_regeneration']}"> <form id="certificate-regenerating-form" method="post" action="${section_data['urls']['start_certificate_regeneration']}">
<p class="under-heading"> <p class="under-heading">
${_('To regenerate certificates for your course, choose the learners who will receive regenerated certificates and click <br/> Regenerate Certificates.')} ${HTML(_('To regenerate certificates for your course, choose the learners who will receive regenerated certificates and click <br/> Regenerate Certificates.'))}
</p> </p>
<label style="display: inline" for="certificate_status_${section_data['status'].downloadable}"> <label style="display: inline" for="certificate_status_${section_data['status'].downloadable}">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment