From b6b442d8d368c7296cd201a9b33d4ce3528e03ea Mon Sep 17 00:00:00 2001
From: Peter Fogg <pfogg@edx.org>
Date: Wed, 23 Mar 2016 10:57:46 -0400
Subject: [PATCH] [safe templates] Financial assistance form.
---
lms/static/js/financial-assistance/views/financial_assistance_form_view.js | 45 +++++++++++++++++++++++----------------------
lms/templates/financial-assistance/apply.html | 1 +
lms/templates/financial-assistance/financial-assistance.html | 1 +
lms/templates/financial-assistance/financial_assessment_form.underscore | 8 ++++----
4 files changed, 29 insertions(+), 26 deletions(-)
diff --git a/lms/static/js/financial-assistance/views/financial_assistance_form_view.js b/lms/static/js/financial-assistance/views/financial_assistance_form_view.js
index 6dbb177..1edc825 100644
--- a/lms/static/js/financial-assistance/views/financial_assistance_form_view.js
+++ b/lms/static/js/financial-assistance/views/financial_assistance_form_view.js
@@ -5,18 +5,19 @@
'jquery',
'underscore',
'gettext',
+ 'edx-ui-toolkit/js/utils/html-utils',
'js/financial-assistance/models/financial_assistance_model',
'js/student_account/views/FormView',
'text!../../../templates/financial-assistance/financial_assessment_form.underscore',
'text!../../../templates/financial-assistance/financial_assessment_submitted.underscore',
- 'text!templates/student_account/form_field.underscore',
- 'string_utils'
+ 'text!templates/student_account/form_field.underscore'
],
function(
Backbone,
$,
_,
gettext,
+ HtmlUtils,
FinancialAssistanceModel,
FormView,
formViewTpl,
@@ -73,10 +74,11 @@
render: function(html) {
var data = _.extend( this.model.toJSON(), this.context, {
- fields: html || '',
+ fieldsHtml: html || '',
+ HtmlUtils: HtmlUtils
});
- this.$el.html(_.template(this.tpl)(data));
+ HtmlUtils.setHtml(this.$el, HtmlUtils.template(this.tpl)(data));
this.postRender();
this.validateCountry();
@@ -85,7 +87,7 @@
},
renderSuccess: function() {
- this.$el.html(_.template(successTpl)({
+ HtmlUtils.setHtml(this.$el, HtmlUtils.template(successTpl)({
course: this.model.get('course'),
dashboard_url: this.context.dashboard_url
}));
@@ -94,18 +96,15 @@
},
saveError: function(error) {
- /*jslint maxlen: 500 */
- var txt = [
- 'An error has occurred. Wait a few minutes and then try to submit the application again.',
- 'If you continue to have issues please contact support.'
- ],
- msg = gettext(txt.join(' '));
+ var msg = gettext(
+ 'An error has occurred. Wait a few minutes and then try to submit the application again. If you continue to have issues please contact support.' // jshint ignore:line
+ );
if (error.status === 0) {
msg = gettext('An error has occurred. Check your Internet connection and try again.');
}
- this.errors = ['<li>' + msg + '</li>'];
+ this.errors = [HtmlUtils.joinHtml('<li>', msg, '</li>')];
this.setErrors();
this.element.hide( this.$resetSuccess );
this.toggleDisableButton(false);
@@ -119,22 +118,24 @@
var $submissionContainer = $('.submission-error'),
$errorMessageContainer = $submissionContainer.find('.message-copy'),
$countryLabel = $('#user-country-title'),
- txt = [
- 'Please go to your {link_start}profile page{link_end} ',
- 'and provide your country of residence.'
- ],
- msg = window.interpolate_text(
- // Translators: link_start and link_end denote the html to link back to the profile page.
- gettext(txt.join('')),
+ msg = HtmlUtils.interpolateHtml(
+ // Translators: link_start and link_end
+ // denote the html to link back to the
+ // profile page.
+ gettext('Please go to your {link_start}profile page{link_end} and provide your country of residence.'), // jshint ignore:line
{
- link_start: '<a href="' + this.context.account_settings_url + '">',
- link_end: '</a>'
+ link_start: HtmlUtils.joinHtml('<a href="', this.context.account_settings_url, '">'),
+ link_end: HtmlUtils.HTML('</a>')
}
);
if( !this.model.get('country') ){
$countryLabel.addClass('error');
- $errorMessageContainer.append("<li>" + msg + "</li>");
+ HtmlUtils.append($errorMessageContainer, HtmlUtils.joinHtml(
+ HtmlUtils.HTML("<li>"),
+ msg,
+ HtmlUtils.HTML("</li>")
+ ));
this.toggleDisableButton(true);
$submissionContainer.removeClass('hidden');
}
diff --git a/lms/templates/financial-assistance/apply.html b/lms/templates/financial-assistance/apply.html
index ca588d2..bc1255e 100644
--- a/lms/templates/financial-assistance/apply.html
+++ b/lms/templates/financial-assistance/apply.html
@@ -1,3 +1,4 @@
+<%page expression_filter="h"/>
<%inherit file="../main.html"/>
<%!
import json
diff --git a/lms/templates/financial-assistance/financial-assistance.html b/lms/templates/financial-assistance/financial-assistance.html
index c6582ec..6d47239 100644
--- a/lms/templates/financial-assistance/financial-assistance.html
+++ b/lms/templates/financial-assistance/financial-assistance.html
@@ -1,3 +1,4 @@
+<%page expression_filter="h"/>
<%inherit file="../main.html"/>
<%
from django.core.urlresolvers import reverse
diff --git a/lms/templates/financial-assistance/financial_assessment_form.underscore b/lms/templates/financial-assistance/financial_assessment_form.underscore
index 7d1b39d..03a67a0 100644
--- a/lms/templates/financial-assistance/financial_assessment_form.underscore
+++ b/lms/templates/financial-assistance/financial_assessment_form.underscore
@@ -36,12 +36,12 @@
</div>
</div>
- <%= fields %>
+ <%= HtmlUtils.HTML(fieldsHtml) %>
<div class="cta-wrapper clearfix">
- <a href="<%- student_faq_url %>" class="nav-link"><%- interpolate_text(
- gettext('Back to {platform} FAQs'),
- {platform: platform_name}
+ <a href="<%- student_faq_url %>" class="nav-link"><%- StringUtils.interpolate(
+ gettext('Back to {platform} FAQs'),
+ {platform: platform_name}
) %></a>
<button type="submit" class="action action-primary action-update js-submit-form submit-form"><%- gettext("Submit Application") %></button>
</div>
--
libgit2 0.26.0