Skip to content

E
edx-platform
Unverified Commit d0250baa by Eric Fischer Committed by GitHub
Options

Merge pull request #16726 from edx/efischer/xss_followup 

fix a few xss errors
parents 48c40cf0 3687d6aa
Showing with 6 additions and 6 deletions
common/test/test_sites/test_site/templates/courseware/tabs.html
...@@ -18,8 +18,8 @@ def url_class(is_active): ...@@ -18,8 +18,8 @@ def url_class(is_active):
tab_class = url_class(tab_is_active) tab_class = url_class(tab_is_active)
%> %>
<li> <li>
<a href="${tab.link_func(course, reverse) | h}" class="${tab_class}"> <a href="${tab.link_func(course, reverse)}" class="${tab_class}">
Test Site Tab: ${_(tab.name) | h} Test Site Tab: ${_(tab.name)}
% if tab_is_active: % if tab_is_active:
<span class="sr">, current location</span> <span class="sr">, current location</span>
%endif %endif
......
common/test/test_sites/test_site/templates/static_templates/contact.html
...@@ -22,7 +22,7 @@ from django.core.urlresolvers import reverse ...@@ -22,7 +22,7 @@ from django.core.urlresolvers import reverse
</div> </div>
<div class="contacts"> <div class="contacts">
<h2>${_("Class Feedback")}</h2> <h2>${_("Class Feedback")}</h2>
<p>${_("We are always seeking feedback to improve our courses. If you are an enrolled student and have any questions, feedback, suggestions, or any other issues specific to a particular class, please post on the discussion forums of that&nbsp;class.")}</p> <p>${_("We are always seeking feedback to improve our courses. If you are an enrolled student and have any questions, feedback, suggestions, or any other issues specific to a particular class, please post on the discussion forums of that class.")}</p>
<h2>${_("General Inquiries and Feedback")}</h2> <h2>${_("General Inquiries and Feedback")}</h2>
<p>${_('If you have a general question about {platform_name} please email {email}. To see if your question has already been answered, visit our {faq_link_start}FAQ page{faq_link_end}. You can also join the discussion on our {fb_link_start}facebook page{fb_link_end}. Though we may not have a chance to respond to every email, we take all feedback into consideration.').format( <p>${_('If you have a general question about {platform_name} please email {email}. To see if your question has already been answered, visit our {faq_link_start}FAQ page{faq_link_end}. You can also join the discussion on our {fb_link_start}facebook page{fb_link_end}. Though we may not have a chance to respond to every email, we take all feedback into consideration.').format(
......
scripts/xsslint_thresholds.json
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
"javascript-jquery-insert-into-target": 23, "javascript-jquery-insert-into-target": 23,
"javascript-jquery-insertion": 19, "javascript-jquery-insertion": 19,
"javascript-jquery-prepend": 7, "javascript-jquery-prepend": 7,
"mako-html-entities": 1, "mako-html-entities": 0,
"mako-invalid-html-filter": 11, "mako-invalid-html-filter": 11,
"mako-invalid-js-filter": 192, "mako-invalid-js-filter": 192,
"mako-js-html-string": 0, "mako-js-html-string": 0,
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
"mako-multiple-page-tags": 0, "mako-multiple-page-tags": 0,
"mako-unknown-context": 0, "mako-unknown-context": 0,
"mako-unparseable-expression": 0, "mako-unparseable-expression": 0,
"mako-unwanted-html-filter": 2, "mako-unwanted-html-filter": 0,
"python-close-before-format": 0, "python-close-before-format": 0,
"python-concat-html": 24, "python-concat-html": 24,
"python-custom-escape": 13, "python-custom-escape": 13,
...@@ -28,5 +28,5 @@ ...@@ -28,5 +28,5 @@
"python-wrap-html": 226, "python-wrap-html": 226,
"underscore-not-escaped": 507 "underscore-not-escaped": 507
}, },
"total": 1754 "total": 1751
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment