Opened 18 years ago

Closed 18 years ago

#3078 closed defect (fixed)

newforms: <label>s for Form.as_table() and Form.as_ul() should be escaped

Reported by: Chris Beaven Owned by: Adrian Holovaty
Component: Core (Other) Version:
Severity: normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

All references to bf.label_tag(bf.verbose_name+':') should be bf.label_tag(escape(bf.verbose_name)+':')

Change History (1)

comment:1 by Adrian Holovaty, 18 years ago

Resolution: fixed
Status: newclosed

(In [4133]) Fixed #3078 -- newforms: Added HTML escaping to label_tag() calls. Thanks, SmileyChris

Note: See TracTickets for help on using tickets.
Back to Top