Merge pull request #6314 from MrPetovan/task/6208-escape-html-true

Fix template escaping in photo gallery view
This commit is contained in:
Michael Vogel 2018-12-24 08:40:30 +01:00 committed by GitHub
commit 3b5bcd35f9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 43 additions and 39 deletions

View file

@ -1,4 +1,3 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional //EN"> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional //EN">
<html> <html>
<head> <head>
@ -8,26 +7,31 @@
<body> <body>
<table style="border:1px solid #ccc"> <table style="border:1px solid #ccc">
<tbody> <tbody>
<tr><td colspan="2" style="background:#084769; color:#FFFFFF; font-weight:bold; font-family:'lucida grande', tahoma, verdana,arial, sans-serif; padding: 4px 8px; vertical-align: middle; font-size:16px; letter-spacing: -0.03em; text-align: left;"><img style="width:32px;height:32px; float:left;" src='{{$siteurl}}/images/friendica-32.png'><div style="padding:7px; margin-left: 5px; float:left; font-size:18px;letter-spacing:1px;">{{$product}}</div><div style="clear: both;"></div></td></tr> <tr>
<td colspan="2" style="background:#084769; color:#FFFFFF; font-weight:bold; font-family:'lucida grande', tahoma, verdana,arial, sans-serif; padding: 4px 8px; vertical-align: middle; font-size:16px; letter-spacing: -0.03em; text-align: left;">
<img style="width:32px;height:32px; float:left;" src='{{$siteurl}}/images/friendica-32.png'>
<tr><td style="padding-top:22px;" colspan="2">{{$preamble}}</td></tr> <div style="padding:7px; margin-left: 5px; float:left; font-size:18px;letter-spacing:1px;">{{$product}}</div>
<div style="clear: both;"></div>
</td>
</tr>
<tr><td colspan="2" style="padding-top:22px;">{{$preamble nofilter}}</td></tr>
{{if $content_allowed}} {{if $content_allowed}}
{{if $source_photo}} {{if $source_photo}}
<tr><td style="padding-left:22px;padding-top:22px;width:60px;" valign="top" rowspan=3><a href="{{$source_link}}"><img style="border:0px;width:48px;height:48px;" src="{{$source_photo}}"></a></td> <tr>
<td style="padding-top:22px;"><a href="{{$source_link}}">{{$source_name}}</a></td></tr> <td style="padding-left:22px;padding-top:22px;width:60px;" valign="top" rowspan=3><a href="{{$source_link}}"><img style="border:0px;width:48px;height:48px;" src="{{$source_photo}}"></a></td>
<td style="padding-top:22px;"><a href="{{$source_link}}">{{$source_name}}</a></td>
</tr>
{{/if}} {{/if}}
<tr><td style="font-weight:bold;padding-bottom:5px;">{{$title}}</td></tr> <tr><td style="font-weight:bold;padding-bottom:5px;">{{$title}}</td></tr>
<tr><td style="padding-right:22px;">{{$htmlversion}}</td></tr> <tr><td style="padding-right:22px;">{{$htmlversion nofilter}}</td></tr>
{{/if}} {{/if}}
<tr><td style="padding-top:11px;" colspan="2">{{$hsitelink}}</td></tr> <tr><td colspan="2" style="padding-top:11px;">{{$hsitelink nofilter}}</td></tr>
<tr><td style="padding-bottom:11px;" colspan="2">{{$hitemlink}}</td></tr> <tr><td colspan="2" style="padding-bottom:11px;">{{$hitemlink nofilter}}</td></tr>
<tr><td></td><td>{{$thanks}}</td></tr> <tr><td></td><td>{{$thanks}}</td></tr>
<tr><td></td><td>{{$site_admin}}</td></tr> <tr><td></td><td>{{$site_admin}}</td></tr>
</tbody> </tbody>
</table> </table>
</body> </body>
</html> </html>

View file

@ -22,17 +22,17 @@
{{/if}} {{/if}}
{{if $tags.2}}<div id="tag-remove"><a href="{{$tags.2}}">{{$tags.3}}</a></div>{{/if}} {{if $tags.2}}<div id="tag-remove"><a href="{{$tags.2}}">{{$tags.3}}</a></div>{{/if}}
{{if $edit}}{{$edit}}{{/if}} {{if $edit}}{{$edit nofilter}}{{/if}}
{{if $likebuttons}} {{if $likebuttons}}
<div id="photo-like-div"> <div id="photo-like-div">
{{$likebuttons}} {{$likebuttons nofilter}}
{{$like}} {{$like nofilter}}
{{$dislike}} {{$dislike nofilter}}
</div> </div>
{{/if}} {{/if}}
{{$comments}} {{$comments nofilter}}
{{$paginate nofilter}} {{$paginate nofilter}}

View file

@ -68,13 +68,13 @@
{{/if}} {{/if}}
{{* The part for editing the photo - only available for the edit subpage *}} {{* The part for editing the photo - only available for the edit subpage *}}
{{if $edit}}{{$edit}}{{/if}} {{if $edit}}{{$edit nofilter}}{{/if}}
{{if $likebuttons}} {{if $likebuttons}}
<div id="photo-like-div"> <div id="photo-like-div">
{{$likebuttons}} {{$likebuttons nofilter}}
{{$like}} {{$like nofilter}}
{{$dislike}} {{$dislike nofilter}}
</div> </div>
{{/if}} {{/if}}
<hr> <hr>
@ -82,7 +82,7 @@
{{* Insert the comments *}} {{* Insert the comments *}}
<div id="photo-comment-wrapper-{{$id}}" class="photo-comment-wrapper"> <div id="photo-comment-wrapper-{{$id}}" class="photo-comment-wrapper">
{{$comments}} {{$comments nofilter}}
</div> </div>
{{$paginate nofilter}} {{$paginate nofilter}}

View file

@ -20,18 +20,18 @@
{{/if}} {{/if}}
{{if $tags.2}}<div id="tag-remove"><a href="{{$tags.2}}">{{$tags.3}}</a></div>{{/if}} {{if $tags.2}}<div id="tag-remove"><a href="{{$tags.2}}">{{$tags.3}}</a></div>{{/if}}
{{if $edit}}{{$edit}}{{/if}} {{if $edit}}{{$edit nofilter}}{{/if}}
{{if $likebuttons}} {{if $likebuttons}}
<div id="photo-like-div"> <div id="photo-like-div">
{{$likebuttons}} {{$likebuttons nofilter}}
{{$like}} {{$like nofilter}}
{{$dislike}} {{$dislike nofilter}}
</div> </div>
{{/if}} {{/if}}
<div class="wall-item-comment-wrapper photo"> <div class="wall-item-comment-wrapper photo">
{{$comments}} {{$comments nofilter}}
</div> </div>
{{$paginate nofilter}} {{$paginate nofilter}}

View file

@ -22,18 +22,18 @@
{{/if}} {{/if}}
{{if $tags.2}}<div id="tag-remove"><a href="{{$tags.2}}">{{$tags.3}}</a></div>{{/if}} {{if $tags.2}}<div id="tag-remove"><a href="{{$tags.2}}">{{$tags.3}}</a></div>{{/if}}
{{if $edit}}{{$edit}}{{/if}} {{if $edit}}{{$edit nofilter}}{{/if}}
{{if $likebuttons}} {{if $likebuttons}}
<div id="photo-like-div"> <div id="photo-like-div">
{{$likebuttons}} {{$likebuttons nofilter}}
{{$like}} {{$like nofilter}}
{{$dislike}} {{$dislike nofilter}}
</div> </div>
{{/if}} {{/if}}
<div class="wall-item-comment-wrapper photo"> <div class="wall-item-comment-wrapper photo">
{{$comments}} {{$comments nofilter}}
</div> </div>
{{$paginate nofilter}} {{$paginate nofilter}}