From 4f52103aa03d3ad1d1464699b562684ea6cd73f2 Mon Sep 17 00:00:00 2001
From: Xavier Morel <xmo@openerp.com>
Date: Tue, 6 Nov 2012 15:05:19 +0100
Subject: [PATCH] [FIX] double html-escaping of group titles in grouped lists
 (eg analysis)

bzr revid: xmo@openerp.com-20121106140519-0qnq934rr44l6kgt
---
 addons/web/static/src/js/view_list.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/addons/web/static/src/js/view_list.js b/addons/web/static/src/js/view_list.js
index fd74fd8922b..f1fd26eed4d 100644
--- a/addons/web/static/src/js/view_list.js
+++ b/addons/web/static/src/js/view_list.js
@@ -1306,9 +1306,11 @@ instance.web.ListView.Groups = instance.web.Class.extend( /** @lends instance.we
                         process_modifiers: false
                     });
                 } catch (e) {
-                    group_label = row_data[group_column.id].value;
+                    group_label = _.str.escapeHTML(row_data[group_column.id].value);
                 }
-                $group_column.text(_.str.sprintf("%s (%d)",
+                // group_label is html-clean (through format or explicit
+                // escaping if format failed), can inject straight into HTML
+                $group_column.html(_.str.sprintf("%s (%d)",
                     group_label, group.length));
 
                 if (group.length && group.openable) {