[MERGE] [FIX] html_sanitize: partial backport of trunk revision 5047 (opw 603452).
Unescape elements that have been wrongly escaped. Some elements (eg: 'href' tag in links) are sanitised in templates which prevents the execution of mako templates. bzr revid: mat@openerp.com-20140210152806-rl5h3twgq8dd203d
This commit is contained in:
commit
69f18925ff
|
@ -68,6 +68,15 @@ def html_sanitize(src):
|
|||
return ""
|
||||
_logger.warning('html_sanitize failed to parse %s' % (src))
|
||||
cleaned = '<p>Impossible to parse</p>'
|
||||
|
||||
# MAKO compatibility: $, { and } inside quotes are escaped, preventing correct mako execution
|
||||
cleaned = cleaned.replace('%24', '$')
|
||||
cleaned = cleaned.replace('%7B', '{')
|
||||
cleaned = cleaned.replace('%7D', '}')
|
||||
cleaned = cleaned.replace('%20', ' ')
|
||||
cleaned = cleaned.replace('%5B', '[')
|
||||
cleaned = cleaned.replace('%5D', ']')
|
||||
|
||||
return cleaned
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue