[MERGE] [FIX] tools: mail: when cleaning, unescape mako specific symbols.

Indeed those are escaped when contained inside an href or mailto element
of a tag, leading to mako not rendering the element.

bzr revid: tde@openerp.com-20140124152528-39njxzbn319jckfn

openerp/tools/mail.py

@@ -95,6 +95,13 @@ def html_sanitize(src, silent=True, strict=False):
         # some corner cases make the parser crash (such as <SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT> in test_mail)
         cleaner = clean.Cleaner(**kwargs)
         cleaned = cleaner.clean_html(src)
+        # MAKO compatibility: $, { and } inside quotes are escaped, preventing correct mako execution
+        cleaned = cleaned.replace('%24', '$')
+        cleaned = cleaned.replace('%7B', '{')
+        cleaned = cleaned.replace('%7D', '}')
+        cleaned = cleaned.replace('%20', ' ')
+        cleaned = cleaned.replace('%5B', '[')
+        cleaned = cleaned.replace('%5D', ']')
     except etree.ParserError, e:
         if 'empty' in str(e):
             return ""