From b1f88d634d603b74a62d051032e4003fc6f7a3b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thibault=20Delavall=C3=A9e?= Date: Thu, 27 Feb 2014 14:48:29 +0100 Subject: [PATCH] [IMP] [FIX] email_template: do not sanitize the template content. Indeed its content may contain invalid html that could be stripped by the sanitizer. The content generated based on the template will be sanitized when stored in the mail_mail or mail_message body field, thus after rendering. The template therefore holds html, but that is not sanitized. But that's still html, therefore using an html field. bzr revid: tde@openerp.com-20140227134829-te8mxeakc3s96fun --- addons/email_template/email_template.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/email_template/email_template.py b/addons/email_template/email_template.py index fcfe869da90..0b5945c1f0b 100644 --- a/addons/email_template/email_template.py +++ b/addons/email_template/email_template.py @@ -183,7 +183,7 @@ class email_template(osv.osv): 'mail_server_id': fields.many2one('ir.mail_server', 'Outgoing Mail Server', readonly=False, help="Optional preferred server for outgoing mails. If not set, the highest " "priority one will be used."), - 'body_html': fields.html('Body', translate=True, help="Rich-text/HTML version of the message (placeholders may be used here)"), + 'body_html': fields.html('Body', translate=True, sanitize=False, help="Rich-text/HTML version of the message (placeholders may be used here)"), 'report_name': fields.char('Report Filename', translate=True, help="Name to use for the generated report file (may contain placeholders)\n" "The extension can be omitted and will then come from the report type."),