add error for username/email containing html. Removed checks for SMILES/SMARTS. Updated html to use the nh_safe template tag. #72

2025-10-22 10:47:35 +13:00
parent 61346c4097
commit ec0fc8cdc1
44 changed files with 168 additions and 125 deletions
--- a/templates/collections/objects_list.html
+++ b/templates/collections/objects_list.html
@ -1,5 +1,6 @@
 {% extends "framework.html" %}
 {% load static %}
+{% load envipytags %}
 {% block content %}

    {% if object_type != 'package' %}
@ -192,7 +193,7 @@
            <div class="panel-body list-group-item" id="ReviewedContent">
                {% if object_type == 'package' %}
                {% for obj in reviewed_objects %}
-                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name }}
+                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name|nh_safe }}
                    <span class="glyphicon glyphicon-star" aria-hidden="true"
                          style="float:right" data-toggle="tooltip"
                          data-placement="top" title="" data-original-title="Reviewed">
@ -201,7 +202,7 @@
                {% endfor %}
                {% else %}
                {% for obj in reviewed_objects|slice:":50" %}
-                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name }}{# <i>({{ obj.package.name }})</i> #}
+                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name|nh_safe }}{# <i>({{ obj.package.name }})</i> #}
                    <span class="glyphicon glyphicon-star" aria-hidden="true"
                          style="float:right" data-toggle="tooltip"
                          data-placement="top" title="" data-original-title="Reviewed">
@ -221,11 +222,11 @@
            <div class="panel-body list-group-item" id="UnreviewedContent">
                {% if object_type == 'package' %}
                {% for obj in unreviewed_objects %}
-                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name }}</a>
+                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name|nh_safe }}</a>
                {% endfor %}
                {% else %}
                {% for obj in unreviewed_objects|slice:":50" %}
-                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name }}</a>
+                <a class="list-group-item" href="{{ obj.url }}">{{ obj.name|nh_safe }}</a>
                {% endfor %}
                {% endif %}
            </div>
@ -236,9 +237,9 @@
        <ul class='list-group'>
            {% for obj in objects %}
            {% if object_type == 'user' %}
-            <a class="list-group-item" href="{{ obj.url }}">{{ obj.username }}</a>
+            <a class="list-group-item" href="{{ obj.url }}">{{ obj.username|nh_safe }}</a>
            {% else %}
-            <a class="list-group-item" href="{{ obj.url }}">{{ obj.name }}</a>
+            <a class="list-group-item" href="{{ obj.url }}">{{ obj.name|nh_safe }}</a>
            {% endif %}
            {% endfor %}
        </ul>