add error for username/email containing html. Removed checks for SMILES/SMARTS. Updated html to use the nh_safe template tag. #72

2025-10-22 10:47:35 +13:00
parent 61346c4097
commit ec0fc8cdc1
44 changed files with 168 additions and 125 deletions
--- a/templates/modals/objects/edit_group_member_modal.html
+++ b/templates/modals/objects/edit_group_member_modal.html
@ -1,3 +1,4 @@
+{% load envipytags %}
 {% load static %}
 <!-- Edit Package Permission -->
 <div id="edit_group_member_modal" class="modal" tabindex="-1">
@ -39,7 +40,7 @@
                                {% endfor %}
                                <option disabled>Groups</option>
                                {% for g in groups %}
-                                <option value="{{ g.url }}">{{ g.name }}</option>
+                                <option value="{{ g.url }}">{{ g.name|nh_safe }}</option>
                                {% endfor %}
                            </select>
                            <input type="hidden" name="action" value="add">
@ -81,7 +82,7 @@
                          accept-charset="UTF-8" action="" data-remote="true" method="post">
                        {% csrf_token %}
                        <div class="col-xs-8">
-                            {{ g.name }}
+                            {{ g.name|nh_safe }}
                            <input type="hidden" name="member" value="{{ g.url }}"/>
                            <input type="hidden" name="action" value="remove">
                        </div>