From: David ‘Bombe’ Roden Date: Tue, 19 Oct 2010 20:20:16 +0000 (+0200) Subject: Escape all IDs in HTML. X-Git-Tag: 0.1-RC1~176 X-Git-Url: https://git.pterodactylus.net/?a=commitdiff_plain;h=392f9808f16132b2827114466985df704f6e47e5;p=Sone.git Escape all IDs in HTML. --- diff --git a/src/main/resources/templates/include/head.html b/src/main/resources/templates/include/head.html index b1d01bc..c198fc4 100644 --- a/src/main/resources/templates/include/head.html +++ b/src/main/resources/templates/include/head.html @@ -13,7 +13,7 @@
- + <%ifnull ! currentSone> <%include include/updateStatus.html> diff --git a/src/main/resources/templates/include/viewPost.html b/src/main/resources/templates/include/viewPost.html index 7c0eb19..adeb92a 100644 --- a/src/main/resources/templates/include/viewPost.html +++ b/src/main/resources/templates/include/viewPost.html @@ -1,29 +1,29 @@ -
+
- +
<% post.text|html>
<%foreach post.replies reply>
<% reply.time|date format="MMM d, yyyy, HH:mm:ss">
- <%if reply.sone.current><%/if> + <%if reply.sone.current><%/if>
<%/foreach>
- +
diff --git a/src/main/resources/templates/include/viewSone.html b/src/main/resources/templates/include/viewSone.html index dbcfa4d..7d3dd24 100644 --- a/src/main/resources/templates/include/viewSone.html +++ b/src/main/resources/templates/include/viewSone.html @@ -5,33 +5,33 @@
⬈
✔
<%= View.Sone.Label.LastUpdate|l10n|html> <% sone.time|date format="MMM d, yyyy, HH:mm:ss">
- +
<% sone.requestUri|substring start=4 length=43|html>
<%ifnull ! currentSone> <%if ! sone.current> <%if sone.friend>
- +
<%else> <%/if> <%if sone.blocked>
- +
<%else>
- +
<%/if>