blob: 0c71c5a702a3db1400c2d82ec8d5903bffe6e9a0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
$NetBSD: patch-aa,v 1.4 2008/09/04 22:04:17 tonnerre Exp $
--- django/contrib/admin/views/decorators.py.orig 2008-09-02 23:10:00.000000000 +0200
+++ django/contrib/admin/views/decorators.py
@@ -9,6 +9,7 @@ from django.conf import settings
from django.contrib.auth.models import User
from django.contrib.auth import authenticate, login
from django.shortcuts import render_to_response
+from django.utils.html import escape
from django.utils.translation import ugettext_lazy, ugettext as _
ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. Note that both fields are case-sensitive.")
@@ -18,7 +19,7 @@ def _display_login_form(request, error_m
request.session.set_test_cookie()
return render_to_response('admin/login.html', {
'title': _('Log in'),
- 'app_path': request.get_full_path(),
+ 'app_path': escape(request.get_full_path()),
'error_message': error_message
}, context_instance=template.RequestContext(request))
|
