Ticket #7497 (closed defect: duplicate)
notebook -- bug in viewing/editing attached files
| Reported by: | was | Owned by: | boothby |
|---|---|---|---|
| Priority: | major | Milestone: | sage-duplicate/invalid/wontfix |
| Component: | notebook | Keywords: | |
| Cc: | Work issues: | ||
| Report Upstream: | N/A | Reviewers: | |
| Authors: | Merged in: | ||
| Dependencies: | Stopgaps: |
Description (last modified by was) (diff)
In the notebook, click "Data --> Upload or create file...", then edit the file to contain
Hi </textarea> foo bar
Save it and re-open it. The foo bar is *outside* the text area! This is because this is rendered using the data/sage/html/notebook/download_or_delete_datafile.html template with this line in it:
<textarea class="edit" name="textfield" rows=17 cols=70
id="textfield">{{ text_file_content }}</textarea>
Attachments
-
trac_7497-escape_view_edit_attached.patch
(1.1 KB) -
added by mpatel 3 years ago.
- Escape data file content placed in view/edit window. sagenb repo.
Change History
comment:2 Changed 3 years ago by mpatel
- Report Upstream set to N/A
I think it's sufficient to replace {{ text_file_content }} with {{ text_file_content|e }} (cf. this).
Changed 3 years ago by mpatel
-
attachment
trac_7497-escape_view_edit_attached.patch
added
Escape data file content placed in view/edit window. sagenb repo.
comment:3 Changed 3 years ago by mpatel
- Cc timdumol added
- Status changed from new to needs_review
- Authors set to Mitesh Patel
Note: See
TracTickets for help on using
tickets.
