Issue #119 resolved

child.attrs in link_list.html tamplate should be marked as safe

created an issue

Newer flatted attributes contains HTML code, and as such should be marked as safe, in either code or template

Comments (7)

  1. David Jean Louis repo owner

    I understood that, but how can child.attrs contain HTML code ? and is it desirable at all ?

    Moreover, "flatatt" already mark_safe dictionnary values via the django.utils.html.conditional_escape function, so I don't really get your issue.

    Please give a concrete usecase, because I do not reproduce the bug. Thanks.

  2. Nephila reporter

    Actually I just use the href attribute. anyway I'll come up with a POC: at the moment code is wrapped in an application. Version 0.4.1 works, though.

  3. Log in to comment