properly escape breadcrumb labels
This commit is contained in:
parent
507ca3da60
commit
1ed314d150
|
@ -30,7 +30,7 @@ except ImportError:
|
|||
from quixote import get_session, get_request, get_response, get_publisher
|
||||
from quixote.directory import Directory
|
||||
from quixote.util import StaticDirectory, StaticFile
|
||||
from quixote.html import htmltext
|
||||
from quixote.html import htmltext, htmlescape
|
||||
|
||||
import errors
|
||||
import ezt
|
||||
|
@ -405,6 +405,8 @@ def decorate(body, response):
|
|||
s.append('<a href="%s">%s</a>' % (component, label))
|
||||
continue
|
||||
if label is not None:
|
||||
if type(label) is str:
|
||||
label = htmlescape(label)
|
||||
if total_len > 80 and len(label) > 10 and \
|
||||
response.breadcrumb[-1] != (component, label):
|
||||
s.append('<a href="%s%s" title="%s">%s</a>' % (
|
||||
|
|
Loading…
Reference in New Issue