Enforce escaping on all template content

2019-09-23 14:22:00 +01:00
parent 5f378a39ea
commit deb9b62c7f
77 changed files with 392 additions and 387 deletions
--- a/share/views/ajax/admintask/timedoutdevices.tt
+++ b/share/views/ajax/admintask/timedoutdevices.tt
@@ -17,7 +17,7 @@
    <tr>
      <td class="nd_center-cell">[% row.backend | html_entity %]</td>
      <td class="nd_center-cell"><a class="nd_linkcell"
-        href="[% uri_for('/search') %]?tab=node&q=[% row.device | uri %]">[% row.device | html_entity %]</a></td>
+        href="[% uri_for('/search') | none %]?tab=node&q=[% row.device | uri %]">[% row.device | html_entity %]</a></td>
      <td class="nd_center-cell">[% row.dns | html_entity %]</td>
      <td class="nd_center-cell">[% row.deferrals | html_entity %]</td>
      <td class="nd_center-cell">[% row.last_defer | html_entity %]</td>