Mark HTML row data as safe in repository admin list.

Review Request #12107 — Created March 7, 2022 and submitted

Information

Review Board
release-5.0.x

Reviewers

The list of repositories in the admin includes one column which contains
HTML, for the "Hooks" and "RBTools Setup" buttons. The new version of
Django was escaping these because the old allow_tags property has been
removed. This can be solved by marking the content as safe first.

Looked at repository list and saw buttons instead of HTML.

Summary ID
Mark HTML row data as safe in repository admin list.
The list of repositories in the admin includes one column which contains HTML, for the "Hooks" and "RBTools Setup" buttons. The new version of Django was escaping these because the old `allow_tags` property has been removed. This can be solved by marking the content as safe first. Testing Done: Looked at repository list and saw buttons instead of HTML.
cd5740fd1cd22a857ac70211484ae69393cdf39f
Description From Last Updated

You can get rid of allow_tags. It was deprecated, and is the reason this regressed. We should audit Djblet and …

chipx86chipx86
chipx86
  1. 
      
  2. reviewboard/scmtools/admin.py (Diff revision 1)
     
     
     
    Show all issues

    You can get rid of allow_tags. It was deprecated, and is the reason this regressed.

    We should audit Djblet and RB for this.

    1. Looks like the only other place we use allow_tags is in the screenshot model, and that method is already returning format_html(...)

  3. 
      
david
chipx86
  1. Ship It!
  2. 
      
david
Review request changed
Status:
Completed
Change Summary:
Pushed to django-3.2 (530dd7b)