Mark HTML row data as safe in repository admin list.

Review Request #12107 — Created March 7, 2022 and submitted

david
Review Board
release-5.0.x
reviewboard

The list of repositories in the admin includes one column which contains
HTML, for the "Hooks" and "RBTools Setup" buttons. The new version of
Django was escaping these because the old allow_tags property has been
removed. This can be solved by marking the content as safe first.

Looked at repository list and saw buttons instead of HTML.

Summary
Mark HTML row data as safe in repository admin list.
Description From Last Updated

You can get rid of allow_tags. It was deprecated, and is the reason this regressed. We should audit Djblet and …

chipx86chipx86
chipx86
  1. 
      
  2. reviewboard/scmtools/admin.py (Diff revision 1)
     
     
     

    You can get rid of allow_tags. It was deprecated, and is the reason this regressed.

    We should audit Djblet and RB for this.

    1. Looks like the only other place we use allow_tags is in the screenshot model, and that method is already returning format_html(...)

  3. 
      
david
chipx86
  1. Ship It!
  2. 
      
david
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to django-3.2 (530dd7b)
Loading...