Provide better handling of both text/plain document comments and document comments which contain html tags. Adds urlization, linebreak-preservation and html sanitization. Html sanitization would be better applied when adding comments, but we're not yet a position to enforce this for all input paths.

- Legacy-Id: 2240
2010-05-06 13:43:52 +00:00 · 2010-05-06 13:43:52 +00:00 · 897b77d994
parent b1793edefb
commit 897b77d994
1 changed files with 2 additions and 2 deletions
--- a/ietf/templates/idrfc/doc_history.html
+++ b/ietf/templates/idrfc/doc_history.html
@ -62,10 +62,10 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 <div id="commentS{{c.comment.id}}">{{ c.info.textSnippet|safe }}</div>
 <span class="comment_toggle" onclick="toggleComment({{c.comment.id}})" id="commentT{{c.comment.id}}">[show all]</span>
 <div id="commentF{{c.comment.id}}" style="display:none;">
-{{c.info.text|fill:"80"|safe}}
+{{ c.info.text|fill:"80"|safe|urlize|linebreaksbr|keep_spacing|sanitize_html|safe }}
 </div>
 {% else %}
-{{ c.info.text|fill:"80"|safe}}
+{{ c.info.text|fill:"80"|safe|urlize|linebreaksbr|keep_spacing|sanitize_html|safe }}
 {% endif %}
 </td>
 {% endif %}