From ff427f6d9bbcedebcdfc671bc13ab54a225b6cdf Mon Sep 17 00:00:00 2001
From: Dan McGee <dan@archlinux.org>
Date: Fri, 27 Aug 2010 09:50:55 -0500
Subject: Mark todolist description as being safe to contain HTML

Hopefully we can trust our developers on this one. :)

Signed-off-by: Dan McGee <dan@archlinux.org>
---
 templates/todolists/email_notification.txt       | 2 +-
 templates/todolists/list.html                    | 3 ++-
 templates/todolists/public_list.html             | 2 +-
 templates/todolists/todolist_confirm_delete.html | 4 ++--
 templates/todolists/view.html                    | 2 +-
 5 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/templates/todolists/email_notification.txt b/templates/todolists/email_notification.txt
index 1e631a32..abe1dbf3 100644
--- a/templates/todolists/email_notification.txt
+++ b/templates/todolists/email_notification.txt
@@ -12,4 +12,4 @@ has been added to this todo list:
 Creator: {{todolist.creator.get_full_name}}
 Name: {{todolist.name}}
 Description:
-{{todolist.description|wordwrap:69}}{% endautoescape %}
+{{todolist.description|striptags|wordwrap:69}}{% endautoescape %}
diff --git a/templates/todolists/list.html b/templates/todolists/list.html
index 9d278aa5..3b2f75c2 100644
--- a/templates/todolists/list.html
+++ b/templates/todolists/list.html
@@ -1,4 +1,5 @@
 {% extends "base.html" %}
+
 {% block title %}Arch Linux - Todo Lists{% endblock %}
 
 {% block content %}
@@ -29,7 +30,7 @@
                         title="View todo list: {{ list.name }}">{{ list.name }}</a></td>
                 <td>{{ list.date_added }}</td>
                 <td>{{ list.creator.get_full_name }}</td>
-                <td class="wrap">{{ list.description }}</td>
+                <td class="wrap">{{ list.description|safe }}</td>
                 <td>{% if list.complete %}<span class="complete">Complete</span>
                     {% else %}<span class="incomplete">Incomplete</span>{% endif %}</td>
             </tr>
diff --git a/templates/todolists/public_list.html b/templates/todolists/public_list.html
index e2f2ef9a..72841200 100644
--- a/templates/todolists/public_list.html
+++ b/templates/todolists/public_list.html
@@ -9,7 +9,7 @@
         {% for list in todo_lists %}
             <h4>{{list.name}}</h4>
             <div class="todo_list">
-                <p>{{list.description}}</p>
+                <p>{{list.description|safe}}</p>
                 <ul>
                     {% for pkg in list.packages %}
                         <li>{{pkg.pkg.pkgname}}</li>
diff --git a/templates/todolists/todolist_confirm_delete.html b/templates/todolists/todolist_confirm_delete.html
index 26cc4b8b..5545462f 100644
--- a/templates/todolists/todolist_confirm_delete.html
+++ b/templates/todolists/todolist_confirm_delete.html
@@ -6,10 +6,10 @@
 
     <h2>Delete Todo List: {{object.name}}</h2>
 
-    <p>You are about to delete the following todo list:</p>
+    <p>You are about to delete the selected todo list:</p>
 
     <blockquote>
-        <p><strong>{{object.name}}:</strong> {{object.description}}</p>
+        <p>{{object.description|safe|linebreaks}}</p>
     </blockquote>
 
     <p>Are you sure?</p>
diff --git a/templates/todolists/view.html b/templates/todolists/view.html
index 6b6e9845..1c253921 100644
--- a/templates/todolists/view.html
+++ b/templates/todolists/view.html
@@ -17,7 +17,7 @@
         {% endif %}
     </ul>
 
-    <p>{{list.description|linebreaks}}</p>
+    <p>{{list.description|safe|linebreaks}}</p>
 
     <table id="dev-todo-pkglist" class="results">
         <thead>
-- 
cgit v1.2.3-55-g3dc8