search

django-cms / djangocms-frontend

django CMS frontend is a plugin bundle for django CMS providing several components for the frontend, currently implemented with the popular Bootstrap 5 framework.
Other
42 stars 20 forks source link

fix: Allow page titles to contain ampersand (&) #202

Closed fsbraun closed 2 months ago

fsbraun commented 2 months ago

django CMS' {% page_attribute %} escapes page titles leading to & shown in page titles instead of &: https://github.com/django-cms/django-cms/issues/7859

This PR uses the striptags template filter to work around the issue. It removes any tags from the page title thereby avoiding XSS attacks while still keeping ampersands.

codecov[bot] commented 2 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 86.91%. Comparing base (f11feee) to head (b95d483). Report is 11 commits behind head on master.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #202 +/- ## ========================================== - Coverage 86.93% 86.91% -0.02% ========================================== Files 120 120 Lines 3107 3118 +11 Branches 330 331 +1 ========================================== + Hits 2701 2710 +9 + Misses 304 303 -1 - Partials 102 105 +3 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.