diff options
Diffstat (limited to 'hyperkitty')
| -rw-r--r-- | hyperkitty/templates/messages/message.html | 3 | ||||
| -rw-r--r-- | hyperkitty/templates/month_view.html | 4 | ||||
| -rw-r--r-- | hyperkitty/templatetags/hk_generic.py | 5 |
3 files changed, 8 insertions, 4 deletions
diff --git a/hyperkitty/templates/messages/message.html b/hyperkitty/templates/messages/message.html index 415bc58..a77c694 100644 --- a/hyperkitty/templates/messages/message.html +++ b/hyperkitty/templates/messages/message.html @@ -1,5 +1,6 @@ {% load storm %} {% load gravatar %} +{% load hk_generic %} <div class="email_header"> <div class="email_date inline-block pull-right"> @@ -32,7 +33,7 @@ {% else %} <div class="email_body"> {% endif %} -{{email.content|urlizetrunc:76}} +{{email.content|urlizetrunc:76|escapeemail}} </div> {% if unfolded and email.attachments|count %} diff --git a/hyperkitty/templates/month_view.html b/hyperkitty/templates/month_view.html index a6239fe..97bd2e8 100644 --- a/hyperkitty/templates/month_view.html +++ b/hyperkitty/templates/month_view.html @@ -8,7 +8,7 @@ <div id="month-view"> <div class="month-header"> - <div class="list-name">{{ mlist.display_name|default:mlist.name|escapeatsign }}</div> + <div class="list-name">{{ mlist.display_name|default:mlist.name|escapeemail }}</div> <div class="month-name">{{ month|date:"F Y"|capfirst }}</div> <ul class="month-info"> <li class="participant"> @@ -20,7 +20,7 @@ </ul> {% if mlist.display_name %} <p class="list-address"> - <a href="mailto:{{ list_address|escapeatsign }}">{{ list_address|escapeatsign }}</a> + {{ list_address|escapeemail }} </p> {% endif %} </div> diff --git a/hyperkitty/templatetags/hk_generic.py b/hyperkitty/templatetags/hk_generic.py index d7e3d2c..b5f13e6 100644 --- a/hyperkitty/templatetags/hk_generic.py +++ b/hyperkitty/templatetags/hk_generic.py @@ -92,8 +92,11 @@ def truncatesmart(value, limit=80): return ' '.join(words) + '...' +MAILTO_RE = re.compile("<a href=['\"]mailto:([^'\"]+)@([^'\"]+)['\"]>[^<]+</a>") @register.filter(is_safe=True) -def escapeatsign(text): +def escapeemail(text): """To escape email addresses""" + # reverse the effect of urlize() on email addresses + text = MAILTO_RE.sub(r"\1(a)\2", text) return text.replace("@", u"\uff20") |