Yadciel/Titan
1
0
Fork 0
mirror of https://github.com/TitanEmbeds/Titan.git synced 2025-07-05 04:35:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Escape css and guild names in the frontend

Browse Source
This commit is contained in:
Jeremy Zhang
2018-01-24 05:42:47 +00:00
parent b4e04a27c3
commit eea94477ea
5 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
webapp/titanembeds/templates/usercss.html.j2
View File

@ -24,7 +24,7 @@
{% endset %}
{% block content %}
<h1>{% if new %}New{% else %}Editing {{ css.name }}{% endif %} - User Defined CSS</h1>
<h1>{% if new %}New{% else %}Editing {{ css.name|e }}{% endif %} - User Defined CSS</h1>
<p><strong>Note:</strong> This feature is only used for CSS. Any attempts to enter HTML or malicious CSS code
will have CSS cosmetic privilages removed, if caught. Please don't, we check the databases often. Thanks!</p>
@ -46,7 +46,7 @@ will have CSS cosmetic privilages removed, if caught. Please don't, we check the
<div class="row">
<div class="col s12">
<p class="flow-text">Give your CSS a name</p>
<input placeholder="Some Lit CSS" id="css_name" type="text" {% if not new %}value="{{ css.name }}"{% endif %}>
<input placeholder="Some Lit CSS" id="css_name" type="text" {% if not new %}value="{{ css.name|e }}"{% endif %}>
<label for="css_name">Name</label>
</div>
{% if admin %}