--- .../accounts/templates/accounts/subscriptions.html | 6 +++--- .../accounts/templates/accounts/user-widget.html | 2 +- .../core/templates/core/edit-team-membership.html | 6 +++--- distro_tracker/core/templates/core/news_list.html | 2 +- distro_tracker/core/templates/core/package.html | 2 +- distro_tracker/core/templates/core/team-list.html | 2 +- distro_tracker/core/templates/core/team-manage.html | 2 +- distro_tracker/core/templates/core/team.html | 2 +- distro_tracker/vendor/debian/tracker_panels.py | 20 +++++++++++++------- 9 files changed, 25 insertions(+), 19 deletions(-)
diff --git a/distro_tracker/accounts/templates/accounts/subscriptions.html b/distro_tracker/accounts/templates/accounts/subscriptions.html index cc0243d..02fab38 100644 --- a/distro_tracker/accounts/templates/accounts/subscriptions.html +++ b/distro_tracker/accounts/templates/accounts/subscriptions.html @@ -30,7 +30,7 @@ <button class='btn btn-sm btn-danger unsubscribe-all' data-email="{{ email }}">Unsubscribe all</button> </form> {% endif %} - <a href="{% url 'dtracker-accounts-profile-keywords' %}?email={{ email }}"> + <a href="{% url 'dtracker-accounts-profile-keywords' %}?email={{ email|urlencode:'' }}"> <button class="btn btn-sm btn-primary modify-default-keywords" data-email="{{ email }}">Modify keywords</button> </a> <div class="default-keywords" style="display: none;" id="default-keywords-{{ forloop.counter }}"> @@ -77,7 +77,7 @@ </div> <div class="col-md-6"> <div class="pull-xs-right"> - <a href="{% url 'dtracker-accounts-profile-keywords' %}?package={{ subscription.package }}&email={{ email }}"> + <a href="{% url 'dtracker-accounts-profile-keywords' %}?package={{ subscription.package|urlencode:'' }}&email={{ email|urlencode:'' }}"> <div class="btn btn-sm btn-primary modify-subscription-keywords" data-email="{{ email }}" data-package="{{ subscription.package }}">Modify keywords</div></a> <form style="margin-bottom: 0px;display:inline;" action="{% url 'dtracker-api-accounts-unsubscribe' %}" method="POST">{% csrf_token %} <input type="hidden" name="package" value="{{ subscription.package }}"> @@ -123,7 +123,7 @@ <div class="col-md-6"> <div class="pull-xs-right"> <div class="btn btn-sm btn-primary modify-membership-keywords" data-email="{{ email }}" data-href="{% url 'dtracker-team-set-keywords' membership.team.slug %}">Modify keywords</div> - <a class="btn btn-sm btn-primary" href="{% url 'dtracker-team-manage-membership' membership.team.slug %}?email={{ email }}">Manage subscriptions</a> + <a class="btn btn-sm btn-primary" href="{% url 'dtracker-team-manage-membership' membership.team.slug %}?email={{ email|urlencode:'' }}">Manage subscriptions</a> {% if membership.muted %} <form style="margin-bottom: 0px;display:inline;" action="{% url 'dtracker-team-unmute' membership.team.slug %}" method="POST">{% csrf_token %} {% else %} diff --git a/distro_tracker/accounts/templates/accounts/user-widget.html b/distro_tracker/accounts/templates/accounts/user-widget.html index a5b0247..5838afa 100644 --- a/distro_tracker/accounts/templates/accounts/user-widget.html +++ b/distro_tracker/accounts/templates/accounts/user-widget.html @@ -1,7 +1,7 @@ {% if user.is_authenticated %} <span><a href="{% url 'dtracker-accounts-profile' %}">Profile</a></span> <span>|</span> - <span><a id="account-logout" href="{% url 'dtracker-accounts-logout' %}?next={{ logout_redirect }}">Log out</a></span> + <span><a id="account-logout" href="{% url 'dtracker-accounts-logout' %}?next={{ logout_redirect|urlencode:'' }}">Log out</a></span> {% else %} <span><a id="account-register" href="{% url 'dtracker-accounts-register' %}">Register</a></span> <span>|</span> diff --git a/distro_tracker/core/templates/core/edit-team-membership.html b/distro_tracker/core/templates/core/edit-team-membership.html index 06125ed..745aed2 100644 --- a/distro_tracker/core/templates/core/edit-team-membership.html +++ b/distro_tracker/core/templates/core/edit-team-membership.html @@ -35,14 +35,14 @@ <form style="margin-bottom: 0px;" action="{% url 'dtracker-team-unmute' team.slug %}" method="POST">{% csrf_token %} <input type="hidden" name="package" value="{{ pkg }}"> <input type="hidden" name="email" value="{{ email }}"> - <input type="hidden" name="next" value="{% url 'dtracker-team-manage-membership' team.slug %}?page={{ page_obj.number }}&email={{ email }}"> + <input type="hidden" name="next" value="{% url 'dtracker-team-manage-membership' team.slug %}?page={{ page_obj.number|urlencode:'' }}&email={{ email|urlencode:'' }}"> <button class="btn btn-primary toggle-package-mute" data-email="{{ email }}" data-package="{{ subscription.package }}">Unmute</button> </form> {% else %} <form style="margin-bottom: 0px;" action="{% url 'dtracker-team-mute' team.slug %}" method="POST">{% csrf_token %} <input type="hidden" name="package" value="{{ pkg }}"> <input type="hidden" name="email" value="{{ email }}"> - <input type="hidden" name="next" value="{% url 'dtracker-team-manage-membership' team.slug %}?page={{ page_obj.number }}&email={{ email }}"> + <input type="hidden" name="next" value="{% url 'dtracker-team-manage-membership' team.slug %}?page={{ page_obj.number|urlencode:'' }}&email={{ email|urlencode:'' }}"> <button class="btn btn-danger toggle-package-mute" data-email="{{ email }}" data-package="{{ subscription.package }}">Mute</button> </form> {% endif %} @@ -70,7 +70,7 @@ <div class="text-xs-center"> <ul class="pagination"> {% for page in page_obj.paginator.page_range %} - <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page }}&email={{ membership.user_email.email }}">{{ page }}</a></li> + <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page|urlencode:'' }}&email={{ membership.user_email.email|urlencode:'' }}">{{ page }}</a></li> {% endfor %} </ul> </div> diff --git a/distro_tracker/core/templates/core/news_list.html b/distro_tracker/core/templates/core/news_list.html index c13952d..4f139ab 100644 --- a/distro_tracker/core/templates/core/news_list.html +++ b/distro_tracker/core/templates/core/news_list.html @@ -25,7 +25,7 @@ <div class="text-xs-center"> <ul class="pagination"> {% for page in page_obj.paginator.page_range %} - <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page }}">{{ page }}</a></li> + <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page|urlencode:'' }}">{{ page }}</a></li> {% endfor %} </ul> </div> diff --git a/distro_tracker/core/templates/core/package.html b/distro_tracker/core/templates/core/package.html index 2253794..1f29d33 100644 --- a/distro_tracker/core/templates/core/package.html +++ b/distro_tracker/core/templates/core/package.html @@ -33,7 +33,7 @@ <input type="hidden" name="package" value="{{ package }}"> <input type="hidden" name="email" value="{{ request.user.emails.all.0 }}"> {% else %} - <a href="{% url 'dtracker-accounts-choose-email' %}?package={{ package }}"> + <a href="{% url 'dtracker-accounts-choose-email' %}?package={{ package|urlencode:'' }}"> {% endif %} <button class="btn btn-default" id='subscribe-button' data-package="{{ package }}" data-get-emails="{% url 'dtracker-api-accounts-emails' %}" data-url="{% url 'dtracker-api-accounts-subscribe' %}">Subscribe</button> diff --git a/distro_tracker/core/templates/core/team-list.html b/distro_tracker/core/templates/core/team-list.html index ae1d1cc..4192515 100644 --- a/distro_tracker/core/templates/core/team-list.html +++ b/distro_tracker/core/templates/core/team-list.html @@ -27,7 +27,7 @@ <div class="text-xs-center"> <ul class="pagination"> {% for page in page_obj.paginator.page_range %} - <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page }}">{{ page }}</a></li> + <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page|urlencode:'' }}">{{ page }}</a></li> {% endfor %} </ul> </div> diff --git a/distro_tracker/core/templates/core/team-manage.html b/distro_tracker/core/templates/core/team-manage.html index c61eb8b..4cf0f7b 100644 --- a/distro_tracker/core/templates/core/team-manage.html +++ b/distro_tracker/core/templates/core/team-manage.html @@ -31,7 +31,7 @@ <div class="text-xs-center"> <ul class="pagination"> {% for page in page_obj.paginator.page_range %} - <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page }}">{{ page }}</a></li> + <li class="page-item{% if page_obj.number == page %} active{% endif %}"><a class="page-link" href="?page={{ page|urlencode:'' }}">{{ page }}</a></li> {% endfor %} </ul> </div> diff --git a/distro_tracker/core/templates/core/team.html b/distro_tracker/core/templates/core/team.html index 722e243..de338de 100644 --- a/distro_tracker/core/templates/core/team.html +++ b/distro_tracker/core/templates/core/team.html @@ -116,7 +116,7 @@ {% endif %} {% if user_member_of_team %} <div class="pull-xs-right"> - <a href="{% url 'dtracker-team-remove-package' team.slug %}?package={{ package }}"><span data-package="{{ package }}" class="remove-package-from-team-button">{% octicon 'trashcan' 'remove package from team' %}</span></a> + <a href="{% url 'dtracker-team-remove-package' team.slug %}?package={{ package|urlencode:'' }}"><span data-package="{{ package }}" class="remove-package-from-team-button">{% octicon 'trashcan' 'remove package from team' %}</span></a> </div> {% endif %} </div> diff --git a/distro_tracker/vendor/debian/tracker_panels.py b/distro_tracker/vendor/debian/tracker_panels.py index 2d48fb6..9569969 100644 --- a/distro_tracker/vendor/debian/tracker_panels.py +++ b/distro_tracker/vendor/debian/tracker_panels.py @@ -15,7 +15,7 @@ from __future__ import unicode_literals from django.core.urlresolvers import reverse from django.utils.encoding import force_text from django.utils.functional import cached_property -from django.utils.http import urlencode, urlquote +from django.utils.http import urlencode, urlquote, urlquote_plus from django.utils.safestring import mark_safe from distro_tracker.core.utils import get_or_none @@ -80,7 +80,8 @@ class BuildLogCheckLinks(LinksPanel.ItemProvider): has_checks = False logcheck_url = \ "https://qa.debian.org/bls/packages/{hash}/{pkg}.html".format( - hash=self.package.name[0], pkg=self.package.name) + hash=urlquote(self.package.name[0], safe=""), + pkg=urlquote(self.package.name, safe="")) try: infos = self.package.packageextractedinfo_set.get( key='reproducibility') @@ -91,7 +92,8 @@ class BuildLogCheckLinks(LinksPanel.ItemProvider): reproducibility_status = None reproducibility_url = \ "https://tests.reproducible-builds.org/debian/rb-pkg/{}.html" - reproducibility_url = reproducibility_url.format(self.package.name) + reproducibility_url = reproducibility_url.format( + urlquote(self.package.name, safe="")) return [ TemplatePanelItem('debian/logcheck-links.html', { @@ -116,7 +118,8 @@ class PopconLink(LinksPanel.ItemProvider): return [ LinksPanel.SimpleLinkItem( 'popcon', - self.POPCON_URL.format(package=self.package.name)) + self.POPCON_URL.format( + package=urlquote_plus(self.package.name))) ] @@ -156,7 +159,8 @@ class SourceCodeSearchLinks(LinksPanel.ItemProvider): links.append(LinksPanel.SimpleLinkItem( 'browse source code', self.SOURCES_URL_TEMPLATE.format( - package=self.package.name, suite=allowed_repo))) + package=urlquote(self.package.name, safe=""), + suite=urlquote(allowed_repo, safe="")))) break if 'unstable' in repositories: @@ -186,7 +190,8 @@ class DebtagsLink(LinksPanel.ItemProvider): LinksPanel.SimpleLinkItem( 'edit tags', self.SOURCES_URL_TEMPLATE.format( - package=self.package.name, maint=maintainer) + package=urlquote(self.package.name, safe=""), + maint=urlquote(maintainer, safe="")) ) ] @@ -228,7 +233,8 @@ class ScreenshotsLink(LinksPanel.ItemProvider): return [ LinksPanel.SimpleLinkItem( 'screenshots', - self.SOURCES_URL_TEMPLATE.format(package=self.package.name) + self.SOURCES_URL_TEMPLATE.format( + package=urlquote(self.package.name, safe="")) ) ] else: -- 2.14.1