Use "Safe" modifier for manually constructed safe HTML strings in templates (#29227)

Follow #29165. These HTML strings are safe to be rendered directly, to avoid double-escaping.
2025-07-24 19:28:38 +00:00 · 2024-02-18 09:48:59 +08:00
parent d73223bfc6
commit a784ed3d6c
12 changed files with 15 additions and 15 deletions
--- a/templates/admin/packages/list.tmpl
+++ b/templates/admin/packages/list.tmpl
@@ -88,7 +88,7 @@
 		{{ctx.Locale.Tr "packages.settings.delete"}}
 	</div>
 	<div class="content">
-		{{ctx.Locale.Tr "packages.settings.delete.notice" `<span class="name"></span>` `<span class="dataVersion"></span>` | Safe}}
+		{{ctx.Locale.Tr "packages.settings.delete.notice" (`<span class="name"></span>`|Safe) (`<span class="dataVersion"></span>`|Safe)}}
 	</div>
 	{{template "base/modal_actions_confirm" .}}
 </div>