Escaping error in CFA-Bot email notifications.

Question

Escaping error in CFA-Bot email notifications.

Closed this issue 10 years ago · 1 comments

Hello all,

When cfa-bot sends notifications for received applications, it does not properly encode (at least some) special characters (i.e. ').

Example: [The person's event] Event Application Received

Thanks

Answer 1 · 2015-01-18T22:12:59.000Z

Thanks for the bug report. It looks like we're escaping special HTML characters when we shouldn't be, I'll put in a fix whenever I get a chance. The relevant lines of code are here, they should be passed into the safe filter or in an autoescape block.
Note: All email subjects must be passed through the safe filter, the email bodies should be fine.