zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-05-16 09:37:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

more linting to account for mark_safe html

Browse source
This commit is contained in:
David Kennedy 2024-01-19 14:59:52 -05:00
parent 69adb0db48
commit bcbd7927b3
No known key found for this signature in database
GPG key ID: 6528A5386E66B96B
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/registrar/admin.py
View file

@ -21,6 +21,7 @@ from auditlog.models import LogEntry # type: ignore
from auditlog.admin import LogEntryAdmin # type: ignore from auditlog.admin import LogEntryAdmin # type: ignore
from django_fsm import TransitionNotAllowed # type: ignore from django_fsm import TransitionNotAllowed # type: ignore
from django.utils.safestring import mark_safe from django.utils.safestring import mark_safe
from django.utils.html import escape
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -490,8 +491,11 @@ class ContactAdmin(ListHeaderAdmin):
if related_objects: if related_objects:
for url, obj in related_objects: for url, obj in related_objects:
message = f"Joined to {obj.__class__.__name__}: <a href='{url}'>{obj}</a>" escaped_obj = escape(obj)
message_html = mark_safe(message) message = f"Joined to {obj.__class__.__name__}: <a href='{url}'>{escaped_obj}</a>"
# message_html is considered safe html. It is generated from a finite list of strings
# which are generated from django objects. And a django object, which is escaped
message_html = mark_safe(message) # nosec
messages.warning( messages.warning(
request, request,
message_html, message_html,