Skip to content
Snippets Groups Projects
Unverified Commit afa18f1b authored by Patrick Cloke's avatar Patrick Cloke Committed by GitHub
Browse files

Clarify documentation about escaping URLs in templates. (#9310)

parent 7a0dcea3
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
changelog.d/9310.doc 0 → 100644
+ 1
0
View file @ afa18f1b
Clarify the sample configuration for changes made to the template loading code.
docs/sample_config.yaml
+ 4
10
View file @ afa18f1b
...@@ -1961,8 +1961,7 @@ sso: ...@@ -1961,8 +1961,7 @@ sso:
# #
# When rendering, this template is given the following variables: # When rendering, this template is given the following variables:
# * redirect_url: the URL that the user will be redirected to after # * redirect_url: the URL that the user will be redirected to after
# login. Needs manual escaping (see # login.
# https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * server_name: the homeserver's name. # * server_name: the homeserver's name.
# #
...@@ -2040,15 +2039,12 @@ sso: ...@@ -2040,15 +2039,12 @@ sso:
# #
# When rendering, this template is given the following variables: # When rendering, this template is given the following variables:
# #
# * redirect_url: the URL the user is about to be redirected to. Needs # * redirect_url: the URL the user is about to be redirected to.
# manual escaping (see
# https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * display_url: the same as `redirect_url`, but with the query # * display_url: the same as `redirect_url`, but with the query
# parameters stripped. The intention is to have a # parameters stripped. The intention is to have a
# human-readable URL to show to users, not to use it as # human-readable URL to show to users, not to use it as
# the final address to redirect to. Needs manual escaping # the final address to redirect to.
# (see https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * server_name: the homeserver's name. # * server_name: the homeserver's name.
# #
...@@ -2068,9 +2064,7 @@ sso: ...@@ -2068,9 +2064,7 @@ sso:
# process: 'sso_auth_confirm.html'. # process: 'sso_auth_confirm.html'.
# #
# When rendering, this template is given the following variables: # When rendering, this template is given the following variables:
# * redirect_url: the URL the user is about to be redirected to. Needs # * redirect_url: the URL the user is about to be redirected to.
# manual escaping (see
# https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * description: the operation which the user is being asked to confirm # * description: the operation which the user is being asked to confirm
# #
......
synapse/config/sso.py
+ 4
10
View file @ afa18f1b
...@@ -106,8 +106,7 @@ class SSOConfig(Config): ...@@ -106,8 +106,7 @@ class SSOConfig(Config):
# #
# When rendering, this template is given the following variables: # When rendering, this template is given the following variables:
# * redirect_url: the URL that the user will be redirected to after # * redirect_url: the URL that the user will be redirected to after
# login. Needs manual escaping (see # login.
# https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * server_name: the homeserver's name. # * server_name: the homeserver's name.
# #
...@@ -185,15 +184,12 @@ class SSOConfig(Config): ...@@ -185,15 +184,12 @@ class SSOConfig(Config):
# #
# When rendering, this template is given the following variables: # When rendering, this template is given the following variables:
# #
# * redirect_url: the URL the user is about to be redirected to. Needs # * redirect_url: the URL the user is about to be redirected to.
# manual escaping (see
# https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * display_url: the same as `redirect_url`, but with the query # * display_url: the same as `redirect_url`, but with the query
# parameters stripped. The intention is to have a # parameters stripped. The intention is to have a
# human-readable URL to show to users, not to use it as # human-readable URL to show to users, not to use it as
# the final address to redirect to. Needs manual escaping # the final address to redirect to.
# (see https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * server_name: the homeserver's name. # * server_name: the homeserver's name.
# #
...@@ -213,9 +209,7 @@ class SSOConfig(Config): ...@@ -213,9 +209,7 @@ class SSOConfig(Config):
# process: 'sso_auth_confirm.html'. # process: 'sso_auth_confirm.html'.
# #
# When rendering, this template is given the following variables: # When rendering, this template is given the following variables:
# * redirect_url: the URL the user is about to be redirected to. Needs # * redirect_url: the URL the user is about to be redirected to.
# manual escaping (see
# https://jinja.palletsprojects.com/en/2.11.x/templates/#html-escaping).
# #
# * description: the operation which the user is being asked to confirm # * description: the operation which the user is being asked to confirm
# #
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment