[pbs-devel] [PATCH proxmox-backup 1/2] server/email_notifications: do not double html escape

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Mar 17 20:39:14 CET 2021


On 17.03.21 15:19, Dominik Csapak wrote:
> the default escape handler is handlebars::html_escape, but this are
> plain text emails and we manually escape them for the html part, so
> set the default escape handler to 'no_escape'
> 
> this avoids double html escape for the characters: '&"<>' in emails
> 
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
>  src/server/email_notifications.rs | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/src/server/email_notifications.rs b/src/server/email_notifications.rs
> index 70e13053..2acee538 100644
> --- a/src/server/email_notifications.rs
> +++ b/src/server/email_notifications.rs
> @@ -194,6 +194,7 @@ lazy_static::lazy_static!{
>          let result: Result<(), TemplateError> = try_block!({
>  
>              hb.set_strict_mode(true);
> +            hb.register_escape_fn(handlebars::no_escape);
>  
>              hb.register_helper("human-bytes", Box::new(handlebars_humam_bytes_helper));
>              hb.register_helper("relative-percentage", Box::new(handlebars_relative_percentage_helper));
> 

for the record: This would need "server/email_notifications: do not panic on template registration"
to be applied before, else it does not applies.





More information about the pbs-devel mailing list