Ticket #9091 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

<b> tags in user registration notification

Reported by: willg@bluesock.org Assigned to: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: HTML escape i18n
Cc: Trac Release: 0.11

Description

I'm using Trac 0.11.7 packaged in Debian testing with AccountManagerPlugin from svn r10593.

When a user registers a new account, they're greeted with a notification with this text:

You may login as user <b>USERNAME</b> now.

The <b> </b> tags come from using tag.b in the value of the formatting dict, but that's wrong since the < and > get encoded.

Also, "login" is a noun. You really want to say "log in" here.

http://en.wikipedia.org/wiki/Login

The below takes out the tag.b and fixes login -> log in:

Index: web_ui.py =================================================================== --- web_ui.py (revision 10593) +++ web_ui.py (working copy) @@ -460,8 +460,8 @@

else:

chrome.add_notice(req, Markup(tag.span(tag(_(

"""Registration has been finished successfully.

- You may login as user %(user)s now.""", - user=tag.b(req.args.get('username'))))))) + You may log in as user %(user)s now.""", + user=req.args.get('username'))))))

req.redirect(req.href.login())

datareset_password_enabled? = AccountModule?(self.env

).reset_password_enabled

Attachments

Change History

(in reply to: ↑ description ) 08/13/11 21:36:39 changed by hasienda

  • status changed from new to assigned.
  • keywords set to HTML escape i18n.

Replying to willg@bluesock.org:

I'm using Trac 0.11.7 packaged in Debian testing with AccountManagerPlugin from svn r10593.

Well, we should really have Trac 0.12.2 in testing instead, but that is another issue.

[...] The <b> </b> tags come from using tag.b in the value of the formatting dict, but that's wrong since the < and > get encoded.

Confirm, I've seen that lately on my own, but was busy fixing other things. However the real solution will prevent the escaping, since the highlighting of the username is intentionally there.

Also, "login" is a noun. You really want to say "log in" here.

Ok, looks reasonably, and as a non-native English speaker I'll certainly follow such advice - for the next major release, because it creates a new msgid (producing another i18n issue).

08/13/11 21:58:18 changed by hasienda

(In [10594]) AccountManagerPlugin: Prevent wrong HTML escapes for registration success message, refs #9091.

08/13/11 22:02:00 changed by hasienda

Report to fix in less than one hour. "Paid premium support" couldn't be faster, right? ;-)

08/13/11 22:09:45 changed by willg@bluesock.org

You rock! Thank you!

08/13/11 23:01:57 changed by willg@bluesock.org

Bah... I thought I was using Debian testing--but that's a different server. This server is Debian stable. Debian stable has Trac 0.11.7.

08/15/11 01:03:51 changed by hasienda

Changeset [10601] include this and some more msgid changes for next release.

In this special case translators most probably will just have to update their translations just by removing the fuzzy markers for existing message strings.

08/26/11 00:50:37 changed by hasienda

  • status changed from assigned to closed.
  • resolution set to fixed.

(In [10618]) AccountManagerPlugin: Publish maintenance release 0.3.2, closes #9051, #9082, #9088, #9091, #9092, #9093, #9095, #9099, #9107, #9108 and #9109.

This is an update for current stable at 0.3.1 with a number of fixes for issues reported within the last weeks.

While they will go into acct_mgr-0.4 too, current code isn't ready for release yet and will introduce a number of backwards-incompatible changes. So don't hurry for acct_mgr-0.4 right now.

Just noticed what I'd call a bug in signatures.py and removed unreasonable dependency on identical absolute path for successful check. Looks like nobody else tried this by now, right? Hey folks!

Add/Change #9091 (<b> tags in user registration notification)




Change Properties
Action