Modify

Opened 13 years ago

Closed 13 years ago

#9091 closed defect (fixed)

<b> tags in user registration notification

Reported by: willg@… Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: HTML escape i18n
Cc: Trac Release: 0.11

Description

I'm using Trac 0.11.7 packaged in Debian testing with AccountManagerPlugin from svn r10593.

When a user registers a new account, they're greeted with a notification with this text:

You may login as user <b>USERNAME</b> now.

The <b> </b> tags come from using tag.b in the value of the formatting dict, but that's wrong since the < and > get encoded.

Also, "login" is a noun. You really want to say "log in" here.

http://en.wikipedia.org/wiki/Login

The below takes out the tag.b and fixes login -> log in:

Index: web_ui.py =================================================================== --- web_ui.py (revision 10593) +++ web_ui.py (working copy) @@ -460,8 +460,8 @@

else:

chrome.add_notice(req, Markup(tag.span(tag(_(

"""Registration has been finished successfully.

  • You may login as user %(user)s now.""",
  • user=tag.b(req.args.get('username')))))))

+ You may log in as user %(user)s now.""", + user=req.args.get('username'))))))

req.redirect(req.href.login())

datareset_password_enabled? = AccountModule(self.env

).reset_password_enabled

Attachments (0)

Change History (7)

comment:1 in reply to:  description Changed 13 years ago by Steffen Hoffmann

Keywords: HTML escape i18n added
Status: newassigned

Replying to willg@bluesock.org:

I'm using Trac 0.11.7 packaged in Debian testing with AccountManagerPlugin from svn r10593.

Well, we should really have Trac 0.12.2 in testing instead, but that is another issue.

![...] The <b> </b> tags come from using tag.b in the value of the formatting dict, but that's wrong since the < and > get encoded.

Confirm, I've seen that lately on my own, but was busy fixing other things. However the real solution will prevent the escaping, since the highlighting of the username is intentionally there.

Also, "login" is a noun. You really want to say "log in" here.

Ok, looks reasonably, and as a non-native English speaker I'll certainly follow such advice - for the next major release, because it creates a new msgid (producing another i18n issue).

comment:2 Changed 13 years ago by Steffen Hoffmann

(In [10594]) AccountManagerPlugin: Prevent wrong HTML escapes for registration success message, refs #9091.

comment:3 Changed 13 years ago by Steffen Hoffmann

Report to fix in less than one hour. "Paid premium support" couldn't be faster, right? ;-)

comment:4 Changed 13 years ago by willg@…

You rock! Thank you!

comment:5 Changed 13 years ago by willg@…

Bah... I thought I was using Debian testing--but that's a different server. This server is Debian stable. Debian stable has Trac 0.11.7.

comment:6 Changed 13 years ago by Steffen Hoffmann

Changeset [10601] include this and some more msgid changes for next release.

In this special case translators most probably will just have to update their translations just by removing the fuzzy markers for existing message strings.

comment:7 Changed 13 years ago by Steffen Hoffmann

Resolution: fixed
Status: assignedclosed

(In [10618]) AccountManagerPlugin: Publish maintenance release 0.3.2, closes #9051, #9082, #9088, #9091, #9092, #9093, #9095, #9099, #9107, #9108 and #9109.

This is an update for current stable at 0.3.1 with a number of fixes for issues reported within the last weeks.

While they will go into acct_mgr-0.4 too, current code isn't ready for release yet and will introduce a number of backwards-incompatible changes. So don't hurry for acct_mgr-0.4 right now.

Just noticed what I'd call a bug in signatures.py and removed unreasonable dependency on identical absolute path for successful check. Looks like nobody else tried this by now, right? Hey folks!

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.