Browse Source

Don't escape HTML in the subject line of notification emails

pull/358/head
Pēteris Caune 4 years ago
parent
commit
9d2cf4f008
No known key found for this signature in database GPG Key ID: E28D7679E9A9EDE2
  1. 1
      CHANGELOG.md
  2. 8
      hc/api/tests/test_notify.py
  3. 2
      templates/emails/alert-subject.html

1
CHANGELOG.md

@ -8,6 +8,7 @@ All notable changes to this project will be documented in this file.
### Bug Fixes
- "Get a single check" API call now supports read-only API keys (#346)
- Don't escape HTML in the subject line of notification emails
## v1.14.0 - 2020-03-23

8
hc/api/tests/test_notify.py

@ -345,6 +345,14 @@ class NotifyTestCase(BaseTestCase):
self.assertEqual(Notification.objects.count(), 0)
self.assertEqual(len(mail.outbox), 0)
def test_email_handles_amperstand(self):
self._setup_data("email", "alice@example.org")
self.check.name = "Foo & Bar"
self.channel.notify(self.check)
email = mail.outbox[0]
self.assertEqual(email.subject, "DOWN | Foo & Bar")
@patch("hc.api.transports.requests.request")
def test_pd(self, mock_post):
self._setup_data("pd", "123")

2
templates/emails/alert-subject.html

@ -1,2 +1,2 @@
{{ check.status|upper }} | {{ check.name_then_code }}
{{ check.status|upper }} | {{ check.name_then_code|safe }}
Loading…
Cancel
Save