Switch to base body
Add proper escaping
-{% extends '@RapsysAir/mail/base.html.twig' %}
+{% extends '@RapsysAir/base.html.twig' %}
{% block stylesheets %}
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
{% block stylesheets %}
<meta name="viewport" content="width=device-width" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
{% block body %}
<table class="header">
<tr>
{% block body %}
<table class="header">
<tr>
- <td><a href="{{ site_url }}"><img src="{{ email.image(site_logo) }}" alt="{{ site_title|trans }}" /></a></td>
- <td><h1><a href="{{ site_url }}">{{ site_title|trans }}</a></h1></td>
+ <td><a href="{{ site_url|escape('html_attr') }}"><img src="{{ email.image(site_logo) }}" alt="{{ site_title|escape('html_attr') }}" /></a></td>
+ <td><h1><a href="{{ site_url|escape('html_attr') }}">{{ site_title }}</a></h1></td>
</tr>
</table>
{% block content %}{% endblock %}
<table class="footer">
<tr>
</tr>
</table>
{% block content %}{% endblock %}
<table class="footer">
<tr>
- <td>{{ copy_long|trans }} - {{ copy_short|trans }}</td>
+ <td>{{ copy_long }} - {{ copy_short }}</td>
</tr>
</table>
{% endblock %}
</tr>
</table>
{% endblock %}
<tr>
<td> </td>
<td>
<tr>
<td> </td>
<td>
- <h2>{{ 'Subject: %subject%'|trans({'%subject%': 'welcome back to %site_title%'|trans({'%site_title%': site_title|trans})}) }}</h2>
- <p>{{ 'Thanks so much for rejoining %site_title%, the space reservation program.'|trans({'%site_title%': site_title|trans}) }}</p>
- <p>{% trans %}To recover your account you can follow this link: {% endtrans %}</p>
- <p><a href="{{ recover_url }}">{{ recover_url }}</a></p>
+ <h2>{{ 'Subject: %subject%'|trans({'%subject%': 'welcome back to %site_title%'|trans({'%site_title%': site_title})|raw}) }}</h2>
+ <p>{{ 'Thanks so much for rejoining %site_title%, the space reservation program.'|trans({'%site_title%': site_title}) }}</p>
+ <p>{{ 'To recover your account you can follow this link: '|trans }}</p>
+ <p><a href="{{ recover_url|escape('html_attr') }}">{{ recover_url }}</a></p>
</td>
<td> </td>
</tr>
</td>
<td> </td>
</tr>
<tr>
<td> </td>
<td>
<tr>
<td> </td>
<td>
- <h2>{{ 'Subject: %subject%'|trans({'%subject%': 'welcome back to %site_title%'|trans({'%site_title%': site_title|trans})}) }}</h2>
- <p>{{ 'Thanks so much for rejoining %site_title%, the space reservation program.'|trans({'%site_title%': site_title|trans}) }}</p>
- <p>{% trans %}Your account password has been changed, to recover your account you can follow this link: {% endtrans %}</p>
- <p><a href="{{ recover_url }}">{{ recover_url }}</a></p>
+ <h2>{{ 'Subject: %subject%'|trans({'%subject%': 'welcome back to %site_title%'|trans({'%site_title%': site_title})|raw}) }}</h2>
+ <p>{{ 'Thanks so much for rejoining %site_title%, the space reservation program.'|trans({'%site_title%': site_title}) }}</p>
+ <p>{{ 'Your account password has been changed, to recover your account you can follow this link: '|trans }}</p>
+ <p><a href="{{ recover_url|escape('html_attr') }}">{{ recover_url }}</a></p>
</td>
<td> </td>
</tr>
</td>
<td> </td>
</tr>
<tr>
<td> </td>
<td>
<tr>
<td> </td>
<td>
- <h2>{{ 'Subject: %subject%'|trans({'%subject%': 'welcome to %site_title%'|trans({'%site_title%': site_title|trans})}) }}</h2>
+ <h2>{{ 'Subject: %subject%'|trans({'%subject%': 'welcome to %site_title%'|trans({'%site_title%': site_title})|raw}) }}</h2>
<h3>{{ 'Hi %recipient_name%,'|trans({'%recipient_name%': recipient_name}) }}</h3>
<h3>{{ 'Hi %recipient_name%,'|trans({'%recipient_name%': recipient_name}) }}</h3>
- <p>{{ 'Thanks so much for joining %site_title%, the space reservation program.'|trans({'%site_title%': site_title|trans}) }}</p>
+ <p>{{ 'Thanks so much for joining %site_title%, the space reservation program.'|trans({'%site_title%': site_title}) }}</p>
</td>
<td> </td>
</tr>
</td>
<td> </td>
</tr>
Rapsys Git / airbundle / commitdiff