Skip to content

Commit 64ce44b

Browse files
authored
escape json value in relation template (#598)
1 parent c438bd9 commit 64ce44b

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

starlette_admin/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
__version__ = "0.15.0rc0"
1+
__version__ = "0.15.0rc1"
22

33
from ._types import ExportType as ExportType
44
from ._types import RequestAction as RequestAction

starlette_admin/templates/forms/relation.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
class="form-control {{ 'field-has-one' if not field.many else 'field-has-many' }} {% if error %}is-invalid{% endif %}"
99
data-url="{{ url_for(__name__ ~ ':api', identity=foreign_model.identity) }}"
1010
data-pk="{{ fpk }}"
11-
{% if data %}data-initial="{{ (data if field.multiple else [data]) |tojson }}" {% endif %}
11+
{% if data %}data-initial="{{ (data if field.multiple else [data]) |tojson |forceescape }}" {% endif %}
1212
{% if field.multiple %}multiple{% endif %}>
1313
</select>
1414
{% if field.help_text %}

0 commit comments

Comments
 (0)