Skip to content

use urlize filter wherever we use linebreaks

Bengfort requested to merge 1864-ugc-urlize into main

See https://docs.djangoproject.com/en/3.0/ref/templates/builtins/#urlize

The goal here is that users can easily enter links to external documentation.

I am not 100% from a security standpoint. There have been a few denial-of-service issues related to regex backtracking, but that shouldn't be too bad. javascript: URLs should be prevented by our CSP. But still this increases the attack surface.

Merge request reports