fix(authorities): clarify number of references in docket authorities #4968
Conversation
Similar to the authorities property, but instead of an OpinionsCitedByRECAPDocuments, it returns an Opinion queryset.
We were listing OpinionsCitedByRECAPDocuments instead of Opinions, so the list of authorities shown repeated the same Opinion several times if multiple documents in the same docket cited it. We now list Opinions instead, and the template is more descriptive.
![semgrep-app[bot]](https://avatars.githubusercontent.com/in/60555?s=60&v=4){kind=small}
| </a> | ||
| make {{ opinion.total_depth }} references to | ||
| <a href="{{ opinion.cluster.get_absolute_url }}{% querystring %}" {% if opinion.cluster.blocked %}rel="nofollow" {% endif %}> | ||
| {{ opinion.cluster.caption|safe|v_wrapper }} |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Detected a segment of a Flask template where autoescaping is explicitly disabled with '| safe' filter. This allows rendering of raw HTML in this segment. Ensure no user data is rendered here, otherwise this is a cross-site scripting (XSS) vulnerability.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Leave a nosemgrep comment directly above or at the end of line 11 like so // nosemgrep: python.flask.security.xss.audit.template-unescaped-with-safe.template-unescaped-with-safe
Take care to validate that this is not a true positive finding before ignoring it.
Learn more about ignoring code, files and folders here.
You can view more details about this finding in the Semgrep AppSec Platform.
|
Looks good! |
Fixes #4865
Before this PR
After this PR
WIP: