1 files changed, 32 insertions, 0 deletions

diff --git a/rpms/sugar/0041-Dextrose-Escape-all-text-passed-to-Palette.primary_t.patch b/rpms/sugar/0041-Dextrose-Escape-all-text-passed-to-Palette.primary_t.patch
new file mode 100644
index 0000000..4ec2b7f
--- /dev/null
+++ b/rpms/sugar/0041-Dextrose-Escape-all-text-passed-to-Palette.primary_t.patch
@@ -0,0 +1,32 @@
+From cecd2a7a9af344292b6b274afb6007f56857d453 Mon Sep 17 00:00:00 2001
+From: Sascha Silbe <silbe@activitycentral.com>
+Date: Sat, 25 Jun 2011 12:12:55 +0200
+Subject: [PATCH sugar 41/74] Dextrose: Escape all text passed to
+ Palette.primary_text and .secondary_text
+
+sugar.graphics.palette.Palette passes primary_text and secondary_text through
+to GTK without escaping it, so we need to make sure it doesn't contain
+anything special in user data (activity title, bundle_id, nick name, etc.) or
+translations.
+
+Signed-off-by: Sascha Silbe <silbe@activitycentral.com>
+---
+ src/jarabe/view/palettes.py |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/src/jarabe/view/palettes.py b/src/jarabe/view/palettes.py
+index 02648b7..7a17f32 100644
+--- a/src/jarabe/view/palettes.py
++++ b/src/jarabe/view/palettes.py
+@@ -303,7 +303,7 @@ class JournalXSPalette(Palette):
+     def __init__(self, xs_hostname):
+         Palette.__init__(self, _('School Server'))
+ 
+-        self.props.secondary_text = xs_hostname
++        self.props.secondary_text = glib.markup_escape_text(xs_hostname)
+ 
+         vbox = gtk.VBox()
+         self.set_content(vbox)
+-- 
+1.7.6
+