From 08163ced02addb14eefc9b3a03ed0192c2520327 Mon Sep 17 00:00:00 2001 From: Carlos Lopez Date: Tue, 7 Jan 2025 07:50:14 -0500 Subject: [PATCH] [IMP] account_banking_sepa_direct_debit: Use Markup for safe HTML rendering in message_post --- .../models/account_payment_order.py | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/account_banking_sepa_direct_debit/models/account_payment_order.py b/account_banking_sepa_direct_debit/models/account_payment_order.py index 66762066287..a20b9e05c55 100644 --- a/account_banking_sepa_direct_debit/models/account_payment_order.py +++ b/account_banking_sepa_direct_debit/models/account_payment_order.py @@ -3,6 +3,7 @@ # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). from lxml import etree +from markupsafe import Markup from odoo import _, exceptions, fields, models from odoo.exceptions import UserError @@ -296,11 +297,16 @@ def generated2uploaded(self): first_mandates.write({"recurrent_sequence_type": "recurring"}) for first_mandate in first_mandates: first_mandate.message_post( - body=_( - "Automatically switched from First to " - "Recurring when the debit order " - "{} has been marked as uploaded." - ).format(order.id, order.name) + body=Markup( + _( + "Automatically switched from First to " + "Recurring when the debit order " + "%(name)s " + "has been marked as uploaded.", + id=order.id, + name=order.name, + ) + ) ) return res