diff --git a/IPython/frontend/html/notebook/handlers.py b/IPython/frontend/html/notebook/handlers.py index 06a3b37e7..f9868054d 100644 --- a/IPython/frontend/html/notebook/handlers.py +++ b/IPython/frontend/html/notebook/handlers.py @@ -29,6 +29,7 @@ import time import uuid import os +import tornado from tornado import web from tornado import websocket @@ -225,7 +226,7 @@ class LoginHandler(AuthenticatedHandler): def _render(self, message=None): template = self.application.jinja2_env.get_template('login.html') self.write( template.render( - next=self.get_argument('next', default=self.application.ipython_app.base_project_url), + next=tornado.escape.url_escape(self.get_argument('next', default=self.application.ipython_app.base_project_url)), read_only=self.read_only, logged_in=self.logged_in, login_available=self.login_available, diff --git a/IPython/frontend/html/notebook/templates/login.html b/IPython/frontend/html/notebook/templates/login.html index 2ac7b653d..22fb50958 100644 --- a/IPython/frontend/html/notebook/templates/login.html +++ b/IPython/frontend/html/notebook/templates/login.html @@ -1,14 +1,14 @@ -{% extends page.html %} +{% extends "page.html" %} {% block stylesheet %} -{% end %} +{% endblock %} {% block login_widget %} -{% end %} +{% endblock %} {% block site %} @@ -16,27 +16,27 @@