From 54fe49f3c58dee79a0b0099765b702b1def3b940 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomi=20Valentov=C3=A1?= <git@imaniti.org>
Date: Mon, 19 Aug 2024 23:51:48 +0200
Subject: [PATCH] escape json dump from fullcalendar

---
 calendar_utils/models.py                       |  3 ++-
 district/models.py                             |  6 +++---
 .../district/district_calendar_page.html       | 18 ++++++++++--------
 3 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/calendar_utils/models.py b/calendar_utils/models.py
index 07648403..a0ecc918 100644
--- a/calendar_utils/models.py
+++ b/calendar_utils/models.py
@@ -8,6 +8,7 @@ from django.core.serializers.json import DjangoJSONEncoder
 from django.core.validators import URLValidator, ValidationError
 from django.db import models, transaction
 from django.utils.timezone import now
+from django.utils.html import escape
 
 from .icalevents import icalevents
 from .parser import process_event_list
@@ -132,7 +133,7 @@ class CalendarMixin(models.Model):
 
             calendar_format_events.append(parsed_event)
 
-        return json.dumps(calendar_format_events)
+        return escape(json.dumps(calendar_format_events))
 
     def save(self, *args, **kwargs):
         # create or update related Calendar
diff --git a/district/models.py b/district/models.py
index 8b08fa37..5f699860 100644
--- a/district/models.py
+++ b/district/models.py
@@ -808,12 +808,12 @@ class DistrictCenterPage(
 
         desc = None
 
-        if self.perex:
+        if hasattr(self, "perex") and self.perex:
             desc = self.perex
-        elif self.text:
+        elif hasattr(self, "text") and self.text:
             desc = trim_to_length(strip_all_html_tags(self.text))
 
-        return desc
+        return ""
 
 
 class DistrictNewProgramPage(MainProgramPageMixin):
diff --git a/district/templates/district/district_calendar_page.html b/district/templates/district/district_calendar_page.html
index 4a037ffc..1ee980a5 100644
--- a/district/templates/district/district_calendar_page.html
+++ b/district/templates/district/district_calendar_page.html
@@ -5,13 +5,15 @@
 {% endblock %}
 
 {% block inner_content %}
-  <div class="__js-root __inner-content">
-    <ui-full-calendar
-      {% if page.calendar_url %}
-        events='{{ page.get_fullcalendar_data|safe }}'
-      {% else %}
-        events='{{ page.root_page.get_fullcalendar_data|safe }}'
-      {% endif %}
-    ></ui-full-calendar>
+  <div class="container--wide">
+    <div class="__js-root __inner-content">
+      <ui-full-calendar
+        {% if page.calendar_url %}
+          events='{{ page.get_fullcalendar_data|safe }}'
+        {% else %}
+          events='{{ page.root_page.get_fullcalendar_data|safe }}'
+        {% endif %}
+      ></ui-full-calendar>
+    </div>
   </div>
 {% endblock %}
-- 
GitLab