The application now correctly encodes the url query string for the profile-picture name (for security reasons), removed a left-over print-statement

application/app/templates/userPanel.html

@@ -3,7 +3,7 @@
 
 <div class="userPanel">
     <div class="userInfo">
-        <img src="{{ '/profilepictures?name='|add:user.profile_picture_filename }}">
+        <img src="/profilepictures?name={{ user.profile_picture_filename|urlencode }}">
         <span>
             {% if user.first_name != "" %}
                 {% translate "User" %}: {{ user.first_name }} {{ user.last_name }} ({{ user.username }})