Roundup Tracker - Issues

Message5050

Author schlatterbeck
Recipients ThomasAH, ber, r.david.murray, schlatterbeck
Date 2014-03-31.16:22:24
Message-id <1396282945.74.0.759693431068.issue2550836@psf.upfronthosting.co.za>
In-reply-to 
Fixed in rca692423e401:
I've completely changed the way I guard against XSS security problems
raised in issue2550817 -- now I'm escaping when adding a new error or ok
message -- at a point where we still know where the message comes from.

This also makes it easier for users as no changes of installed templates
are necessary to be secure.

Can you check this if it works for you?

Thanks
Ralf
History
Date User Action Args
2014-03-31 16:22:25schlatterbecksetmessageid: <1396282945.74.0.759693431068.issue2550836@psf.upfronthosting.co.za>
2014-03-31 16:22:25schlatterbecksetrecipients: + schlatterbeck, ber, ThomasAH, r.david.murray
2014-03-31 16:22:25schlatterbecklinkissue2550836 messages
2014-03-31 16:22:24schlatterbeckcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020