[Checkins] SVN: grokui.admin/trunk/src/grokui/admin/security.py Escape security notes.
Uli Fouquet
uli at gnufix.de
Tue Dec 23 11:36:52 EST 2008
Log message for revision 94291:
Escape security notes.
Changed:
U grokui.admin/trunk/src/grokui/admin/security.py
-=-
Modified: grokui.admin/trunk/src/grokui/admin/security.py
===================================================================
--- grokui.admin/trunk/src/grokui/admin/security.py 2008-12-23 16:11:08 UTC (rev 94290)
+++ grokui.admin/trunk/src/grokui/admin/security.py 2008-12-23 16:36:52 UTC (rev 94291)
@@ -16,6 +16,7 @@
The machinery to do home-calling security notifications.
"""
import grok
+import cgi
import time
import urllib2
import urlparse
@@ -123,7 +124,8 @@
opener = urllib2.build_opener(http_handler)
req = urllib2.Request(url)
try:
- self._message = opener.open(req).read()
+ message = opener.open(req).read()
+ self._message = cgi.escape(message)
self._warningstate = True
except (urllib2.HTTPError, OSError), e:
if (getattr(e, 'code', None) == 404) or (
More information about the Checkins
mailing list