My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
  Advanced search   Search tips   Subscriptions
Issue 59: Should greeting.content = self.request.get('content') be escaped?
1 person starred this issue and may be notified of changes. Back to list
Status:  New
Owner:  ----

Sign in to add a comment
Reported by, Feb 2, 2012
Line 43 of

greeting.content = self.request.get('content')

I guess it is better to have it escaped:

greeting.content = cgi.escape(self.request.get('content'))

Any suggestions? Correct me if I am wrong.
Sign in to add a comment

Powered by Google Project Hosting