On Fri, Aug 21, 2009 at 10:33 AM, "Martin v. Löwis"<[email protected]> wrote: > Which way should PyPI go: escape all markup if ReST rendering fails? > Or else allow arbitrary HTML to be embedded? I'm worried that somebody > would create a cross-site attack out of that...
Same here; the text in the <pre> should be properly escaped. -Fred -- Fred L. Drake, Jr. <fdrake at gmail.com> "Chaos is the score upon which reality is written." --Henry Miller _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
