Re: [Piglit] [PATCH] Escape HTML output when generating test result pages.

Dylan Baker Tue, 22 Oct 2013 14:54:47 -0700

On Tuesday, October 22, 2013 05:28:38 AM Paul Berry wrote:
> If a test generates output containing '<', '>', or '&', we need to
> HTML escape it so that the web browser doesn't interpret it as
> containing HTML tags.
> 
> While we're at it, go ahead and HTML escape the traceback and dmesg
> outputs too.
> ---
>  templates/test_result.mako | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/templates/test_result.mako b/templates/test_result.mako
> index b23fb8e..a2c749c 100644
> --- a/templates/test_result.mako
> +++ b/templates/test_result.mako
> @@ -31,7 +31,7 @@
>        <tr>
>          <td>Info</td>
>          <td>
> -          <pre>${info}</pre>
> +          <pre>${info | h}</pre>
>          </td>
>        </tr>
>        <tr>
> @@ -43,13 +43,13 @@
>        <tr>
>          <td>Traceback</td>
>          <td>
> -          <pre>${traceback}</pre>
> +          <pre>${traceback | h}</pre>
>          </td>
>        </tr>
>        <tr>
>          <td>dmesg</td>
>          <td>
> -          <pre>${dmesg}</pre>
> +          <pre>${dmesg | h}</pre>
>          </td>
>        </tr>
>      </table>


I had not idea mako had that feature, but it's dang useful

Reveiwed-by: Dylan Baker <baker.dyla...@gmail.com>

signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Piglit mailing list
Piglit@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/piglit

Re: [Piglit] [PATCH] Escape HTML output when generating test result pages.

Reply via email to