On Fri, Apr 13, 2012 at 9:53 PM, Éric Araujo wrote:
> bugs.python.org already sanitizes the ok_message and Ezio already posted a
> patch to the upstream bug tracker, so I don’t see what else we could do.
I am +1 with Glyph that XSS protection in Roundup is an unreliable
hack. Ezio's patch just pr
bugs.python.org already sanitizes the ok_message and Ezio already posted
a patch to the upstream bug tracker, so I don’t see what else we could do.
Also note that the Firefox extension NoScript blocks the XSS in this case.
Regards
___
Python-Dev maili
On Fri, Apr 13, 2012 at 9:23 PM, anatoly techtonik wrote:
> Are there any good small Python libraries for making HTML safe out there?
>
> http://goo.gl/D6ag1
>
> Just to make sure that devs are aware of the problem, which was
> reported more than 6 months ago, gain some traction and release fix
>
Are there any good small Python libraries for making HTML safe out there?
http://goo.gl/D6ag1
Just to make sure that devs are aware of the problem, which was
reported more than 6 months ago, gain some traction and release fix
sooner. I am not sure what can you do with a stolen bugs.python.org
coo
