Review: Approve

Thanks for this massive update and keeping our homepage alive and kicking!

Drive by comment, only refering to the questions you've asked. I did not review 
the rest of the change - it seems massive.

> Providing usernames for JS when writing PMs: This is maybe a security risk 
> because a username can contain an at sign (@). The Django documentation says:

Are we sure usernames can only contain the following characters? @A-Za-z0-9 If 
yes, than that function is indeed safe. If they can contain other characters 
(."'/\) we will be vulnerable.

> RegEx urls

Seems correct to me. 


This is as sufficiently good hasher for us. 

> Replacing lambdas with callables: Django can't serialize lambdas for 
> migrations. For the screens app i have replaced the lambdas with callables: 

For this I do not know. If it works in your tests, that is probably all fine. 

Your team Widelands Developers is subscribed to branch lp:widelands-website.

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to