Message353170
> I've proposed the patch on GitHub which escaping the server_title when the documenter.page is called. (It different point with msg353132.
The attached poc.py seems to show that server name and server documentation are not escaped neither.
server.set_server_name('test<script>')
server.set_server_documentation('test<script>')
Well, please write a test to check that ;-) |
|
Date |
User |
Action |
Args |
2019-09-25 11:01:41 | vstinner | set | recipients:
+ vstinner, mdk, corona10, xtreak, longwenzhang |
2019-09-25 11:01:41 | vstinner | set | messageid: <1569409301.31.0.251478165049.issue38243@roundup.psfhosted.org> |
2019-09-25 11:01:41 | vstinner | link | issue38243 messages |
2019-09-25 11:01:41 | vstinner | create | |
|