Author vstinner
Recipients corona10, longwenzhang, mdk, vstinner, xtreak
Date 2019-09-25.11:01:41
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1569409301.31.0.251478165049.issue38243@roundup.psfhosted.org>
In-reply-to
Content
> I've proposed the patch on GitHub which escaping the server_title when the documenter.page is called. (It different point with msg353132.

The attached poc.py seems to show that server name and server documentation are not escaped neither.

server.set_server_name('test<script>')
server.set_server_documentation('test<script>')

Well, please write a test to check that ;-)
History
Date User Action Args
2019-09-25 11:01:41vstinnersetrecipients: + vstinner, mdk, corona10, xtreak, longwenzhang
2019-09-25 11:01:41vstinnersetmessageid: <1569409301.31.0.251478165049.issue38243@roundup.psfhosted.org>
2019-09-25 11:01:41vstinnerlinkissue38243 messages
2019-09-25 11:01:41vstinnercreate