gideonstar/blogthon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CSS prevention changed to a oneliner

Browse Source
This commit is contained in:
Stefan Ritter 2009-03-09 16:17:15 +01:00
parent 1649dab547
commit d03506dd2a
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
blogthon.cgi
View File

@ -54,12 +54,12 @@ if not ctext: ctext = ""
# Comment to commit? # Comment to commit?
if cname and ctext and ctitle: if cname and ctext and ctitle:
# Prevent XSS hacks # Prevent XSS hacks
cname = cname.replace("<", "&lt;") cname = cname.replace("<", "&lt;") \
cname = cname.replace(">", "&gt;") .replace(">", "&gt;") \
cname = cname.replace("\"", "&quot;") .replace("\"", "&quot;")
ctext = ctext.replace("<", "&lt;") ctext = ctext.replace("<", "&lt;") \
ctext = ctext.replace(">", "&gt;") .replace(">", "&gt;") \
ctext = ctext.replace("\"", "&quot;") .replace("\"", "&quot;")
# Add comment # Add comment
comments_file = glob.glob(entries_dir + ctitle + '.comments') comments_file = glob.glob(entries_dir + ctitle + '.comments')