gideonstar
/
blogthon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CSS prevention changed to a oneliner

This commit is contained in:
Stefan Ritter 2009-03-09 16:17:15 +01:00
parent 1649dab547
commit d03506dd2a
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
blogthon.cgi
View File

@ -54,12 +54,12 @@ if not ctext: ctext = ""
# Comment to commit?
if cname and ctext and ctitle:
# Prevent XSS hacks
cname = cname.replace("<", "&lt;")
cname = cname.replace(">", "&gt;")
cname = cname.replace("\"", "&quot;")
ctext = ctext.replace("<", "&lt;")
ctext = ctext.replace(">", "&gt;")
ctext = ctext.replace("\"", "&quot;")
cname = cname.replace("<", "&lt;") \
.replace(">", "&gt;") \
.replace("\"", "&quot;")
ctext = ctext.replace("<", "&lt;") \
.replace(">", "&gt;") \
.replace("\"", "&quot;")
# Add comment
comments_file = glob.glob(entries_dir + ctitle + '.comments')