CSS prevention changed to a oneliner
This commit is contained in:
parent
1649dab547
commit
d03506dd2a
12
blogthon.cgi
12
blogthon.cgi
@ -54,12 +54,12 @@ if not ctext: ctext = ""
|
||||
# Comment to commit?
|
||||
if cname and ctext and ctitle:
|
||||
# Prevent XSS hacks
|
||||
cname = cname.replace("<", "<")
|
||||
cname = cname.replace(">", ">")
|
||||
cname = cname.replace("\"", """)
|
||||
ctext = ctext.replace("<", "<")
|
||||
ctext = ctext.replace(">", ">")
|
||||
ctext = ctext.replace("\"", """)
|
||||
cname = cname.replace("<", "<") \
|
||||
.replace(">", ">") \
|
||||
.replace("\"", """)
|
||||
ctext = ctext.replace("<", "<") \
|
||||
.replace(">", ">") \
|
||||
.replace("\"", """)
|
||||
|
||||
# Add comment
|
||||
comments_file = glob.glob(entries_dir + ctitle + '.comments')
|
||||
|
Loading…
Reference in New Issue
Block a user