[http] fix traceback page xss

Eugeny · Jun 8, 2014 · d3fc5eb · d3fc5eb
1 parent 19b741e
commit d3fc5eb
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/ajenti/routing.py b/ajenti/routing.py
@@ -1,3 +1,4 @@
+import cgi
 import socketio
 import traceback
 
@@ -90,4 +91,4 @@ def respond_error(self, context, exception):
                 </pre>
             </body>
         </html>
-        """ % stack
+        """ % cgi.escape(stack)