Skip to content
Browse files

Also escape quotes. Fix XSS bug.

  • Loading branch information...
1 parent b90063f commit c0f1898f1860ceab2a2176e4a43ff1b898b54adb @Rafiot committed
Showing with 1 addition and 1 deletion.
  1. +1 −1 website/master.py
View
2 website/master.py
@@ -130,7 +130,7 @@ def escape(self, var):
"""
Escape input
"""
- return cgi.escape(var)
+ return cgi.escape(var, True)
def reset_if_empty(self, to_check = None):
"""

0 comments on commit c0f1898

Please sign in to comment.
Something went wrong with that request. Please try again.