Skip to content

PR Escape for security #254

Closed
wants to merge 1 commit into from

1 participant

@ymeine
Aria Templates member
ymeine commented Nov 29, 2012

To avoid security issues such as code injection like cross-site scripting (XSS), the framework can now process the evaluation of expressions inside templates to make the output safe.

For now, this process is not automatic but it's going to be so in some cases in the 1.4 release.

@piuccio piuccio added a commit that referenced this pull request Nov 29, 2012
@ymeine ymeine feat #254 Escape for security e71fe6b
@ymeine ymeine closed this Nov 29, 2012
@ymeine ymeine reopened this Nov 29, 2012
@ymeine ymeine closed this Nov 29, 2012
@piuccio piuccio added a commit that referenced this pull request Nov 30, 2012
@piuccio piuccio fix #254 forbidden global in unit test ff8da22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.