Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Improved [4180] to add HTML escaping on the primary-key value in the …

…error message

git-svn-id: http://code.djangoproject.com/svn/django/trunk@4181 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 545ebf4395f24438c6ddc847f0794bfc83c6e934 1 parent 201704b
@adrianholovaty adrianholovaty authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  django/contrib/admin/views/main.py
View
2  django/contrib/admin/views/main.py
@@ -314,7 +314,7 @@ def change_stage(request, app_label, model_name, object_id):
try:
manipulator = model.ChangeManipulator(object_id)
except model.DoesNotExist:
- raise Http404('%s object with primary key %r does not exist' % (model_name, object_id))
+ raise Http404('%s object with primary key %r does not exist' % (model_name, escape(object_id)))
if request.POST:
new_data = request.POST.copy()
Please sign in to comment.
Something went wrong with that request. Please try again.