Please sign in to comment.
Author: glyph Reviewer: mwh Fixes: #4900 This change makes error pages and directory listings explicitly set their encodings in the content-type HTTP header, which should prevent certain misguided browsers from potentially mis-detecting the encoding and allowing for inclusion of invalid / insecure content from users. git-svn-id: svn://svn.twistedmatrix.com/svn/Twisted/trunk@31388 bbbe8e31-12d6-0310-92fd-ac37d47ddeeb
- Loading branch information...
Showing with 53 additions and 3 deletions.
|@@ -0,0 +1,5 @@|
|+twisted.web will now properly specify an encoding (UTF-8) on error, redirect,|
|+and directory listing pages, so that IE7 and previous will not improperly guess|
|+the 'utf7' encoding in these cases. Please note that Twisted still sets a|
|+*default* content-type of 'text/html', and you shouldn't rely on that: you|
|+should set the encoding appropriately in your application.|