Merge pull request #98 from plone/maurits-xss-master
Fixed possible cross site scripting attack on moderate comments page [master]
This commit is contained in:
commit
43ea783824
@ -14,7 +14,7 @@ New features:
|
||||
|
||||
Bug fixes:
|
||||
|
||||
- *add item here*
|
||||
- Fixed possible cross site scripting (XSS) attack on moderate comments page. [maurits]
|
||||
|
||||
|
||||
|
||||
|
@ -110,7 +110,7 @@
|
||||
tal:content="item/in_response_to" />
|
||||
</td>
|
||||
<td>
|
||||
<span tal:replace="structure item/Description" />
|
||||
<span tal:replace="item/Description" />
|
||||
<a href=""
|
||||
tal:attributes="href string:${item/getURL}/getText"
|
||||
tal:condition="python:item.Description.endswith('[...]')"
|
||||
|
Loading…
Reference in New Issue
Block a user