xss-fix - Githubissues

wardi / django-filebrowser-no-grappelli

django-filebrowser for default Django admin site. Based on https://github.com/sehmaschine/django-filebrowser v3.1 (before it was in git) Consider using https://github.com/smacker/django-filebrowser-no-grappelli which is based on a newer version

Other

150 stars 114 forks source link

xss-fix #29

Closed laat closed 12 years ago

laat commented 12 years ago

Example: admin/filebrowser/browse/?filter_type=">

this was fixed in django-filebrowser in commit e1d1fce2

wardi commented 12 years ago

thanks. I'm wondering if I should audit all the mark_safe()s in this code now.