[Bugfix candidate] Escape traceback type and value. There are probably additional...

author Andrew M. Kuchling <amk@amk.ca>

Wed, 31 Mar 2004 20:17:56 +0000 (20:17 +0000)

committer Andrew M. Kuchling <amk@amk.ca>

Wed, 31 Mar 2004 20:17:56 +0000 (20:17 +0000)
author Andrew M. Kuchling <amk@amk.ca>
Wed, 31 Mar 2004 20:17:56 +0000 (20:17 +0000)
committer Andrew M. Kuchling <amk@amk.ca>
Wed, 31 Mar 2004 20:17:56 +0000 (20:17 +0000)
diff --git a/Lib/cgitb.py b/Lib/cgitb.py

index cd469adb48f7083c96b15cc8e44217cafd80abaa..ab4c5986790cf68cb9b0145730b22d7ce77b3aa4 100644 (file)
--- a/Lib/cgitb.py
+++ b/Lib/cgitb.py
@@ -146,7 +146,8 @@ function calls leading up to the error, in the order they occurred.'''
  <table width="100%%" cellspacing=0 cellpadding=0 border=0>
  %s</table>''' % '\n'.join(rows))
  
-    exception = ['<p>%s: %s' % (strong(str(etype)), str(evalue))]
+    exception = ['<p>%s: %s' % (strong(pydoc.html.escape(str(etype))),
+                                pydoc.html.escape(str(evalue)))]
      if type(evalue) is types.InstanceType:
          for name in dir(evalue):
              if name[:1] == '_': continue
author	Andrew M. Kuchling <amk@amk.ca>
	Wed, 31 Mar 2004 20:17:56 +0000 (20:17 +0000)
committer	Andrew M. Kuchling <amk@amk.ca>
	Wed, 31 Mar 2004 20:17:56 +0000 (20:17 +0000)