From: Andrew M. Kuchling Date: Wed, 31 Mar 2004 20:17:56 +0000 (+0000) Subject: [Bugfix candidate] Escape traceback type and value. There are probably additional... X-Git-Tag: v2.4a1~541 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b67c94318ec85722ce01c03955d6fbf50e3f7aa9;p=python [Bugfix candidate] Escape traceback type and value. There are probably additional cases where cgitb.py doesn't escape as paranoidly as it should (e.g. attribute names) --- diff --git a/Lib/cgitb.py b/Lib/cgitb.py index cd469adb48..ab4c598679 100644 --- a/Lib/cgitb.py +++ b/Lib/cgitb.py @@ -146,7 +146,8 @@ function calls leading up to the error, in the order they occurred.''' %s
''' % '\n'.join(rows)) - exception = ['

%s: %s' % (strong(str(etype)), str(evalue))] + exception = ['

%s: %s' % (strong(pydoc.html.escape(str(etype))), + pydoc.html.escape(str(evalue)))] if type(evalue) is types.InstanceType: for name in dir(evalue): if name[:1] == '_': continue