[docs] [issue26398] cgi.escape() Can Lead To XSS and HTML Vulnerabilities
Dhiraj
report at bugs.python.org
Sun Feb 21 07:31:25 EST 2016
Dhiraj added the comment:
Hello @martin.panter okay But still the module cgi.escape() Vulnerable if the Python Docs have created a new html.escape so you might remove the cgi.escape() or Implement the quote = True in cgi.escape() Predefine as its in html.escape because Developer mostly use CGI.
Its an Humble request , I hope I did well.
Thank You martin.panter
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26398>
_______________________________________
More information about the docs
mailing list