Mercurial > moin > 1.9
changeset 6054:7dd392e803fa
security fix: XSS in useragents stats
author | Thomas Waldmann <tw AT waldmann-edv DOT de> |
---|---|
date | Wed, 20 Aug 2014 10:52:31 +0200 |
parents | f9da0da53a43 |
children | b9fe16430474 |
files | MoinMoin/stats/useragents.py |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/stats/useragents.py Mon Aug 04 23:36:41 2014 +0200 +++ b/MoinMoin/stats/useragents.py Wed Aug 20 10:52:31 2014 +0200 @@ -106,7 +106,7 @@ if total: for cnt, ua in data: try: - ua = unicode(ua) + ua = wikiutil.escape(unicode(ua)) agents.addRow((ua, "%.2f" % (100.0 * cnt / total))) cnt_printed += cnt except UnicodeError: