changeset 2523:ee8d1a2cc252

XSS fix for format_error
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 23 Jul 2007 02:27:16 +0200
parents d73957833b45
children 35dcbfc32a57
files MoinMoin/macro/__init__.py
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/macro/__init__.py	Mon Jul 23 02:23:36 2007 +0200
+++ b/MoinMoin/macro/__init__.py	Mon Jul 23 02:27:16 2007 +0200
@@ -135,7 +135,7 @@
 
     def format_error(self, err):
         """ format an error object for output instead of normal macro output """
-        return u'[[%s: %s]]' % (self.name, unicode(err))
+        return self.formatter.text(u'[[%s: %s]]' % (self.name, unicode(err)))
 
     def execute(self, macro_name, args):
         """ Get and execute a macro