Mercurial > p > roundup > code

comparison roundup/cgi/wsgi_handler.py @ 5664:5579fa034f9e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix fix XSS issue in wsgi and cgi when handing url not found/404. issue2551035
author John Rouillard <rouilj@ieee.org>
date Fri, 22 Mar 2019 18:16:11 -0400
parents dccf9b7e5ee4
children 1a835db41674
comparison
equal deleted inserted replaced
5663:a884698173ea 5664:5579fa034f9e
67 request.translator) 67 request.translator)
68 try: 68 try:
69 client.main() 69 client.main()
70 except roundup.cgi.client.NotFound: 70 except roundup.cgi.client.NotFound:
71 request.start_response([('Content-Type', 'text/html')], 404) 71 request.start_response([('Content-Type', 'text/html')], 404)
72 request.wfile.write(s2b('Not found: %s'%client.path)) 72 request.wfile.write(s2b('Not found: %s'%cgi.escape(client.path)))
73 73
74 # all body data has been written using wfile 74 # all body data has been written using wfile
75 return [] 75 return []
76 76
77 def start_response(self, headers, response_code): 77 def start_response(self, headers, response_code):
Roundup Issue Tracker: http://roundup-tracker.org/