[cl-weblocks-ticket] Re: #34: Escape HTML outputted by 'render-data' to prevent XSS attacks
cl-weblocks
cl-weblocks-devel at common-lisp.net
Fri Aug 3 18:28:40 UTC 2007
#34: Escape HTML outputted by 'render-data' to prevent XSS attacks
-------------------------+--------------------------------------------------
Reporter: sakhmechet | Owner: sakhmechet
Type: defect | Status: closed
Priority: medium | Milestone: 0.1
Component: weblocks | Version: pre-0.1
Resolution: fixed | Keywords: cross-site scripting SQL injection sanitize
-------------------------+--------------------------------------------------
Changes (by sakhmechet):
* resolution: => fixed
* status: new => closed
Comment:
Fixed. 'render-data' now escapes all output.
--
Ticket URL: <http://trac.common-lisp.net/cl-weblocks/ticket/34>
cl-weblocks <http://common-lisp.net/project/cl-weblocks>
cl-weblocks
More information about the Cl-weblocks-ticket
mailing list