[cl-weblocks-ticket] Re: #34: Escape HTML outputted by 'render-data' to prevent XSS attacks

3 Aug 2007


      #34: Escape HTML outputted by 'render-data' to prevent XSS attacks
-------------------------+--------------------------------------------------
  Reporter:  sakhmechet  |       Owner:  sakhmechet                                 
      Type:  defect      |      Status:  closed                                     
  Priority:  medium      |   Milestone:  0.1                                        
 Component:  weblocks    |     Version:  pre-0.1                                    
Resolution:  fixed       |    Keywords:  cross-site scripting SQL injection sanitize
-------------------------+--------------------------------------------------
Changes (by sakhmechet):
* resolution:  => fixed
  * status:  new => closed
Comment:
Fixed. 'render-data' now escapes all output.
-- 
Ticket URL: http://trac.common-lisp.net/cl-weblocks/ticket/34
cl-weblocks http://common-lisp.net/project/cl-weblocks
cl-weblocks

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

[cl-weblocks-ticket] Re: #34: Escape HTML outputted by 'render-data' to prevent XSS attacks