#34: Escape HTML outputted by 'render-data' to prevent XSS attacks -------------------------+-------------------------------------------------- Reporter: sakhmechet | Owner: sakhmechet Type: defect | Status: closed Priority: medium | Milestone: 0.1 Component: weblocks | Version: pre-0.1 Resolution: fixed | Keywords: cross-site scripting SQL injection sanitize -------------------------+-------------------------------------------------- Changes (by sakhmechet): * resolution: => fixed * status: new => closed Comment: Fixed. 'render-data' now escapes all output. -- Ticket URL: <http://trac.common-lisp.net/cl-weblocks/ticket/34> cl-weblocks <http://common-lisp.net/project/cl-weblocks> cl-weblocks