Commit Graph

1 Commits

Author SHA1 Message Date
Zachery Metcalf 35328be26b
Escape strings in HTML output (XSS fix)
Modify the template producing HTML error responses to correctly
escape all strings that are possibly coming from the client making the
request. Before this change, the error responses were vulnerable to XSS
(cross-site scripting) attacks.
2018-01-25 14:16:24 +01:00