Possible fix for JS injection issue
I believe the problem lies in this file. I’m unable to get my box to update the file when I push it and I’m not sure why. Please test and report back.
This commit is contained in:
parent
b1382377b9
commit
3ef2526bcc
|
@ -11,9 +11,11 @@ print "Content-type:text/html\r\n\r\n"
|
|||
|
||||
values = cgi.FieldStorage()
|
||||
if values.has_key("name"):
|
||||
name = values["name"].value
|
||||
rawname = values["name"].value
|
||||
else:
|
||||
name = " "
|
||||
rawname = " "
|
||||
namepass = re.sub("<", "<", rawname)
|
||||
name = re.sub(">", ">", namepass)
|
||||
if values.has_key("data"):
|
||||
rawdata = values["data"].value
|
||||
else:
|
||||
|
@ -23,7 +25,7 @@ data = re.sub(">", ">", datapass)
|
|||
color = values["color"].value
|
||||
curdate = datetime.datetime.now()
|
||||
|
||||
process_form( name , rawdata , color )
|
||||
process_form( rawname , rawdata , color )
|
||||
|
||||
print """<html><body>ok</body></html>"""
|
||||
|
||||
|
|
Loading…
Reference in New Issue