lms · 90a72ddba690c99f10d0e044cc30bf0637d1292d · edx / edx-platform

To prevent XSS attacks, we now properly escape any string containing
the user's fullname. Enumerated by searching webview.py for "fullname",
and "git grep"-ing any occurrences. This also exposed some unused strings,
which I deleted for clarity.

committed Mar 21, 2016

90a72ddb

Name	Last commit	Last update
..
djangoapps		Loading commit data...
envs		Loading commit data...
lib		Loading commit data...
static		Loading commit data...
templates		Loading commit data...
README.rst		Loading commit data...
__init__.py		Loading commit data...
celery.py		Loading commit data...
startup.py		Loading commit data...
tests.py		Loading commit data...
urls.py		Loading commit data...
wsgi.py		Loading commit data...
wsgi_apache_lms.py		Loading commit data...

README.rst