Mozilla does not want epydoc produced documentation on any of their web sites because they believe redirect.html is insecure and vulnerable to xss, see this bug report:
Comment #7 elucidates the fundamental issue, the dottedName variable is not escaped prior to being inserted into page content. Suggestions for fixing this include escaping the dottedName variable and/or providing an option to turn off the generation of the redirect.html file. FWIW it's not clear to me how useful the redirect feature is in the first place.
Log in to post a comment.