[virtualcommons-svn] commit/vcweb: alllee: html escaping incoming chat messages
Status: Beta
Brought to you by:
alllee
Menu
▾
▴
[virtualcommons-svn] commit/vcweb: alllee: html escaping incoming chat messages
|
From: Bitbucket <com...@bi...> - 2011-08-12 08:10:20
|
1 new changeset in vcweb: http://bitbucket.org/virtualcommons/vcweb/changeset/8c69762b8eb6/ changeset: 8c69762b8eb6 user: alllee date: 2011-08-12 10:10:11 summary: html escaping incoming chat messages affected #: 1 file (127 bytes) --- a/vcweb/lighterprints/forms.py Fri Aug 12 00:52:12 2011 -0700 +++ b/vcweb/lighterprints/forms.py Fri Aug 12 01:10:11 2011 -0700 @@ -1,9 +1,14 @@ from django import forms +from django.utils.html.escape import escape + class ChatForm(forms.Form): message = forms.CharField(required=True, max_length=512) participant_group_id = forms.IntegerField(required=True, widget=forms.HiddenInput) + def clean_message(self): + return escape(self.cleaned_data['message']) + class ActivityForm(forms.Form): activity_id = forms.IntegerField(required=True, widget=forms.HiddenInput) Repository URL: https://bitbucket.org/virtualcommons/vcweb/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email. |
