Changes between Initial Version and Version 1 of Ticket #21098


Ignore:
Timestamp:
09/12/2013 10:51:26 AM (2 years ago)
Author:
timo
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #21098

    • Property Needs documentation unset
    • Property Needs tests unset
    • Property Patch needs improvement unset
  • Ticket #21098 – Description

    initial v1  
    1 Getting an error in MultiValueDict on a POST, such as doing request.POST['foo'], will leak the POST data without any escaping by Django, i.e. the MultiValueDictKeyError contains an unescaped repr of request.POST, no matter if you've added for instance @sensitive_post_parameters("password").
     1Getting an error in `MultiValueDict` on a POST, such as doing `request.POST['foo']`, will leak the POST data without any escaping by Django, i.e. the `MultiValueDictKeyError` contains an unescaped `repr` of `request.POST`, no matter if you've added for instance `@sensitive_post_parameters("password")`.
Back to Top