#26206 closed Bug (fixed)
Small in-text example is lost on "Security in Django"
| Reported by: | frostbtn | Owned by: | Tim Graham |
|---|---|---|---|
| Component: | Documentation | Version: | 1.9 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | yes | UI/UX: | no |
Description
After v 1.8 a tiny example has disappeared from Security in Django -> Cross site scripting (XSS) protection section:
<style class={{ var }}>...</style>
It is present on v 1.8 and before it:
https://docs.djangoproject.com/en/1.8/topics/security/#cross-site-scripting-xss-protection
And missing from v 1.9 and current vNext
https://docs.djangoproject.com/en/1.9/topics/security/#cross-site-scripting-xss-protection
https://docs.djangoproject.com/en/dev/topics/security/#cross-site-scripting-xss-protection
(I came across it from somewhat misleading conversation on bleach sanitizer: https://github.com/mozilla/bleach/issues/133)
Change History (3)
comment:1 by , 9 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
| Triage Stage: | Unreviewed → Accepted |
comment:2 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
In f2b45dd: