#26206 closed Bug (fixed)
Small in-text example is lost on "Security in Django"
Reported by: | frostbtn | Owned by: | Tim Graham |
---|---|---|---|
Component: | Documentation | Version: | 1.9 |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Accepted | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | yes | UI/UX: | no |
Description
After v 1.8 a tiny example has disappeared from Security in Django -> Cross site scripting (XSS) protection section:
<style class={{ var }}>...</style>
It is present on v 1.8 and before it:
https://docs.djangoproject.com/en/1.8/topics/security/#cross-site-scripting-xss-protection
And missing from v 1.9 and current vNext
https://docs.djangoproject.com/en/1.9/topics/security/#cross-site-scripting-xss-protection
https://docs.djangoproject.com/en/dev/topics/security/#cross-site-scripting-xss-protection
(I came across it from somewhat misleading conversation on bleach
sanitizer: https://github.com/mozilla/bleach/issues/133)
Change History (3)
comment:1 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
Triage Stage: | Unreviewed → Accepted |
comment:2 by , 9 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
In f2b45dd: