Remove dangerous safestring declaration
This declaration allows XSS content through the JSON and
is unnecessary for correct rendering of the content anyway.
Change-Id: I82355b37108609ae573237424e528aab86a24efc
Closes-Bug: 1667086
(cherry picked from commit a835dbfbaa
)
This commit is contained in:
parent
676b2b3472
commit
511b325b45
|
@ -14,7 +14,6 @@
|
||||||
|
|
||||||
import json
|
import json
|
||||||
|
|
||||||
from django.utils import safestring
|
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
from django.utils.translation import ungettext_lazy
|
from django.utils.translation import ungettext_lazy
|
||||||
|
|
||||||
|
@ -75,7 +74,7 @@ def get_rules_as_json(mapping):
|
||||||
rules = getattr(mapping, 'rules', None)
|
rules = getattr(mapping, 'rules', None)
|
||||||
if rules:
|
if rules:
|
||||||
rules = json.dumps(rules, indent=4)
|
rules = json.dumps(rules, indent=4)
|
||||||
return safestring.mark_safe(rules)
|
return rules
|
||||||
|
|
||||||
|
|
||||||
class MappingsTable(tables.DataTable):
|
class MappingsTable(tables.DataTable):
|
||||||
|
|
Loading…
Reference in New Issue