openstack/horizon
Code Issues Proposed changes

Remove dangerous safestring declaration

Browse Source 
This declaration allows XSS content through the JSON and
is unnecessary for correct rendering of the content anyway.

Change-Id: I82355b37108609ae573237424e528aab86a24efc
Closes-Bug: 1667086
This commit is contained in:
Richard Jones
2017-03-07 16:55:39 +11:00
parent 8a2da91ff9
commit a835dbfbaa
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
openstack_dashboard/dashboards/identity/mappings/tables.py
View File

@@ -14,7 +14,6 @@
import json import json
from django.utils import safestring
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from django.utils.translation import ungettext_lazy from django.utils.translation import ungettext_lazy
@@ -75,7 +74,7 @@ def get_rules_as_json(mapping):
rules = getattr(mapping, 'rules', None) rules = getattr(mapping, 'rules', None)
if rules: if rules:
rules = json.dumps(rules, indent=4) rules = json.dumps(rules, indent=4)
return safestring.mark_safe(rules) return rules
class MappingsTable(tables.DataTable): class MappingsTable(tables.DataTable):