Browse Source

Remove dangerous safestring declaration

This declaration allows XSS content through the JSON and
is unnecessary for correct rendering of the content anyway.

Change-Id: I82355b37108609ae573237424e528aab86a24efc
Closes-Bug: 1667086
(cherry picked from commit a835dbfbaa)
Richard Jones 2 years ago
parent
commit
ce80bb6fec
1 changed files with 1 additions and 2 deletions
  1. 1
    2
      openstack_dashboard/dashboards/identity/mappings/tables.py

+ 1
- 2
openstack_dashboard/dashboards/identity/mappings/tables.py View File

@@ -14,7 +14,6 @@
14 14
 
15 15
 import json
16 16
 
17
-from django.utils import safestring
18 17
 from django.utils.translation import ugettext_lazy as _
19 18
 from django.utils.translation import ungettext_lazy
20 19
 
@@ -75,7 +74,7 @@ def get_rules_as_json(mapping):
75 74
     rules = getattr(mapping, 'rules', None)
76 75
     if rules:
77 76
         rules = json.dumps(rules, indent=4)
78
-    return safestring.mark_safe(rules)
77
+    return rules
79 78
 
80 79
 
81 80
 class MappingsTable(tables.DataTable):

Loading…
Cancel
Save