[Erp5-report] r38189 aurel - /erp5/trunk/products/ERP5/Tool/IntrospectionTool.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Wed Sep 8 09:30:49 CEST 2010
Author: aurel
Date: Wed Sep 8 09:30:47 2010
New Revision: 38189
URL: http://svn.erp5.org?rev=38189&view=rev
Log:
escape the log returned to avoid interpretation by browser
Modified:
erp5/trunk/products/ERP5/Tool/IntrospectionTool.py
Modified: erp5/trunk/products/ERP5/Tool/IntrospectionTool.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/Tool/IntrospectionTool.py?rev=38189&r1=38188&r2=38189&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/Tool/IntrospectionTool.py [utf8] (original)
+++ erp5/trunk/products/ERP5/Tool/IntrospectionTool.py [utf8] Wed Sep 8 09:30:47 2010
@@ -42,6 +42,7 @@ from App.config import getConfiguration
from AccessControl import Unauthorized
from Products.ERP5Type.Cache import CachingMethod
from Products.ERP5Type import tarfile
+from cgi import escape
_MARKER = []
@@ -229,7 +230,7 @@ class IntrospectionTool(LogMixin, BaseTo
"""
Tail the Event Log.
"""
- return self._tailFile('log/event.log', 50)
+ return escape(self._tailFile('log/event.log', 50))
security.declareProtected(Permissions.ManagePortal, 'getAccessLog')
More information about the Erp5-report
mailing list