Project

General

Profile

Actions

Bug #6850

closed

It's not recommended to escape ' to '

Added by spastorino (Santiago Pastorino) almost 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Target version:
ruby -v:
2.0.0dev
Backport:
[ruby-core:47095]


Related issues 1 (0 open1 closed)

Related to Ruby master - Bug #5485: ERB html_escape should follow OWASP recommendationsClosedshugo (Shugo Maeda)10/26/2011Actions

Updated by xibbar (Takeyuki FUJIOKA) almost 10 years ago

  • Assignee set to xibbar (Takeyuki FUJIOKA)

Updated by xibbar (Takeyuki FUJIOKA) almost 10 years ago

  • Status changed from Open to Assigned
Actions #4

Updated by xibbar (Takeyuki FUJIOKA) almost 10 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r36692.
Santiago, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


Tue Aug 14 11:55:37 2012 Takeyuki FUJIOKA

  • lib/cgi/util.rb (CGI::escapeHTML): ' is not recommended. [Bug #6850]
Actions

Also available in: Atom PDF