Project

General

Profile

Actions

Bug #6850

closed

It's not recommended to escape ' to '

Added by spastorino (Santiago Pastorino) over 11 years ago. Updated over 11 years ago.

Status:
Closed
Target version:
ruby -v:
2.0.0dev
Backport:
[ruby-core:47095]


Related issues 1 (0 open1 closed)

Related to Ruby master - Bug #5485: ERB html_escape should follow OWASP recommendationsClosedshugo (Shugo Maeda)10/26/2011Actions

Updated by xibbar (Takeyuki FUJIOKA) over 11 years ago

  • Assignee set to xibbar (Takeyuki FUJIOKA)

Updated by xibbar (Takeyuki FUJIOKA) over 11 years ago

  • Status changed from Open to Assigned
Actions #4

Updated by xibbar (Takeyuki FUJIOKA) over 11 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r36692.
Santiago, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


Tue Aug 14 11:55:37 2012 Takeyuki FUJIOKA

  • lib/cgi/util.rb (CGI::escapeHTML): ' is not recommended. [Bug #6850]
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0