encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-10-30 15:37:50 +03:00
Code Issues Packages Projects Releases Wiki Activity
4bb9a3c484
django-rest-framework/rest_framework/templates
History
Yury V. Zaytsev 4bb9a3c484 Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330) 
* Add test that verifies that HTML is correctly escaped in Browsable API views

* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode

* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
..
rest_framework Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330) 2019-01-16 12:36:25 +00:00