subject:"\[PATCH\] Escape HTML in Apache\:\:Status data and env dump"

Re: [PATCH] Escape HTML in Apache::Status data and env dump

2004-10-05 Thread Stas Bekman

Markus Wichitill wrote: The fact that HTML in dumped variables in Apache::Status messes up the output has always bugged me, and this is also a potential XSS security issue, so here's a patch to escape the markup. Thanks Markus! Commmitted with minor tweaks. --

[PATCH] Escape HTML in Apache::Status data and env dump

2004-10-05 Thread Markus Wichitill

The fact that HTML in dumped variables in Apache::Status messes up the output has always bugged me, and this is also a potential XSS security issue, so here's a patch to escape the markup. Index: lib/Apache/Status.pm === RCS file: /