[galaxy-dev] [hg] galaxy 2803: Prevent script tags in uploads as reported by ...
Nate Coraor
nate at bx.psu.edu
Fri Oct 2 14:26:36 EDT 2009
details: http://www.bx.psu.edu/hg/galaxy/rev/88fdb7f40b0e
changeset: 2803:88fdb7f40b0e
user: Nate Coraor <nate at bx.psu.edu>
date: Wed Sep 30 09:22:02 2009 -0400
description:
Prevent script tags in uploads as reported by Mitsuteru Nakao
1 file(s) affected in this change:
tools/data_source/upload.py
diffs (16 lines):
diff -r feec758a8774 -r 88fdb7f40b0e tools/data_source/upload.py
--- a/tools/data_source/upload.py Wed Sep 30 08:28:31 2009 -0400
+++ b/tools/data_source/upload.py Wed Sep 30 09:22:02 2009 -0400
@@ -49,10 +49,11 @@
regexp2 = re.compile( "<IFRAME[^>]*>", re.I )
regexp3 = re.compile( "<FRAMESET[^>]*>", re.I )
regexp4 = re.compile( "<META[^>]*>", re.I )
+ regexp5 = re.compile( "<SCRIPT[^>]*>", re.I )
lineno = 0
for line in temp:
lineno += 1
- matches = regexp1.search( line ) or regexp2.search( line ) or regexp3.search( line ) or regexp4.search( line )
+ matches = regexp1.search( line ) or regexp2.search( line ) or regexp3.search( line ) or regexp4.search( line ) or regexp5.search( line )
if matches:
if chunk is None:
temp.close()
More information about the galaxy-dev
mailing list