sourcehut
/
core.sr.ht
mirror of https://git.sr.ht/~sircmpwn/core.sr.ht
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
core.sr.ht/srht/graphql
History
Conrad Hoffmann d7502248e0 graphql: escape error messages for validation 
The GraphQL error messages can contain user-supplied input (such as text
input that was deemed invalid). However, the validation object's error
messages are intended for display (i.e. HTML rendering). To assert that
no user-supplied HTML is rendered, escape the GraphQL error messages as
they get copied to the validation object.

Thanks to Naglis Jonaitis for the report.
 		2024-01-24 13:25:17 +01:00
..
__init__.py srht/graphql: Add GraphQLOperation class 2022-06-29 17:21:18 +02:00
blueprint.py all: fix jinja2 regressions 2022-04-11 11:46:37 +02:00
client.py graphql: escape error messages for validation 2024-01-24 13:25:17 +01:00