summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Longbons <b.r.longbons@gmail.com>2013-06-14 10:52:20 -0700
committerBen Longbons <b.r.longbons@gmail.com>2013-06-14 10:52:52 -0700
commit58bdb8247e03630fad1b25cdb0d7dce697e8c29d (patch)
tree6226a1104933a1aaba14aadac1c4f21fc89cd82b
parentc095b1bb900459b38813ba738914df8c5287b3c9 (diff)
downloadserverdata-58bdb8247e03630fad1b25cdb0d7dce697e8c29d.tar.gz
serverdata-58bdb8247e03630fad1b25cdb0d7dce697e8c29d.tar.bz2
serverdata-58bdb8247e03630fad1b25cdb0d7dce697e8c29d.tar.xz
serverdata-58bdb8247e03630fad1b25cdb0d7dce697e8c29d.zip
Escape URL strings in news.html
-rw-r--r--tools/_news_colors.py3
-rw-r--r--world/map/news.html4
2 files changed, 5 insertions, 2 deletions
diff --git a/tools/_news_colors.py b/tools/_news_colors.py
index 8b0c00b9..e98f73bf 100644
--- a/tools/_news_colors.py
+++ b/tools/_news_colors.py
@@ -20,6 +20,8 @@
## You should have received a copy of the GNU General Public License
## along with this program. If not, see <http://www.gnu.org/licenses/>.
+import cgi
+
__all__ = ['make_html_colors_dict', 'make_txt_colors_dict']
class Color(object):
@@ -49,6 +51,7 @@ class HtmlDate(object):
class HtmlLink(object):
__slots__ = ()
def __format__(self, target):
+ target = cgi.escape(target, True)
return '<a href="%s">%s</a>' % (target, target)
class HtmlSignature(object):
diff --git a/world/map/news.html b/world/map/news.html
index 7ff09d46..2d7ccba0 100644
--- a/world/map/news.html
+++ b/world/map/news.html
@@ -103,7 +103,7 @@ This means there was some downtime, starting at 16:00 UTC.
Most work was done in 1.5 hours, with a brief shutdown later.
DNS settings may take a while to propogate.
<p/>
-For more information, see <a href="http://forums.themanaworld.org/viewtopic.php?f=1&t=17126">http://forums.themanaworld.org/viewtopic.php?f=1&t=17126</a>
+For more information, see <a href="http://forums.themanaworld.org/viewtopic.php?f=1&amp;t=17126">http://forums.themanaworld.org/viewtopic.php?f=1&amp;t=17126</a>
<p/>
-<font color="#009000">the TMWC</font>
</div>
@@ -198,7 +198,7 @@ support, depending on exactly how old it is:
Of course, if a particular client release is
buggy, we may not be able to support it at all.
<p/>
-For more details, see <a href="http://forums.themanaworld.org/viewtopic.php?f=4&t=16867">http://forums.themanaworld.org/viewtopic.php?f=4&t=16867</a>.
+For more details, see <a href="http://forums.themanaworld.org/viewtopic.php?f=4&amp;t=16867">http://forums.themanaworld.org/viewtopic.php?f=4&amp;t=16867</a>.
<p/>
ManaPlus is available at <a href="http://manaplus.evolonline.org/">http://manaplus.evolonline.org/</a>
<p/>