Mercurial > kallithea

diff setup.py @ 7401:5746cc3b3fa5 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib: use bleach to sanitize HTML generated from markdown - fix XSS issue when repo front page shows README.md Reported by Bob Hogg <wombat@rwhogg.site> .
author Mads Kiilerich <mads@kiilerich.com>
date Sun, 21 Oct 2018 17:44:06 +0200
parents cefb13bad9b5
children 22c8f23cc75b
line wrap: on
line diff
--- a/setup.py	Sun Oct 21 17:42:37 2018 +0200
+++ b/setup.py	Sun Oct 21 17:44:06 2018 +0200
@@ -57,6 +57,7 @@
     "Routes==1.13",
     "dulwich>=0.9.9,<=0.9.9",
     "mercurial>=2.9,<4.3",
+    "bleach >= 3.0, < 3.1",
 ]
 
 if sys.version_info < (2, 7):