bpo-35603: Escape table header of make_table output that can cause potential XSS. (GH-11341)

author: Xtreak <tir.karthi@gmail.com> 2018-12-29 08:53:14 (GMT)
committer: Serhiy Storchaka <storchaka@gmail.com> 2018-12-29 08:53:14 (GMT)
commit: 78de01198b047347abc5e458851bb12c48429e24 (patch)
tree: 283cae69008846284c79afa38dcf1ccd148a7238 /Lib/difflib.py
parent: 1f511e1af060e98fb789319a96076c06e7f98135 (diff)
download: cpython-78de01198b047347abc5e458851bb12c48429e24.zip
cpython-78de01198b047347abc5e458851bb12c48429e24.tar.gz
cpython-78de01198b047347abc5e458851bb12c48429e24.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/Lib/difflib.py b/Lib/difflib.py
index 887c3c2..4571817 100644
--- a/Lib/difflib.py
+++ b/Lib/difflib.py
@@ -2036,6 +2036,10 @@ class HtmlDiff(object):
                 s.append( fmt % (next_id[i],next_href[i],fromlist[i],
                                            next_href[i],tolist[i]))
         if fromdesc or todesc:
+            fromdesc = fromdesc.replace("&", "&amp;").replace(">", "&gt;") \
+                                                     .replace("<", "&lt;")
+            todesc = todesc.replace("&", "&amp;").replace(">", "&gt;") \
+                                                 .replace("<", "&lt;")
             header_row = '<thead><tr>%s%s%s%s</tr></thead>' % (
                 '<th class="diff_next"><br /></th>',
                 '<th colspan="2" class="diff_header">%s</th>' % fromdesc,
author	Xtreak <tir.karthi@gmail.com>	2018-12-29 08:53:14 (GMT)
committer	Serhiy Storchaka <storchaka@gmail.com>	2018-12-29 08:53:14 (GMT)
commit	78de01198b047347abc5e458851bb12c48429e24 (patch)
tree	283cae69008846284c79afa38dcf1ccd148a7238 /Lib/difflib.py
parent	1f511e1af060e98fb789319a96076c06e7f98135 (diff)
download	cpython-78de01198b047347abc5e458851bb12c48429e24.zip cpython-78de01198b047347abc5e458851bb12c48429e24.tar.gz cpython-78de01198b047347abc5e458851bb12c48429e24.tar.bz2