Ross Poulton 738a88a5aa * Fix an XSS hole: No user-sourced HTML is displayed at all. Descriptions, resolutions and followup comments are treated as text using force_escape and linebreaksbr template filters. (Issue #39) ... * Incoming email also handled slightly differently: If an email has both HTML and Plain-text parts, the plain text is used in the ticket description and/or followup comment fields. The HTML portion is attached as 'email_html_body.html' so it can be viewed by the user. If an HTML-only email is received, the body is entered as "View attachment for body". (Issue #39)		2009-01-19 09:40:14 +00:00
..
commands	* Fix an XSS hole: No user-sourced HTML is displayed at all. Descriptions, resolutions and followup comments are treated as text using force_escape and linebreaksbr template filters. (Issue #39)	2009-01-19 09:40:14 +00:00
__init__.py	Big bugfix release - addresses a number of issues introduced in recent Django	2008-08-18 21:29:31 +00:00