extern/django-helpdesk
1
0
Fork 1
mirror of https://github.com/django-helpdesk/django-helpdesk.git synced 2024-12-13 18:31:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
705c32908a
django-helpdesk/management/commands
History
Ross Poulton 738a88a5aa * Fix an XSS hole: No user-sourced HTML is displayed at all. Descriptions, resolutions and followup comments are treated as text using force_escape and linebreaksbr template filters. (Issue #39) 
* Incoming email also handled slightly differently: If an email has both HTML and Plain-text parts, the plain text is used in the ticket description and/or followup comment fields. The HTML portion is attached as 'email_html_body.html' so it can be viewed by the user. If an HTML-only email is received, the body is entered as "View attachment for body". (Issue #39)
2009-01-19 09:40:14 +00:00
..
__init__.py Big bugfix release - addresses a number of issues introduced in recent Django 2008-08-18 21:29:31 +00:00
create_escalation_exclusions.py * Issue #23 - 'verbose' option on create_escalation_exclusions 2008-11-18 00:00:36 +00:00
escalate_tickets.py * Large change to clean up the codebase: Decrease excess whitespace at ends 2008-08-19 08:50:38 +00:00
get_email.py * Fix an XSS hole: No user-sourced HTML is displayed at all. Descriptions, resolutions and followup comments are treated as text using force_escape and linebreaksbr template filters. (Issue #39) 2009-01-19 09:40:14 +00:00