Jinja2 autoescape plugin need to be updated
Bug #1684249 reported by
Travis McPeak
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Bandit |
Fix Released
|
Undecided
|
Rajath Agasthya |
Bug Description
The Jinja2 autoescape check doesn't work with the new suggested way of escaping as described here:
http://
An example of a safe way to escape is selectively for html and xss:
env = Environment(
loader=
autoescape=
)
We should update the Bandit plugin to not flag people following the Jinja directions.
Changed in bandit: | |
assignee: | nobody → Rajath Agasthya (rajagast) |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/488939
Review: https:/