HTML escape xml tags in EC2 responses.

Bug #1036347 reported by Roland Hochmuth
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Confirmed
Medium
Andrew James

Bug Description

XML escape characters "<" and ">" don't appear to be converted to "&lt" and "&gt" and probably should be.

The code that look like a possible problem is nova/api/faults.py

        resp.body = str('<?xml version="1.0"?>\n'
                         '<Response><Errors><Error><Code>%s</Code>'
                         '<Message>%s</Message></Error></Errors>'
                         '<RequestID>%s</RequestID></Response>' %
                         (utils.utf8(code), utils.utf8(message),
                         utils.utf8(ctxt.request_id)))

Andrew James (ajames)
Changed in nova:
assignee: nobody → Andrew James (ajames)
Revision history for this message
Thierry Carrez (ttx) wrote :

Also see bug 978439 which might be a duplicate, might fix both in one shot.

Changed in nova:
importance: Undecided → Medium
status: New → Confirmed
Revision history for this message
Andrew James (ajames) wrote :

This was fixed in bug 978439.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.