Python and cgi and <a> problem!

Jon Ribbens jon+usenet at unequivocal.co.uk
Tue Sep 24 05:19:50 CEST 2002


In article <Xns929330F5A61B0cliechtigmxnet at 62.2.16.82>, Chris Liechti wrote:
>>> print '<A href="%s">%s</A>' % (filename, filename)
>> 
>> I hope none of your filenames have '"', ">" or "&" in.
> 
> yeah i avoid characters that are special to the shell in my filenames - i 
> even don't use " " very often. <wink>
> 
> sure there are improvements, but its a start.

I'm not sure recommending completely broken and insecure code is ever
a good thing. No offence intended.



More information about the Python-list mailing list