Python and cgi and <a> problem!

Jon Ribbens jon+usenet at
Mon Sep 23 23:19:50 EDT 2002

In article <Xns929330F5A61B0cliechtigmxnet at>, Chris Liechti wrote:
>>> print '<A href="%s">%s</A>' % (filename, filename)
>> I hope none of your filenames have '"', ">" or "&" in.
> yeah i avoid characters that are special to the shell in my filenames - i 
> even don't use " " very often. <wink>
> sure there are improvements, but its a start.

I'm not sure recommending completely broken and insecure code is ever
a good thing. No offence intended.

More information about the Python-list mailing list