Commit 32de78e3 authored by Aurel's avatar Aurel

escape the log returned to avoid interpretation by browser


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@38189 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 621f33c9
......@@ -42,6 +42,7 @@ from App.config import getConfiguration
from AccessControl import Unauthorized
from Products.ERP5Type.Cache import CachingMethod
from Products.ERP5Type import tarfile
from cgi import escape
_MARKER = []
......@@ -229,7 +230,7 @@ class IntrospectionTool(LogMixin, BaseTool):
"""
Tail the Event Log.
"""
return self._tailFile('log/event.log', 50)
return escape(self._tailFile('log/event.log', 50))
security.declareProtected(Permissions.ManagePortal, 'getAccessLog')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment