Commits

Anonymous committed cca531d

Remove low-risk XSS vector in username validation

Comments (0)

Files changed (1)

                 user = User.objects.get(username__exact=self.clean_data['username'])
             except User.DoesNotExist:
                 return self.clean_data['username']
-            raise forms.ValidationError(u'The username "%s" is already taken. Please choose another.' % self.clean_data['username'])
+            raise forms.ValidationError(u'This username is already taken. Please choose another.')
     
     def clean_password2(self):
         """
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.