Improved [4180] to add HTML escaping on the primary-key value in the error message

git-svn-id: http://code.djangoproject.com/svn/django/trunk@4181 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Adrian Holovaty 2006-12-07 15:14:35 +00:00
parent 201704be3d
commit 545ebf4395
1 changed files with 1 additions and 1 deletions

View File

@ -314,7 +314,7 @@ def change_stage(request, app_label, model_name, object_id):
try: try:
manipulator = model.ChangeManipulator(object_id) manipulator = model.ChangeManipulator(object_id)
except model.DoesNotExist: except model.DoesNotExist:
raise Http404('%s object with primary key %r does not exist' % (model_name, object_id)) raise Http404('%s object with primary key %r does not exist' % (model_name, escape(object_id)))
if request.POST: if request.POST:
new_data = request.POST.copy() new_data = request.POST.copy()